An anonymous reader quotes the Huffington Post:

Six months ago, under tremendous public pressure, YouTube announced that it would tweak its algorithm to recommend fewer videos “that could misinform users in harmful ways.” It was a major step for a company that has spent years driving people toward increasingly sensationalist content — including dangerous disinformation — that would keep viewers glued to their screens for as long as possible to maximize advertising revenue. The announcement in late January triggered panic within YouTube’s sprawling network of conspiracy theorists. [But] the audience for YouTube’s top conspiracy theory channels is still growing, a HuffPost investigation has found… Some channels are growing at slower rates than before, others at around the same rates or a bit more rapidly… [A]ll are still drawing in new viewers — and the creators behind them remain undeterred.

There are significant financial incentives for conspiracy theorists to keep churning out clickbait disinformation on YouTube: They can still promote their merchandise and third-party fundraising pages on their videos, and they can still take a cut of the earnings from ads on their content through YouTube’s monetization program. The payoff can be huge.

Views from video recommendations, which can be especially vital for new YouTube pages trying to develop audiences, have been cut in half for content featuring harmful misinformation, a YouTube spokesperson told HuffPost. But for massive conspiracy theory channels — channels that YouTube’s algorithm has already catapulted into notoriety, giving them large and loyal followings — the change has been largely ineffective in suppressing their influence…. YouTube acted “way too late,” said former Google engineer Guillaume Chaslot, who helped design YouTube’s algorithm. “The harm that’s been done in many cases can’t now be undone.”

Read more of this story at Slashdot.

Source: Slashdot – ‘YouTube’s Plan To Rein In Conspiracy Theories Is Failing’

“Google is giving Chrome extension makers until October 15 to minimize the amount of data they collect during browser sessions or face expulsion from the Chrome Web Store,” reports PC Magazine:

The change addresses how the extensions generally need to request certain permissions from your browser in order to function. However, some of these permissions can be pretty powerful; they can include the ability to take desktop screenshots, capture audio from a microphone, and collect data from the local file system, among other things, which can open the door to potential abuse.

The risks prompted Google to work toward securing the 180,000+ Chrome extensions on the company’s official web store. “We’re requiring extensions to only request access to the least amount of data,” the company said in a Tuesday blog post. “While this has previously been encouraged of developers, now we’re making this a requirement for all extensions.”

Read more of this story at Slashdot.

Source: Slashdot – In 80 Days, Google Will Require Chrome Extensions To Request ‘The Least Amount of Data’

An anonymous reader quotes Vice:
In May, Microsoft released a patch for a bug in several versions of Windows that is so bad that the company felt it even had to release a fix for Windows XP, an operating system that (has been unsupported) for five years. That vulnerability is known as BlueKeep, and it has kept a lot of security researchers up at night. They are worried that someone could write an exploit for it and make a worm that could wreak havoc the way WannaCry or NotPetya — two viruses that spread almost uncontrollably all over the world locking thousands of computers — did…. Researchers were so worried about this vulnerability that for months, no one has published the code for a proof-of-concept exploit. In other words, no one wanted to be the guy to even prove that this type of malware was even possible to write.

Until now.

On Tuesday, Immunity, a long time US government contractor, announced that it had developed an exploit for BlueKeep and included it into its penetration testing toolkit Canvas, which is available only to paying subscribers. Canvas customers, can now exploit this bug using Immunity’s own code.

ZDNet notes that Canvas licenses “cost between thousands and tens of thousands of US dollars,” but also adds that “hackers have been known to pirate or legitimately buy penetration testing tools.”

Read more of this story at Slashdot.

Source: Slashdot – Penetration Testing Toolkit Includes Exploit For ‘Incredibly Dangerous’ Bluekeep Vulnerability

Long-time Slashdot reader JonZittrain is an international law professor at Harvard Law School, and an EFF board member. Wednesday he contacted us to share his new article in the New Yorker:
I’ve been thinking about what happens when AI gives us seemingly correct answers that we wouldn’t have thought of ourselves, without any theory to explain them. These answers are a form of “intellectual debt” that we figure we’ll repay — but too often we never get around to it, or even know where it’s accruing.

A more detailed (and unpaywalled) version of the essay draws a little from how and when it makes sense to pile up technical debt to ask the same questions about intellectual debt.

The first article argues that new AI techniques “increase our collective intellectual credit line,” adding that “A world of knowledge without understanding becomes a world without discernible cause and effect, in which we grow dependent on our digital concierges to tell us what to do and when.”

And the second article has a great title. “Intellectual Debt: With Great Power Comes Great Ignorance.” It argues that machine learning “at its best gives us answers as succinct and impenetrable as those of a Magic 8-Ball — except they appear to be consistently right.” And it ultimately raises the prospect that humanity “will build models dependent on, and in turn creating, underlying logic so far beyond our grasp that they defy meaningful discussion and intervention…”

Read more of this story at Slashdot.

Source: Slashdot – Will Machine Learning Build Up Dangerous ‘Intellectual Debt’?