Posts with «internet & networking technology» label

Google begins opening access to generative AI in search

Google’s take on AI-powered search begins rolling out today. The company announced this morning that it’s opening access to Google Search Generative Experience (SGE) and other Search Labs in the US. If you haven’t already, you’ll need to sign up for the waitlist and sit tight until you get an email announcing it’s your turn.

Revealed at Google I/O 2023 earlier this month, Google SGE is the company’s infusion of conversational AI into the classic search experience. If you’ve played with Bing AI, expect a familiar — yet different — product. Cherlynn Low noted in Engadget’s SGE preview that Google’s AI-powered search uses the same input bar you’re used to rather than a separate chatbot field like in Bing. Next, the generative AI results will appear in a shaded section below the search bar (and sponsored results) but above the standard web results. Meanwhile, on the top right of the AI results is a button letting you expand the snapshot, and it adds cards showing the sourced articles. Finally, you can ask follow-up questions by tapping a button below the results.

Google describes the snapshot as “key information to consider, with links to dig deeper.” Think of it like a slice of Bard injected (somewhat) seamlessly into the Google search you already know.

In addition, Google is opening access to other Search Labs, including Code Tips and Add to Sheets (both are US-only for now). Code Tips “harnesses the power of large language models to provide pointers for writing code faster and smarter.” It lets aspiring developers ask how-to questions about programming languages (C, C++, Go, Java, JavaScript, Kotlin, Python and TypeScript), tools (Docker, Git, shells) and algorithms. Meanwhile, as its name suggests, Add to Sheets lets you insert search results directly into Google’s spreadsheet app. Tapping a Sheets icon to the left of a search result will pop up a list of your recent documents; choose one to which you want to attach the result.

If you aren’t yet on the Search Labs waitlist, you can tap the Labs icon (a beaker symbol) on a new tab in Chrome for desktop or in the Google search app on Android or iOS. However, the company hasn’t announced how quickly or broadly it will open access, so you may need to be patient.

This article originally appeared on Engadget at

The best VPNs for 2023

VPNs have been having a moment recently. The once-niche way to protect your online behavior took off, in part, due to massive marketing budgets and influencer collaborations convincing consumers they can solve all your security woes. But deciding the best option for your browsing needs requires digging through claims of attributes that aren’t always totally accurate. That has made it harder to figure out which one to subscribe to, or if you really need to use one at all. We tested out nine of the best VPNs available now to help you choose the best one for your needs.

What you should know about VPNs

VPNs are not a one-size-fits-all security solution. Instead, they’re just one part of keeping your data private and secure. Roya Ensafi, assistant professor of computer science and engineering at the University of Michigan, told Engadget that VPNs don’t protect against common threats like phishing attacks, nor do they protect your data from being stolen. But they do come in handy when you’re connecting to an untrusted network somewhere public because they tunnel and encrypt your traffic to the next hop.

In other words, VPNs mask the identity of your computer on the network and create an encrypted "tunnel" that prevents your internet service provider from accessing data about your browsing history. Even then, much of the data or information is stored with the VPN provider instead of your ISP, which means that using a poorly designed or unprotected network can still undermine your security.

That means sweeping claims that seem promising, like military-grade encryption or total digital invisibility, may not be totally accurate. Instead, Yael Grauer, program manager of Consumer Reports’ online security guide, recommends looking for security features like open-source software with reproducible builds, up-to-date support for industry-standard protocols like WireGuard, IPsec or PPTP and the ability to defend against attack vectors like brute force.

Who are VPNs really for?

Before considering a VPN, make sure your online security is up to date in other ways. That means complex passwords, multifactor authentication methods and locking down your data sharing preferences. Even then, you probably don’t need to be using a VPN all the time.

“If you're just worried about somebody sitting there passively and looking at your data then a VPN is great,” Jed Crandall, an associate professor at Arizona State University, told Engadget.

If you use public WiFi a lot, like while working at a coffee shop, then VPNs can help keep your information private. They’re also helpful for hiding information from other people on your ISP if you don’t want members of your household to know what you’re up to online.

