Software engineers get the ball rolling as they wait for quantum computers to arrive, a number of public Salesforce sites leak private data and the first wooden transistor is here.
These top tech news stories and more for Wednesday, May 3rd, 2023. I’m your guest host, James Roy.
We’ve heard a lot of endless superpowers of quantum computers, be it to revolutionize medical research or solve climate change. Millions are being poured into these machines, hailed as being a million times faster than today’s fastest computers. But they are yet to hit the market.
However, quantum startups are getting creative despite lacking these powerful computers.
QC Ware, a software startup initially focused only on software that could run on quantum computers.
But the company now said it needed to change tack to find a solution until the future quantum machines arrive.
Investors are not shying away either, despite the dismal stock performance of publicly-listed quantum computer companies. QC Ware, in fact, raised more than $33 million.
What these startups are doing is nothing short of brilliant;
They are developing a new breed of software inspired by algorithms used in quantum physics which is a branch of science that studies the fundamental building blocks of nature.
These algorithms, once too big for conventional computers, are being put to work thanks to today’s powerful artificial intelligence chips.
QC Ware CEO, Matt Johnson said it turned to Nvidia’s GPUs to “figure out how can we get them something that is a big step change in performance … and build a bridge to quantum processing in the future.”
This week, QC Ware is unveiling a quantum-inspired software platform called Promethium that will simulate chemical molecules – to see how they interact with things like protein – on a traditional computer using GPUs.
The company’s head of quantum chemistry said the software can cut simulation time from hours to minutes for molecules of 100 atoms, and months to hours for molecules of up to 2000 atoms, compared with existing software solutions.
According to a report by KrebsOnSecurity, a number of organizations, including banks, healthcare and government agencies are leaking private and sensitive information through their public Salesforce Community websites.
Reportedly, the leaking stems from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.
Salesforce Community is a widely-used cloud-based software that makes it easy for organizations to create websites.
Customers can access a Salesforce Community website by either logging in or through guest user access, which allows unauthenticated users to view specific content and resources, without logging in.
But sometimes Salesforce administrators also mistakenly grant users access to internal resources which can cause unauthorized access and data leaks.
The state of Vermont, for instance, allowed guest access to sensitive data to at least five separate Salesforce Community websites, including one for a Pandemic Unemployment Assistance program that exposed applicants’ full name, SIN number, phone number, bank account number and more.
Vermont’s Chief Information Security Officer Scott Carbee said, “During the pandemic, we were largely standing up tons of applications, and let’s just say a lot of them didn’t have the full benefit of our dev/ops process. In our case, we didn’t have any native Salesforce developers when we had to suddenly stand up all these sites.”
But, Carbee also denounced “the permissive nature of the platform”
On Monday, KrebsOnSecurity notified Washington D.C. city administrators that at least five different public DC Health websites were leaking sensitive information.
Interim CISO, Mike Rupert said the District had hired a third party to investigate and it revealed that the District’s IT systems were not vulnerable to data loss.
But after being presented with a document including the Social Security number of a health professional in D.C. that was downloaded in real-time from the DC Health public Salesforce website, Rupert acknowledged his team had overlooked some configuration settings.
Meanwhile, Salesforce maintains that the data exposures are not the result of a vulnerability inherent to Salesforce but occur when customers’ access control permissions are misconfigured.
In a written statement, Salesforce said it is actively focused on data security for organizations with guest users, and that it continues to release “robust tools and guidance for our customers.”
The Federal Trade Commission (FTC) has a new proposed rule to fight the absolute headache that canceling subscriptions can be.
The proposed provision, Click-to-Cancel, seeks to make it as easy to cancel enrollment as it was to sign up.
FTC Chair Lina M. Khan said, “Some businesses too often trick consumers into paying for subscriptions they no longer want or didn’t sign up for in the first place.The proposal would save consumers time and money, and businesses that continued to use subscription tricks and traps would be subject to stiff penalties.”
The new proposal will mandate a simple cancellation mechanism. For instance, if you signed up online, you must be able to cancel on the same website in the same number of steps.
Secondly, the proposal would require sellers to ask customers whether they want to be pitched other offers upon cancellation. Sellers must take no for an answer if that’s the case and immediately expedite the cancellation process.
Finally, and that, no doubt would be helpful to many of us, the proposed rule would require sellers to provide an annual reminder to consumers enrolled in subscriptions, before they are automatically renewed.
Akash Nigam, CEO of avatar technology company Genies revealed to Insider that he is spending $2,400 a month on ChatGPT accounts for all 120 of his employees as part of an experiment to boost productivity.
