Google’s CEO, Sundar Pichia, has announced that Google will be launching its rival to OpenAI’s ChatGPT called ‘Bard’ “in the coming weeks” following its final testing stage.

What Is Bard? 

Referred to as ‘Apprentice Bard’ during its development stages, Bard is Google’s conversational AI service which uses Language Model for Dialogue Applications (LaMDA), Google’s family of conversational neural language models. LaMDA made the news in June last year when engineer Google Blake Lemoine reported that LaMDA’s AI system bot was so good that it may have feelings and was saying things that a sentient being would be expected to say. The comments led to Mr Lemoine’s sacking 6 months later.

Lightweight Version 

The first release of Bard to the public will use a lightweight version of LaMDA. Google’s CEO says that the fact that it “requires significantly less computing power” will mean that Google can “scale to more users, allowing for more feedback.” 

Power, Intelligence, and Creativity Combined 

Bard is similar to OpenAI’s ChatGPT in that its users can input a question in a dialog box, a text answer is given, and the user (it’s currently being tested by Google employees), can give feedback on the response.

Sundar Pichai says “Bard seeks to combine the breadth of the world’s knowledge with the power, intelligence, and creativity of our large language models. It draws on information from the web to provide fresh, high-quality responses.” Pichai also highlights his vision for Bard as being “an outlet for creativity, and a launchpad for curiosity.” 

Will Change Search Engine Results 

In the blog announcement of the introduction of Bard, Sundar Pichai highlighted how adding the AI chatbot technology to a search engine (Google) could add value and change the format of results. For example, Mr Pichai said: “AI can be helpful in these moments, synthesising insights for questions where there’s no one right answer. Soon, you’ll see AI-powered features in Search that distil complex information and multiple perspectives into easy-to-digest formats, so you can quickly understand the big picture and learn more from the web.”  

Competition 

Following OpenAI being seen as first to the mass market with a super-powerful new generation free chatbot (ChatGPT) which already has millions of users, tech commentators are already noting that a chatbot battle has now attracted competitors, with Google’s Bard looking like being next on the scene. Examples of how the competition is hotting-up and of competitors that are currently known about include:

– Google has also announced a $300m investment in a start-up firm called Anthropic, which gives Google a large cloud contract and stake of about 10 per cent in the company. It is understood that the Google/Anthropic collaboration is intended to produce a generative AI chatbot to rival ChatGPT. Anthropic was formed with people who had worked for OpenAI.

– Google is also reported to be working on a project called ‘Atlas,’ also to develop a rival to ChatGPT.

– Facebook/Meta launched its ‘Blenderbot’ AI chatbot in the US last August. At the time, Meta described Blenderbot, built from Meta AI’s publicly available OPT-175B language model, as “a chatbot that can search the internet to talk about nearly any topic”.

What Does This Mean For Your Business? 

The public release of OpenAI’s ChatGPT has meant that the chatbot battle has commenced in earnest as the big tech companies, some of whom already have close working ties (Microsoft) with OpenAI, start to announce the testing and release of their own competing versions, i.e. Google’s Bard and its investment in Anthropic. Big tech companies like Microsoft and Google have realised the need to incorporate AI in their cloud offerings. Both have the cloud computing platforms to handle the size and complexity of the new AI models, and both have exercised their market power and chosen AI specialist partners (OpenAI and Amorphic) to help them to move forward with it quickly. For business users, the introduction of powerful AI chatbots is delivering cost and time savings, creating new business strengths and opportunities, and it will be exciting to see what Bard and other new chatbots can do as they are introduced.

Following news that hackers have stolen encrypted backups from the parent company of popular password manager LastPass, we look at what password managers are, plus the implications of the attack for businesses.

Password Challenges 

We are all used to using passwords but without extra measures (e.g. 2FA) they are now recognised as having security limitations as well as others. For example, drawbacks of relying on passwords include:

– Hunan difficulty in remembering strong, unique passwords for multiple accounts.