Geoblocking has also become a popular use case as it helps you reach services in other parts of the world. For example, you can access shows that are only available on Netflix in other countries, or play online games with people located all over the globe.

Are VPNs worth it?

Whether or not VPNs are worth it depends how often you could use it for the above use cases. If you travel a lot and rely on public WiFi, are looking to browse outside of your home country or want to keep your traffic hidden from your ISP, then investing in a VPN will be useful. But, keep in mind that VPNs often slow down your internet speed, so they may not be ideal all the time.

We recommend not relying on a VPN as your main cybersecurity tool. It can provide a false sense of security, leaving you vulnerable to attack. Plus, if you choose just any VPN, it may not be as secure as just relying on your ISP. That’s because the VPN could be based in a country with weaker data privacy regulation, obligated to hand information over to law enforcement or linked to weak user data protection policies.

For users working in professions like activism or journalism that want to really strengthen their internet security, options like the Tor browser may be a worthwhile alternative, according to Crandall. Tor is free, and while it's less user-friendly, it’s built for anonymity and privacy.

How we tested

To test the security specs of different VPNs, we relied on pre-existing academic work through Consumer Reports, VPNalyzer and other sources. We referenced privacy policies, transparency reports and security audits made available to the public. We also considered past security incidents like data breaches.

We looked at price, usage limits, effects on internet speed, possible use cases, ease of use and additional “extra” features for different VPN providers. The VPNs were tested across an iPhone, Google Pixel and Mac device so we could see the state of the apps across various platforms. We used the “quick connect” feature on the VPNs to connect to the “fastest” provider available when testing internet speed, access to IP address data and DNS and WebRTC leaks or when a fault in the encrypted tunnel reveals requests to an ISP.

Otherwise, we conducted a test of geoblocking content by accessing Canada-exclusive Netflix releases, a streaming test by watching a news livestream on YouTube via a Hong Kong-based VPN and a gaming test by playing on servers in the United Kingdom. By performing these tests at the same time, it also allowed us to test claims about simultaneous device use.

VPNs we tested:

Best VPN overall: ProtonVPN

The VPNs we tried out ranked pretty consistently across all of our tests, but ProtonVPN stood out as a strong option because of its overall security and ease of use. The Proton Technologies suite of services includes mail, calendar, drive and a VPN known for its end-to-end encryption. This makes it a strong contender for overall security, but its VPN specifically came across as a well-rounded independent service.

ProtonVPN’s no-logs security policy has passed audits, and the company has proven not to comply with law enforcement requests. Because it is based in Switzerland, there are no forced logging obligations, according to the company. Plus, it’s based on an open-source framework, and has an official vulnerability disclosure program along with clear definitions on what it does with personal information.

While ProtonVPN offers a free version, it’s limited compared to other options with access to servers in just three countries. Its paid version, starting at about $5.39 per month, includes access to servers in more than 65 countries on 10 devices at a time. For dedicated Proton Technologies users, they can pay closer to $8.63 each month for access to the entire suite.

ProtonVPN passed our geoblock, streaming and gaming tests with only a very small toll on internet speed. It also comes with malware-, ad- and tracker-blocking as an additional service. It’s available on most major operating systems, routers, TV services and more including Firefox, Linux and Android TV.

Best free VPN: Windscribe

By signing up for Windscribe with your email, users can access 10GB per month of data, unlimited connections and access to more than 10 countries. We selected it as the best free VPN because of its high security and wide range of server options compared to other free VPNs. It has over 500 servers in over 60 countries, according to the company, and can be configured to routers, smart TVs and more on top of the usual operating systems.

Windscribe doesn’t have a recent independent security audit, but it does publish a transparency report showing that it has complied with zero requests for its data, runs a vulnerability disclosure program encouraging researchers to report flaws and offers multiple protocols for users to connect with.

On top of that, it’s easy to use. The set up is intuitive and it passed our geoblock, streaming and gaming tests. The paid version costs $5.75 to $9 each month, depending on the plan you choose, and includes unlimited data, access to all servers and an ad/tracker/malware blocker. Or, for $1 per location per month, users can build a plan tailored to the VPNs they want to access.

