Netflix has confirmed that its live-action take on One Piece will be streaming in 2023. The Verge reports: That’s about all we know so far; Netflix didn’t give a specific date, though the company did show off a new poster for its adaptation of Eiichiro Oda’s long-running pirate manga / anime. The adaptation was first announced back in 2020 and will be led by showrunners Matt Owens and Steven Maeda. The main cast includes the likes of Inaki Godoy as Luffy (who you can see the back of in the new poster), Mackenyu as Zoro, Emily Rudd as Nami, Jacob Romero Gibson as Usopp, and Taz Skylar as Sanji. The Verge notes that One Piece “follows some less-than-impressive live-action anime adaptations from Netflix, including a Death Note film and a Cowboy Bebop series that was canceled after one season.”

Read more of this story at Slashdot.

Source: Slashdot – Netflix’s Live-Action One Piece Series Is Coming In 2023

An anonymous reader quotes a report from Motherboard: It was only a matter of time before the wave of artificial intelligence-generated voice startups became a play thing of internet trolls. On Monday, ElevenLabs, founded by ex-Google and Palantir staffers, said it had found an “increasing number of voice cloning misuse cases” during its recently launched beta. ElevenLabs didn’t point to any particular instances of abuse, but Motherboard found 4chan members appear to have used the product to generate voices that sound like Joe Rogan, Ben Sharpio, and Emma Watson to spew racist and other sorts of material. ElevenLabs said it is exploring more safeguards around its technology.

The clips uploaded to 4chan on Sunday are focused on celebrities. But given the high quality of the generated voices, and the apparent ease at which people created them, they highlight the looming risk of deepfake audio clips. In much the same way deepfake video started as a method for people to create non-consensual pornography of specific people before branching onto other use cases, the trajectory of deepfake audio is only just beginning. […] The clips run the gamut from harmless, to violent, to transphobic, to homophobic, to racist. One 4chan post that included a wide spread of the clips also contained a link to the beta from ElevenLabs, suggesting ElevenLabs’ software may have been used to create the voices.

On its website ElevenLabs offers both “speech synthesis” and “voice cloning.” For the latter, ElevenLabs says it can generate a clone of someone’s voice from a clean sample recording, over one minute in length. Users can quickly sign up to the service and start generating voices. ElevenLabs also offers “professional cloning,” which it says can reproduce any accent. Target use cases include voicing newsletters, books, and videos, the company’s website adds. […] On Monday, shortly after the clips circulated on 4chan, ElevenLabs wrote on Twitter that “Crazy weekend — thank you to everyone for trying out our Beta platform. While we see our tech being overwhelmingly applied to positive use, we also see an increasing number of voice cloning misuse cases.” ElevenLabs added that while it can trace back any generated audio to a specific user, it was exploring more safeguards. These include requiring payment information or “full ID identification” in order to perform voice cloning, or manually verifying every voice cloning request.

Read more of this story at Slashdot.

Source: Slashdot – AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices For Abuse

The development team behind the open-source password management software KeePass is disputing what is described as a newly found vulnerability that allows attackers to stealthily export the entire database in plain text. BleepingComputer reports: KeePass is a very popular open-source password manager that allows you to manage your passwords using a locally stored database, rather than a cloud-hosted one, such as LastPass or Bitwarden. To secure these local databases, users can encrypt them using a master password so that malware or a threat actor can’t just steal the database and automatically gain access to the passwords stored within it. The new vulnerability is now tracked as CVE-2023-24055, and it enables threat actors with write access to a target’s system to alter the KeePass XML configuration file and inject a malicious trigger that would export the database, including all usernames and passwords in cleartext. The next time the target launches KeePass and enters the master password to open and decrypt the database, the export rule will be triggered, and the contents of the database will be saved to a file the attackers can later exfiltrate to a system under their control. However, this export process launches in the background without the user being notified or KeePass requesting the master password to be entered as confirmation before exporting, allowing the threat actor to quietly gain access to all of the stored passwords. […]

While the CERT teams of Netherlands and Belgium have also issued security advisories regarding CVE-2023-24055, the KeePass development team is arguing that this shouldn’t be classified as a vulnerability given that attackers with write access to a target’s device can also obtain the information contained within the KeePass database through other means. In fact, a “Security Issues” page on the KeePass Help Center has been describing the “Write Access to Configuration File” issue since at least April 2019 as “not really a security vulnerability of KeePass.” If the user has installed KeePass as a regular program and the attackers have write access, they can also “perform various kinds of attacks.” Threat actors can also replace the KeePass executable with malware if the user runs the portable version.

“In both cases, having write access to the KeePass configuration file typically implies that an attacker can actually perform much more powerful attacks than modifying the configuration file (and these attacks in the end can also affect KeePass, independent of a configuration file protection),” the KeePass developers explain. “These attacks can only be prevented by keeping the environment secure (by using an anti-virus software, a firewall, not opening unknown e-mail attachments, etc.). KeePass cannot magically run securely in an insecure environment.” If the KeePass devs don’t release a version of the app that addresses this issue, BleepingComputer notes “you could still secure your database by logging in as a system admin and creating an enforced configuration file.”

“This type of config file takes precedence over settings described in global and local configuration files, including new triggers added by malicious actors, thus mitigating the CVE-2023-24055 issue.”

Read more of this story at Slashdot.

Source: Slashdot – KeePass Disputes Vulnerability Allowing Stealthy Password Theft

Children experienced learning deficits during the Covid pandemic that amounted to about one-third of a school year’s worth of knowledge and skills, according to a new global analysis, and had not recovered from those losses more than two years later. The New York Times reports: Learning delays and regressions were most severe in developing countries and among students from low-income backgrounds, researchers said, worsening existing disparities and threatening to follow children into higher education and the work force. The analysis, published Monday in the journal Nature Human Behavior and drawing on data from 15 countries, provided the most comprehensive account to date of the academic hardships wrought by the pandemic. The findings suggest that the challenges of remote learning — coupled with other stressors that plagued children and families throughout the pandemic — were not rectified when school doors reopened.

“In order to recover what was lost, we have to be doing more than just getting back to normal,” said Bastian Betthauser, a researcher at the Center for Research on Social Inequalities at Sciences Po in Paris, who was a co-author on the review. He urged officials worldwide to provide intensive summer programs and tutoring initiatives that target poorer students who fell furthest behind. Thomas Kane, the faculty director of the Center for Education Policy Research at Harvard, who has studied school interruptions in the United States, reviewed the global analysis. Without immediate and aggressive intervention, he said, “learning loss will be the longest-lasting and most inequitable legacy of the pandemic.”

[…] Because children have a finite capacity to absorb new material, Mr. Betthauser said, teachers cannot simply move faster or extend school hours, and traditional interventions like private tutoring rarely target the most disadvantaged groups. Without creative solutions, he said, the labor market ought to “brace for serious downstream effects.” Children who were in school during the pandemic could lose about $70,000 in earnings over their lifetimes if the deficits aren’t recovered, according to Eric Hanushek, an economist at the Hoover Institution at Stanford. In some states, pandemic-era students could ultimately earn almost 10 percent less than those who were educated just before the pandemic. The societal losses, he said, could amount to $28 trillion over the rest of the century.

Read more of this story at Slashdot.

Source: Slashdot – Students Lost One-Third of a School Year To Pandemic, Study Finds