– Vulnerability to password reuse and weak password creation.

– Increased risk of password-related data breaches.

The risks of using passwords include:

– Password cracking through brute-force attacks, dictionary attacks, or social engineering techniques.

– Phishing scams that can trick users into revealing their passwords.

– Data breaches that expose passwords stored in unencrypted or poorly protected databases.

– Password reuse across multiple accounts, which can increase the damage from a single data breach.

What Are Password Managers, And Why Use Them? 

Password managers are software apps, typically installed as browser plug-ins, that securely store and manage passwords, credit card information, and other sensitive data. Some are free versions while others offer monthly subscription accounts. They allow users to generate strong and unique passwords for each account, automatically log in to websites, and fill out forms with a single click or keyboard shortcut. The data is encrypted and protected with a master password, providing an additional layer of security to the user’s online accounts.

Password managers, therefore, provide users with a fast, practical, and (perhaps until now) trusted way to log in to websites, platforms, apps, and other access gateways, and to mitigate some of the risks of using passwords. Even when using password managers, however, it is always important to follow best practices for password security, such as using strong, unique passwords and enabling two-factor authentication when available.

What Is LastPass? 

LastPass, owned by GoTo (previously owned by LogMeIn) is perhaps the most popular password manager. There are, however, many different password managers available, such as Google Password Manager, Microsoft Authenticator, Dashline, Sticky Password, Password Boss, Keeper (good for cross-platform uses), 1Password, LogMeOnce and others. There are also password vaults in other programs and CRMs that act as password managers, such as Zoho Vault, and Digital Vault. Google’s Chrome browser has a password manager to help to stop people from using weak passwords by suggesting combinations of characters that may be more secure. Microsoft’s Authenticator app can manage passwords for both Edge and Chrome.

What Happened To LastPass? 

On January 23, GoTo, the parent company of LastPass, gave an update of a “security incident” that it first reported in November 2022. The original “security incident” though is understood to have taken place in August 2022.

The update, following an investigation of the incident (a hack) stated that “a threat actor” had obtained “encrypted backups from a third-party cloud storage service” relating to its Central, Pro, join.me, Hamachi, and RemotelyAnywhere products. GoTo also reported that it had evidence that the threat actor had also obtained an encryption key for a portion of the encrypted backups. An encryption key is a code used to encrypt and decrypt data, i.e. the data’s unreadable to anyone without the key.

What Have GoTo And LastPass Said? 

November 2022 reports about the hack on GoTo say that it took place in the third-party cloud storage service that is currently shared by both GoTo and its affiliate, LastPass.

Reports from the LastPass blog in December 2022 say that the “threat actor accessed a cloud-based storage environment leveraging information obtained from the incident we previously disclosed in August of 2022”. LastPass says that while no customer data was accessed during the August 2022 incident, some source code and technical information were stolen from its development environment and used to target another employee, obtaining credentials and keys which were used to access and decrypt “some storage volumes within the cloud-based storage service”.  

What Was Taken? 

According to LastPass, once the threat actor obtained the cloud storage access key and dual storage container decryption keys, they copied basic customer account information and related metadata from backup which included company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service.

The threat actor is also known to have taken a copy of a backup of customer vault data from the encrypted storage container. This contained both unencrypted data, such as website URLs, as well as fully encrypted fields such as website usernames and passwords, secure notes, and form-filled data.

What Was Not Taken? 

LastPass has assured users that there is no evidence that any unencrypted credit card data was accessed, and that the copy of the encrypted fields that were taken “remain secured with 256-bit AES encryption” and that they can only be decrypted with a unique encryption key derived from each user’s master password using LastPass’s ‘Zero Knowledge architecture’. Also, LastPass has reminded users that the master password is never known to LastPass and is not stored or maintained by LastPass.

What Is LastPass Doing About It? 