Best for frequent travel, gaming and streaming: ExpressVPN

We picked the best VPN for travel, gaming and streaming based on which one had access to the most locations with high speed connections and no lag. ExpressVPN met all those criteria.

An internet speed test measured faster upload and download speed compared to using no VPN, practically unheard of compared to the other VPNs tested. But this is likely a fluke due to the VPN service circumventing traffic shaping by the ISP or another disparity because even top VPNs will in some way slow down speeds. With 2,000 servers in 160 cities, according to the company, it had one of the broadest global reaches. It also passed our geoblock, streaming and gaming tests, and it does regular security audits. Subscription costs range from $8.32 to $12.95 per month depending on the term of the plan, and include a password manager.

With ExpressVPN, users can connect to up to five devices at once, which is on the lower side compared to other services. That said, it works on a bunch of devices from smart TVs to game consoles unlike some other services that lack support beyond the usual suspects like smartphones and laptops.

Best cross-platform accessibility: CyberGhost

Because several VPN services connect to routers, cross-platform accessibility isn’t always necessary. By connecting a VPN to your home router, you can actually connect to however many devices you have in your household, as long as they all access the internet through that router.

But if you use VPNs on the go, and across several devices, being able to connect to a wide range of platforms will be indispensable. CyberGhost offers simultaneous connectivity on up to seven devices for $2.11 to $12.99 per month depending on subscription term. It supports several types of gadgets like routers, computers, smart TVs and more. It’s similar to the support that ExpressVPN offers, but CyberGhost provides detailed instructions on how to set up the cross-platform connections, making it a bit more user-friendly for those purposes.

From a security perspective, CyberGhost completed an independent security audit by Deloitte earlier this year, runs a vulnerability disclosure program and provides access to a transparency report explaining requests for its data. While it did pass all of our tests, it’s worth noting that we had trouble connecting to servers in the United Kingdom and had to opt to run our gaming test through an Ireland-based server instead.

Best for multiple devices: Surfshark

As we mentioned before, connecting to a router can provide nearly unlimited access to devices in a single household. But Surfshark is one of few VPNs that offer use on an unlimited number of devices without bandwidth restrictions, according to the company. And you get that convenience without a significant increase in price: Surfshark subscriptions cost about $2.49 to $12.95 per month, and the company recently conducted its first independent audit.

We ran into some trouble connecting to Surfshark’s WireGuard protocol, but tested on an IKEv2 protocol instead. It was a bit slow and struggled to connect for our geoblock test at first, but ultimately passed. What makes it different from other VPNs with unlimited connection options is that it has access to more servers and is available on more types of devices.

This article originally appeared on Engadget at

What do AI chatbots know about us, and who are they sharing it with?

AI Chatbots are relatively old by tech standards, but the newest crop — led by OpenAI's ChatGPT and Google's Bard — are vastly more capable than their ancestors, not always for positive reasons. The recent explosion in AI development has already created concerns around misinformation, disinformation, plagiarism and machine-generated malware. What problems might generative AI pose for the privacy of the average internet user? The answer, according to experts, is largely a matter of how these bots are trained and how much we plan to interact with them

In order to replicate human-like interactions, AI chatbots are trained on mass amounts of data, a significant portion of which is derived from repositories like Common Crawl. As the name suggests, Common Crawl has amassed years and petabytes worth of data simply from crawling and scraping the open web. “These models are training on large data sets of publicly available data on the internet,” Megha Srivastava, PhD student at Stanford's computer science department and former AI resident with Microsoft Research, said. Even though ChatGPT and Bard use what they call a "filtered" portion of Common Crawl's data, the sheer size of the model makes it "impossible for anyone to kind of look through the data and sanitize it,” according to Srivastava.