Nigam says he is already seeing stuff getting done faster.
He said that Genies’ R&D team, for instance, has used ChatGPT to answer math and coding questions, get advice on how to debug code, and generate scripts for presentations based on outlines. Other employees have used it to generate creative briefs, write legal documents and answer technical questions.
Not everyone is using ChatGPT but he is encouraging everyone to make learning the technology a priority.
Employees who are more productive as a result of using ChatGPT will be up for a raise or a promotion. Others, he says, will fall behind
He also believes that the use of the technology can help his company reduce costs as he will need to hire less employees.
Genies is not the only company diving head first with ChatGPT. Amazon, Microsoft and design firm Pure Fusion Media have also strongly encouraged employees to use AI.
The link between increased cyberthreats and AI however, remains unclear. Some say it might be overblown.
John Dwyer, head of research at IBM Security X-Force, told Axios, “Cybercriminals are often looking for the simplest, quickest schemes to make money, and bringing today’s AI into play doesn’t fit that bill.”
If anything, it’s cyber defenders who will exploit AI to counter the run-of-the-mill security holes that criminals keep exploiting.
Palo Alto Networks and Mandiant are the big names already playing around ChatGPT and other AI tools to improve their security products.
Michael Sikorski, CTO of Palo Alto Networks’ threat intelligence team revealed that most of the malicious code spewed by AI tools are repurposed from previous attacks. He adds, maybe they are faster, but they are not new. And it’s definitely not trained on how to write a zero-day or find or exploit a vulnerability.
Plus, according to Chester Wisniewski, field CTO of applied research at Sophos, most hackers do not double up as data scientists or are not training the AI models themselves. They’ll need to bring make enough money from the malicious AI for it to be worth it.
But, Wisniewski says, “the upside is the good guys do have data scientists, and many of us do spend millions of dollars in the cloud on GPUs”
However, we still need to be wary. Many cybercriminals are using simple AI tools to get people to respond to phishing emails and scam texts.
And many companies continue to suffer from attacks with already publicly known flaws that companies failed to patch.
Rob Joyce, director of cybersecurity at the National Security Agency, said during the RSA Conference, “I’ll tell you, buckle up. Next year, if we’re talking a similar year in review, we’ll have a bunch of examples of where it’s been used and where it’s succeeded.”
Swedish researchers have built what they claim is the world’s first wooden transistors.
It’s shaped like a T and made from three pieces of balsa wood.
The top of the T served as the transistor channel, with a source at one end and a drain at the other, while the vertical portion of the T used two pieces of balsa with a gap between them to form the transistor’s gate pieces.
Before you start gathering your tools and your balsa wood, remember that in order to make the wood conductive, the researchers had to expose it to heat and use chemicals to replace the lignin with conductive polymer.
Once filled with the polymer and assembled, the Swedish team achieved conductivity up to 69 Sm-1, and were also able to prove the device’s effectiveness as a double-gate organic electrochemical transistor and functional on/off switch.
Previous wooden transistors could only regulate ions transport and would stop functioning once the ion ran out. This one does not work like that and still functions without deteriorating.
But, unfortunately this breakthrough is not going to revolutionize the semiconductor industry. The balsa wood transistor is neither small nor fast. It’s so slow it’s unable to switch off under a second and switching on takes a full five seconds. Not exactly super computing speeds.
But for the researchers, this “proves that it is possible to modulate the electrical conductivity of the electroactive wood by applying an external voltage.”
Source: The Register
One of our listeners sent in a note about yesterday’s story where we reported that Pornhub was pulling out of Utah. Apparently searches for Virtual Private Networks (VPNs) that allow people to disguise their location went off the charts. Probably a coincidence – just a lot of folks trying to watch Charles’ coronation on BritBox. I mean it’s Utah – they wouldn’t….
Thanks to Nemanja for that – we love your comments, keep it coming.
That’s the top tech news for today. We go to air with a daily newscast five days a week, as well as a special weekend interview with an expert on topics relevant to today’s tech news.
Follow Hashtag Trending on Google, Apple, Spotify or wherever you get your podcasts. And you can even get us on your Alexa or Google smart speaker. You can even find us on YouTube as TechNewsDay.
You can reach our CIO, Jim Love on LinkedIn, Twitter, or on Mastodon as @therealjimlove on our Mastodon site technews.social. Or if that’s too much, just leave a comment under the text version at itworldcanada.com/podcasts Click the check mark or the X you’ll get to send a message that comes right to me.
I’m your host, James Roy. Have a Wonderful Wednesday!