LastPass says that in response to the August 2022 incident it has:

– Decommissioned the development environment and rebuilt a new one from scratch to eradicate any further potential access, and replaced and hardened developer machines, processes, and authentication mechanisms.

– Added more logging and alerting capabilities to help detect any further unauthorised activity, and implemented a new, fully dedicated set of LastPass development and production environments.

In response to the most recent incident LastPass says it has:

– Started rotating all relevant credentials and certificates that may have been affected and supplementing existing endpoint security.

– Performed an analysis of every account with signs of any suspicious activity within the cloud storage service and added additional safeguards.

– Analysed all data within the environment to understand exactly what the threat actor accessed.

Notifying 

LastPass has already notified affected business customers (3 per cent of its total business customers) and recommended actions they should take.

What Should Customers Do? 

LastPass says that business customers who haven’t already been contacted needn’t take any recommended actions at this time.

However, LastPass has issued the general advice to customers to make use of its password default settings whereby it says, “it would take millions of years to guess your master password using generally-available password-cracking technology.”  Also, LastPass had advised customers against reusing their master password on other websites (password sharing).

What Are The Risks? 

Following the LastPass hack, there are several potential security risks to customers, such as:

– The hacker could use brute force attempts (software) to guess master passwords. If the hacker obtains the master passwords to the solen data encryption vaults, they may be able to decode the data.

– The unencrypted data that was taken could now lead to customers being targeted with phishing attacks, credential stuffing or other brute force attacks against online accounts associated with the LastPass vaults.

What Does This Mean For Your Business? 

LastPass is a popular, market leading password manager, used and trusted by many businesses. It is likely, therefore, to be a shock to many that there’s been (another) security incident whereby hackers have been able to steal customer data from a company that is supposed to be in the business of protecting very sensitive customer data. It’s so serious in fact that customers’ data encryption vaults have been taken, and this could mean that despite the communication from LastPass about the hack, that business customer confidence in the service and LastPass’s brand could be hugely damaged by this incident. Also, the theft of the other data could mean that business customers are now more at risk of being targeted by social engineering or phishing attacks, credential stuffing, or other brute force attacks. The data could also be sold to many other attackers, leading to increased risks going forward and the need to invest more time and money on taking extra security measures.

In this insight, we look at what a virtual machine is, where to get one, what it can be used for, plus a few of the main pros and cons.

What Is A Virtual Computer? 

A virtual machine/virtual computer is a software-based simulation of a computer system, generally created and run on cloud-based infrastructure, and managed and maintained by cloud service providers. Virtual computers can be accessed over the internet, and users can run applications and store data on these virtual machines just as they would on a physical computer.

Where And How? 

There are several ways to get access to a virtual computer:

– Local setup. You can create a virtual computer on your own physical machine using virtualization software, such as VirtualBox or VMware. This requires installing the virtualization software and setting up a virtual machine using a compatible operating system.

– Cloud-based virtual machines. You can also rent a virtual computer from a cloud service provider, such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud. This allows you to run a virtual machine in the cloud and access it from anywhere with an internet connection.

– Hosted virtual desktops. Some organisations offer hosted virtual desktops, which are virtual machines that are hosted by the provider and accessible to users over the internet. These can be a cost-effective option for organisations that need to provide virtual desktops to employees or contractors.

To get a virtual computer, you’ll need to choose the type of virtual machine that meets your needs, then follow the specific instructions for setting it up and accessing it. Some virtualisation software, such as VirtualBox, is free and open source, while others, such as VMware, require a paid license. Cloud-based virtual machines are usually priced on a pay-per-use basis, based on the amount of resources you use. Hosted virtual desktops can be priced on a monthly or annual basis and may also require a per-user license.

Why Use A Virtual Machine (The Pros)? 

There are several reasons why you may choose to use a virtual computer. For example:

– Testing and development. Virtual computers can be used to test applications and operating systems without affecting the host system, making it easier to identify and fix bugs.