Either through your own carelessness or the poor security practices by a third-party could be in some far-flung corner of the internet right now. Even though it might be difficult to access for the average user, it's possible that information was scraped into a training set, and could be regurgitated by that chatbot down the line. And a bot spitting out someone's actual contact information is in no way a theoretical concern. Bloomberg columnist Dave Lee posted on Twitter that, when someone asked ChatGPT to chat on encrypted messaging platform Signal, it provided his exact phone number. This sort of interaction is likely an edge case, but the information these learning models have access to is still worth considering. "It’s unlikely that OpenAI would want to collect specific information like healthcare data and attribute it to individuals in order to train its models," David Hoelzer, a fellow at security organization the SANS Institute, told Engadget. “But could it inadvertently be in there? Absolutely.”

Open AI, the company behind ChatGPT, did not respond when we asked what measures it takes to protect data privacy, or how it handles personally identifiable information that may be scraped into its training sets. So we did the next best thing and asked ChatGPT itself. It told us that it is "programmed to follow ethical and legal standards that protect users’ privacy and personal information" and that it doesn't "have access to personal information unless it is provided to me." Google for its part told Engadget it programmed similar guardrails into Bard to prevent the sharing of personally identifiable information during conversations.

Helpfully, ChatGPT brought up the second major vector by which generative AI might pose a privacy risk: usage of the software itself — either via information shared directly in chatlogs or device and user information captured by the service during use. OpenAI’s privacy policy cites several categories of standard information it collects on users, which could be identifiable, and upon starting it up, ChatGPT does caution that conversations may be reviewed by its AI trainers to improve systems. 

Google's Bard, meanwhile, does not have a standalone privacy policy, instead uses the blanket privacy document shared by other Google products (and which happens to be tremendously broad.) Conversations with Bard don't have to be saved to the user's Google account, and users can delete the conversations via Google, the company told Engadget. “In order to build and sustain user trust, they're going to have to be very transparent around privacy policies and data protection procedures at the front end,” Rishi Jaitly, professor and distinguished humanities fellow at Virginia Tech, told Engadget.

Despite having a "clear conversations" action, pressing that does not actually delete your data, according to the service’s FAQ page, nor is OpenAI is able to delete specific prompts. While the company discourages users from sharing anything sensitive, seemingly the only way to remove personally identifying information provided to ChatGPT is to delete your account, which the company says will permanently remove all associated data.

Hoelzer told Engadget he’s not worried that ChatGPT is ingesting individual conversations in order to learn. But that conversation data is being stored somewhere, and so its security becomes a reasonable concern. Incidentally, ChatGPT was taken offline briefly in March because a programming error revealed information about users’ chat histories. It's unclear this early in their broad deployment if chat logs from these sorts of AI will become valuable targets for malicious actors.

For the foreseeable future, it's best to treat these sorts of chatbots with the same suspicion users should be treating any other tech product. “A user playing with these models should enter with expectation that any interaction they're having with the model," Srivastava told Engadget, "it's fair game for Open AI or any of these other companies to use for their benefit.”

This article originally appeared on Engadget at

Microsoft's new Security Copilot will help network admins respond to threats in minutes, not days

Humanity took another step towards its Ghost in the Shell future on Tuesday with Microsoft's unveiling of the new Security Copilot AI at its inaugural Microsoft Secure event. The automated enterprise-grade security system is powered by OpenAI's GPT-4, runs on the Azure infrastructure and promises admins the ability "to move at the speed and scale of AI."

Security Copilot is similar to the large language model (LLM) that drives the Bing Copilot feature, but with a training geared heavily towards network security rather than general conversational knowledge and web search optimization. "This security-specific model in turn incorporates a growing set of security-specific skills and is informed by Microsoft’s unique global threat intelligence and more than 65 trillion daily signals," Vasu Jakkal, Corporate Vice President of Microsoft Security, Compliance, Identity, and Management, wrote Tuesday. 

“Just since the pandemic, we’ve seen an incredible proliferation [in corporate hacking incidents],"Jakkal told Bloomberg. For example, “it takes one hour and 12 minutes on average for an attacker to get full access to your inbox once a user has clicked on a phishing link. It used to be months or weeks for someone to get access.”