– Isolation and security. Virtual computers can be used to create isolated environments that are separate from the host system, reducing the risk of contamination from malware or other security threats.

– Cost-effectiveness. By running multiple virtual computers on a single physical machine, organisations can reduce hardware costs and increase the utilisation of their computing resources.

– Scalability. Virtual computers can be easily scaled up or down based on changing needs, allowing organisations to quickly respond to changing demands for computing resources.

– Accessibility. With cloud-based virtual computers, users can access their virtual machines from anywhere with an internet connection, making it easier for remote workers and teams to collaborate and access their applications and data.

– Compatibility. Virtual computers can be used to run older software or operating systems that are no longer compatible with current hardware, thereby preserving access to legacy applications.

– Portability. Virtual machines can be easily transferred from one physical machine to another, making it easier to migrate to new hardware or migrate to the cloud.

Examples 

Examples of uses for virtual computers, therefore, include:

– Running multiple operating systems on a single physical machine.

– Providing virtual desktop infrastructure (VDI).

– Hosting web applications.

– Testing and development of software applications.

– Provisioning isolated environments for security purposes, such as penetration testing.

Reducing The Risk of Being Tracked 

Using a virtual computer can also increase privacy and reduce the risk of being tracked in several ways. For example:

– By using a virtual machine, users can separate their online activities from their main computer, making it more difficult for others to track their activity.

– A virtual machine can be assigned a different IP address than the host computer, making it more difficult for websites and online services to track the user’s location and online activity.

– Virtual machines can be wiped clean and reset to their original state, effectively erasing any evidence of previous activities. This can be useful for users who want to reduce the risk of tracking by temporary files, browser history, and other forms of digital footprints.

– Virtual machines can be used to run alternative operating systems, such as a privacy-focused version of Linux, that are designed to protect user privacy and security.

However, it’s important to note that using a virtual computer does not guarantee complete anonymity and privacy. Online activities can still be monitored or tracked by various entities, including internet service providers, governments, and malicious actors. It’s important to use a combination of privacy and security tools, such as encrypted communication and VPNs, to maximize privacy and security when using a virtual computer or any other device connected to the internet.

The Cons Of Using A Virtual Computer 

There are, of course, quite a few disadvantages to using virtual computers. These include, for example:

– Performance issues. Virtual machines can sometimes run slower than physical machines, particularly when running resource-intensive applications or when there is contention for hardware resources.

– Complexity. The use of virtual computers can be complex and requires a certain level of technical expertise to set up and maintain.

– Dependence on host system. Virtual machines are dependent on the host system, and if the host system fails or experiences problems, it can affect the performance and availability of the virtual machines.

– Resource overhead. Running virtual machines requires additional resources, such as memory and processing power, which can add to the overall cost of running virtual machines.

– Networking limitations. Virtual machines can have limited networking capabilities, particularly when using bridged networking, which can make it more difficult to configure and manage virtual machine networking.

– Data storage. Virtual machines can have limited storage capacity, which can be a concern for users who need to store large amounts of data.

– Licensing. Some software applications and operating systems have licensing restrictions that limit their use in virtual environments, which can be a concern for organizations that want to use virtual machines for these purposes.

– Security concerns. Virtual machines can be vulnerable to security threats, just like physical machines, and require ongoing maintenance and security measures to minimize risks.

What Does This Mean For Your Business? 

Virtual computers, therefore, have a number of benefits and drawbacks for businesses, thus the decision of whether to use them or not will depend on the specific needs and circumstances of each organisation. Virtual computers can be a cost-effective solution for businesses that need to run multiple operating systems or applications, as they allow for better utilisation of hardware resources and reduce hardware costs. They also offer improved accessibility and scalability, making it easier for remote workers and teams to collaborate and access their applications and data. However, it’s also worth remembering that virtual computers can be complex to set up and maintain and may not offer the same performance as physical machines, particularly when running resource-intensive applications.

Businesses should also be aware of the potential for security threats and be prepared to take appropriate measures to secure their virtual machines. Ultimately, whether a virtual computer is the right choice for your business will depend on your specific needs and budget, as well as your technical expertise and resources. It may be helpful to consult with an expert or a cloud service provider to determine the best solution for your business.

Engineers at the University of New South Wales (UNSW) say they have modified a conventional diesel engine to run on mostly on hydrogen which could lead to CO2 emissions being cut by up to 85 per cent.

Engine Converted 

The UNSW Sydney engineers have reported taking an automotive-size inline single-cylinder diesel engine, and modifying it to install an additional hydrogen direct injector. The modification maintained the original diesel injection into the engine, but added a hydrogen fuel injection directly into the cylinder. This allowed them to run the engine on a mix of hydrogen (90 per cent) and a small amount of diesel, thereby creating a hydrogen-diesel hybrid engine.

Results 

Test results of this new patented Hydrogen-Diesel Direct Injection Dual-Fuel System technology show that CO2 emissions are reduced to to just 90 g/kWh – 85.9 per cent below the amount produced by a normal diesel powered engine.

Also, compared to existing diesel engines, the the diesel-hydrogen hybrid showed an efficiency improvement of more than 26 per cent.

Another benefit of the technology is that, unlike alternative hydrogen fuel cell systems, it does not require extremely high purity hydrogen. This brings the relative costs down considerably.

Retrofit To Any Diesel Engine 

The researchers say that any diesel engine e.g., those used in trucks and power equipment in the transportation, agriculture, and mining industries could be retrofitted to the new hybrid system in just a couple of months.

Professor Shawn Kook from the School of Mechanical and Manufacturing Engineering who led the team that spent 18 months developing the new system says: “Being able to retrofit diesel engines that are already out there is much quicker than waiting for the development of completely new fuel cell systems that might not be commercially available at a larger scale for at least a decade.  

“With the problem of carbon emissions and climate change, we need some more immediate solutions to deal with the issue of these many diesel engines currently in use.” 

Put To Best Use Now At Mining Sites Where Hydrogen Available 

The team say that the most immediate potential use for the new technology is in industrial locations, such as Australia’s mining sites, where permanent hydrogen fuel supply lines are already in place. Studies have shown, for example, that 30 per cent of greenhouse-gas emissions at mining sites are caused by the use of diesel engines, largely in mining vehicles and power generators.

What Does This Mean For Your Organisation? 

This new hydrogen hybrid fuel system is an exciting development with many benefits. For example, the fact that it can be easily retroffited as a bolt-on to existing diesel engines and doesn’t require more expensive high purity hydrogen mean that it can be put to use now on reducing CO2, and can keep costs down. The costs could be futher reduced due to the system making the diesel engine run more efficiently anyway. As the team pointed out, it could be put to good use now in reducing the significant amount of CO2 being produced by diesel vehicles in Australia’s mining industry. The big promise, of course, is that once commercialised (in the next 12 to 24 months), it could be used around the world to hopefully make a big reduction in CO2 emissions from all kinds of diesel vehicles, thereby helping the planet, and helping industries and countries to hit their green targets.

Royal Mail has reported that following their hit by 10 major LockBit ransomware attacks in January, some services have still not recovered, plus it is still using alternative solutions and systems. Despite making progress, Royal Mail reports being unable to process new Royal Mail parcels purchased through Post Office branches, that the delivery of international items may take slightly longer than usual, and that customers using Tracked services may notice different tracking information as items leave the UK.

If you’d like a fast method of highlighting paragraphs of text (e.g. for copying and pasting) without having to click and drag your mouse to a specific point, here’s how to do it.

To quickly highlight a paragraph/several paragraphs of text you’re viewing in a browser:

– Click in front of the words you want to select.

– Holding down the shift key, click at the end of the passage you want to highlight.

– The whole section between those clicks should now be highlighted.

– The same method also works in reverse, e.g. clicking first at the end of the passage you’d like to highlight.