Security Copilot should serve as a force multiplier for overworked and under-supported network admins, a filed which Microsoft estimates has more than 3 million open positions. "Our cyber-trained model adds a learning system to create and tune new skills," Jakkal explained. "Security Copilot then can help catch what other approaches might miss and augment an analyst’s work. In a typical incident, this boost translates into gains in the quality of detection, speed of response and ability to strengthen security posture." 

Jakkal anticipates these new capabilities enabling Copilot-assisted admins to respond within minutes to emerging security threats, rather than days or weeks after the exploit is discovered. Being a brand new, untested AI system, Security Copilot is not meant to operate fully autonomously, a human admin needs to remain in the loop. “This is going to be a learning system,” she said. “It’s also a paradigm shift: Now humans become the verifiers, and AI is giving us the data.”

To more fully protect the sensitive trade secrets and internal business documents Security Copilot is designed to protect, Microsoft has also committed to never use its customers data to train future Copilot iterations. Users will also be able to dictate their privacy settings and decide how much of their data (or the insights gleaned from it) will be shared. The company has not revealed if, or when, such security features will become available for individual users as well.

This article originally appeared on Engadget at

Google One's VPN will soon be available to all subscribers

Google One is expanding its security features. First, Google is making its virtual private network (VPN) available to all subscribers at no extra cost. A VPN for Google One members was first introduced in October 2020, but only for those on plans with at least 2TB of storage. The 2TB plan costs $10 per month or $100 per year, but you now won't need to pay that much to access Google's VPN.

Starting today and over the next few weeks, Google will open up access to the VPN across all plans. That includes the Basic $2 per month option, which gives you 100GB of storage across your Google account. The VPN will be available in 22 countries on Android, iOS, Windows and Mac devices. You'll be able to share it with up to five other people who are on your One plan.

The VPN will hide your internet activity from hackers and network operators. Google says. The company claims it will "never use the VPN connection to track, log, or sell your online activity."

Elsewhere, Google is adding another feature to help One subscribers protect themselves. A dark web report, which the company will start rolling out to members in the US over the next few weeks, can scan the dark web for your personal details to check if your information has been included in a data breach.

You can select which details — such as your name, address, email, phone number and Social Security Number — you'd like Google to look out for on your monitoring profile. Google says it will handle this data according to its privacy policy. You can remove the details from your profile at any time and ask Google to stop monitoring the dark web for your information, if you prefer.

If Google finds your tracked information on the dark web, it'll notify you and offer some suggestions on how to protect yourself. It says that, for instance, if it spots your Social Security number, you might want to report it as stolen and take action to protect your credit. The report will also highlight information potentially related to you beyond the details you add to your monitoring profile.

Google has been adding other features to One beyond security measures and extra storage. It revealed in February that subscribers can access the Magic Eraser feature in Google Photos. Before then, the feature was only available on Pixel 6 and Pixel 7 devices.

This article originally appeared on Engadget at

Steam now allows you to copy games to Steam Deck and other PCs over a local network

Valve is giving Steam Deck users with slow internet connections or bandwidth caps a new way to install games on their devices. The latest Steam and Steam Deck betas add local network game transfers, a feature that allows you to copy existing files from one PC to another over a local area network. Valve says the tool can reduce internet traffic and lessen the time it takes to install games and updates since you can use it to bypass the need to connect to a Steam content server over the internet.

Hello! We've just shipped a Beta update to Steam and Steam Deck that includes a new feature: Local Network Game Transfers.

This allows Steam users to install games directly from one PC to another over a local network, without having to download and install from the internet.

— Steam Deck (@OnDeck) February 17, 2023

“Local Network Game Transfers are great for Steam Deck owners, multi-user Steam households, dorms, LAN parties, etc,” the company points out. “No more worries about bandwidth or data caps when all the files you need are already nearby.” Once you’ve installed the new software on your devices, Steam will first check if it can transfer a game installation or set of update files over your local network before contacting a public Steam content server. If at any point one of the devices involved in the transfer is disconnected from your local network, Steam will fall back to downloading any necessary files from the internet.

By default, the feature is set to only work between devices logged into the same Steam account, but you can also transfer files between friends on the same local area network. It’s also possible to transfer to any user on the same network, which is something you would do during a LAN tournament. Valve has published a FAQ with more information about local network game transfers, including details on some of the limitations of the feature, over on the Steam website.

How AI will change the way we search, for better or worse

Great news everyone, we’re pivoting to chatbots! Little did OpenAI realize when it released ChatGPT last November that the advanced LLM (large language model) designed to uncannily mimic human writing would become the fastest growing app to date with more than 100 million users signing up over the past three months. Its success — helped along by a $10 billion, multi-year investment from Microsoft — largely caught the company’s competition flat-footed, in turn spurring a frenetic and frantic response from Google, Baidu and Alibaba. But as these enhanced search engines come online in the coming days, the ways and whys of how we search are sure to evolve alongside them.

“I'm pretty excited about the technology. You know, we've been building NLP systems for a while and we've been looking every year at incremental growth,” Dr. Sameer Singh, Associate Professor of Computer Science at the University of California, Irvine (UCI), told Engadget. “For the public, it seems like suddenly out of the blue, that's where we are. I've seen things getting better over the years and it's good for all of this stuff to be available everywhere and for people to be using it.”

As to the recent public success of large language models, “I think it's partly that technology has gotten to a place where it's not completely embarrassing to put the output of these models in front of people — and it does look really good most of the time,” Singh continued. “I think that that’s good enough.”

JASON REDMOND via Getty Images

“I think it has less to do with technology but more to do with the public perception,” he continued. “If GPT hadn't been released publicly… Once something like that is out there and it's really resonating with so many people, the usage is off the charts.”

Search providers have big, big ideas for how the artificial intelligence-enhanced web crawlers and search engines might work and damned if they aren’t going to break stuff and move fast to get there. Microsoft envisions its Bing AI to serve as the user’s “copilot” in their web browsing, following them from page to page answering questions and even writing social media posts on their behalf.

This is a fundamental change from the process we use today. Depending on the complexity of the question users may have to visit multiple websites, then sift through that collected information and stitch it together into a cohesive idea before evaluating it.

“That's more work than having a model that hopefully has read these pages already and can synthesize this into something that doesn't currently exist on the web,” Brendan Dolan-Gavitt, Assistant Professor in the Computer Science and Engineering Department at NYU Tandon, told Engadget. “The information is still out there. It's still verifiable, and hopefully correct. But it's not all in place.”

For its part, Google’s vision of the AI-powered future has users hanging around its search page rather than clicking through to destination sites. Information relevant to the user’s query would be collected from the web, stitched together by the language model, then regurgitated as an answer with reference to the originating website displayed as footnotes.

This all sounds great, and was all going great, right up to the very first opportunity for something to go wrong. When it did. In its inaugural Twitter ad — less than 24 hours after debuting — Bard, Google’s answer to ChatGPT, confidently declared, “JWST took the very first pictures of a planet outside of our own solar system.” You will be shocked to learn that the James Webb Space Telescope did not, in fact, discover the first exoplanet in history. The ESO’s Very Large Telescope holds that honor from 2004. Bard just sorta made it up. Hallucinated it out of the digital ether.

Bard is an experimental conversational AI service, powered by LaMDA. Built using our large language models and drawing on information from the web, it’s a launchpad for curiosity and can help simplify complex topics →

— Google (@Google) February 6, 2023

Of course this isn’t the first time that we’ve been lied to by machines. Search has always been a bit of a crapshoot, ever since the early days of Lycos and Altavista. “When search was released, we thought it was ‘good enough’ though it wasn't perfect,” Singh recalled. “It would give all kinds of results. Over time, those have improved a lot. We played with it, and we realized when we should trust it and when we shouldn’t — when we should go to the second page of results, and when we shouldn't.”

The subsequent generation of voice AI assistants evolved through the same base issues that their text-based predecessors did. “When Siri and Google Assistant and all of these came out and Alexa,” Singh said, “they were not the assistants that they were being sold to us as.”

The performance of today’s LLMs like Bard and ChatGPT, are likely to improve along similar paths through their public use, as well as through further specialization into specific technical and knowledge-based roles such as medicine, business analysis and law. “I think there are definitely reasons it becomes much better once you start specializing it. I don't think Google and Microsoft specifically are going to be specializing it too much — their market is as general as possible,” Singh noted.

In many ways, what Google and Bing are offering by interposing their services in front of the wider internet — much as AOL did with the America Online service in the ‘90s — is a logical conclusion to the challenges facing today’s internet users.

The Washington Post via Getty Images

“Nobody's doing the search as the end goal. We are seeking some information, eventually to act on that information,” Singh argues. “If we think about that as the role of search, and not just search in the literal sense of literally searching for something, you can imagine something that actually acts on top of search results can be very useful.”

Singh characterizes this centralization of power as, “a very valid concern. Simply put, if you have these chat capabilities, you are much less inclined to actually go to the websites where this information resides,” he said.

It’s bad enough that chatbots have a habit of making broad intellectual leaps in their summarizations, but the practice may also “incentivize users not go to the website, not read the whole source, to just get the version that the chat interface gives you and sort of start relying on it more and more,” Singh warned.

In this, Singh and Dolan-Gavitt agree. “If you’re cannibalizing from the visits that a site would have gotten, and are no longer directing people there, but using the same information, there's an argument that these sites won't have much incentive to keep posting new content.” Dolan-Gavitt told Engadget. “On the other hand the need for clicks also is one of the reasons we get lots of spam and is one of the reasons why search has sort of become less useful recently. I think [the shortcomings of search are] a big part of why people are responding more positively to these chatbot products.”

That demand, combined with a nascent marketplace, is resulting in a scramble among the industry’s major players to get their products out yesterday, ready or not, underwhelming or not. That rush for market share is decidedly hazardous for consumers. Microsoft’s previous foray into AI chatbots, 2014’s Taye, ended poorly (to put it without the white hoods and goose stepping). Today, Redditors are already jailbreaking OpenAI to generate racist content. These are two of the more innocuous challenges we will face as LLMs expand in use but even they have proven difficult to stamp out in part, because they require coordination amongst an industry of viscous competitors.

“The kinds of things that I tend to worry about are, on the software side, whether this puts malicious capabilities into more hands, makes it easier for people to write malware and viruses,” Dolan-Gavitt said. “This is not as extreme as things like misinformation but certainly, I think it'll make it a lot easier for people to make spam.”

“A lot of the thinking around safety so far has been predicated on this idea that there would be just a couple kinds of central companies that, if you could get them all to agree, we could have some safety standards.” Dolan-Gavitt continued. “I think the more competition there is, the more you get this open environment where you can download an unrestricted model, set it up on your server and have it generate whatever you want. The kinds of approaches that relied on this more centralized model will start to fall apart.”

Google Fi warns customers that their data has been compromised

Google has notified customers of its Fi mobile virtual network operator (MVNO) service that hackers were able to access some of their information, according to TechCrunch. The tech giant said the bad actors infiltrated a third-party system used for customer support at Fi's primary network provider. While Google didn't name the provider outright, Fi relies on US Cellular and T-Mobile for connectivity. If you'll recall, the latter admitted in mid-January that hackers had been taking data from its systems since November last year.

T-Mobile said the attackers got away with the information of around 37 million postpaid and prepaid customers before it discovered and contained the issue. Back then, the carrier insisted that no passwords, payment information and social security numbers were stolen. Google Fi is saying the same thing, adding that no PINs or text message/call contents were taken, as well. The hackers only apparently had access to users' phone numbers, account status, SMS card serial numbers and some service plan information, like international roaming. 

Google reportedly told most users that they didn't have to do anything and that it's still working with Fi's network provider to "identify and implement measures to secure the data on that third-party system and notify everyone potentially impacted." That said, at least one customer claimed having more serious issues than most because of the breach. They shared a part of Google's supposed email to them on Reddit, telling them that that their "mobile phone service was transferred from [their] SIM card to another SIM card" for almost two hours on January 1st. 

The customer said they received password reset notifications from Outlook, their crypto wallet account and two-factor authenticator Authy that day. They sent logs to 9to5Google to prove that the attackers had used their number to receive text messages that allowed them to access those accounts. Based on their Fi text history, the bad actors started resetting passwords and requesting two-factor authentication codes via SMS within one minute of transferring their SIM card. The customer was reportedly only able regain control of their accounts after turning network access on their iPhone off and back on, though it's unclear if that's what solved the issue. We've reached out to Google for a statement regarding the customers' SIM swapping claim and will update this post when we hear back. 

Starlink is adding a 1TB data cap for usage during peak hours

Starlink raised its prices this spring, and now it's increasing the costs for its most demanding users. As The Vergereports, the SpaceX-run satellite internet provider is instituting a 1TB "Priority Access" monthly cap for data use between 7AM and 11PM beginning in December. Cross that limit and you'll spend the rest of the month relegated to "Basic Access" that, like with some phone carriers, deprioritizes your data when the network is busy. You might not notice much of a difference in typical situations, but this won't thrill you if you depend on sustained performance.

Service can get expensive if you insist on full performance around the clock. You'll pay 25 cents per gigabyte of priority data. As Reddit user Nibbloid pointed out, the math doesn't quite add up. It will cost you another $250 to get an extra 1TB of data — it would be cheaper to add a second subscription, at least if you don't mind the cost of an extra terminal. RV, Portability and "Best Effort" users also don't have any Priority Access.

Other users face tougher restrictions. Fixed business service has peak-hour caps ranging from 500GB to 3TB, with extra full-speed data costing $1 per gigabyte. Mobility users have no Priority Access for recreational use, while commercial and Premium/Maritime users have respective 1TB and 5TB caps. Those higher-end users will pay $2 for every gigabyte of priority data they need.

The justifications will sound familiar if you've dealt with data caps from Comcast and other land-based internet providers. Starlink maintains that it has to balance supply with demand to provide fast service to the "greatest number of people." This is ostensibly to keep usage in check on a "finite resource."

The decision to cap users comes as SpaceX has called for government help to fund Starlink service in Ukraine at a claimed cost of nearly $400 million per year. While Musk has said SpaceX will continue to pay regardless of assistance, it's clear the company is worried about expenses as demand increases.

Google Fiber will offer 5Gbps and 8Gbps internet plans in early 2023

Google Fiber's sudden revival will include a dramatic boost to internet speeds. Google has revealed that it will offer 5Gbps and 8Gbps plans in early 2023 at respective monthly rates of $125 and $150. Both tiers will include symmetric upload and download rates, a WiFi 6 router and up to two mesh network extenders. The upgrades should help with massive file transfers while keeping lag and jittering to a bare minimum, according to the company.

Current customers, particularly in Kansas City, Utah and West Des Moines, can try the speedier plans as soon as November if they sign up to become "trusted testers." If you're eligible, Google will ask you how you expect to use the extra bandwidth.

This is a big jump from the previous-best 2Gbps service Google introduced in 2020, and could make a big difference if you're a gamer or thrive on cloud computing. If a 150GB Microsoft Flight Simulator download takes 11 minutes at 2Gbps, the 8Gbps plan could cut that wait to less than three minutes in ideal conditions. It certainly makes typical cable internet plans seem expensive. Comcast is already offering 6Gbps service in some areas, for instance, but that costs $300 per month on contract and doesn't yet include symmetric uploads.

Either way, the new plans represent a declaration of intent. Alongside the first network expansions in five years, the upgraded speeds suggest Google is getting back to Fiber's roots. That is, it's both raising expectations for truly fast internet access and (to a degree) spurring competition among incumbent providers. This could help Google pitch its other services, of course, but you might not mind if it gives telecoms an extra incentive to roll out '10G' and similar upgrades sooner than they might have otherwise.