Collaborating Authors

Personal Assistant Systems

Man held up by stun gun on online date gone horribly wrong

FOX News

Strict laws, lack of shops and pandemic-related delays are making it harder for Americans to purchase guns in crime-ridden cities; attorney and gun rights activist Colion Noir weighs in. Authorities said a man from Boston had a stun gun pulled on him Tuesday morning, as he was being robbed by a woman he met through an online dating app. The unidentified man rendezvoused with the young woman at a local hotel, the Associated Press reported. He told police the two talked for about 30 minutes before she pointed a Taser stun gun at him and began rifling through his pockets. She allegedly stole $100 in cash before law enforcement was called in.

This mesh WiFi system is on sale — and includes a free Amazon Echo Show


TL;DR: You can buy the convenient eero AC dual-band mesh WiFi system three-pack for only $199.99 at Best Buy as of Aug. 13. You save $50 and receive a free Amazon Echo Show 5 smart display valued at $89.99. A solid internet connection is our most important resource when working, studying, or doing almost anything from home. But it's harder to maintain these days if your home WiFi network is a constant battle for bandwidth between streaming, online gaming, virtual learning, or working from home, if you have that luxury. To guarantee a strong signal in every corner of your house, then it's time to invest in a discounted but powerful WiFi mesh system at Best Buy. Get a three-pack of the eero AC dual-band mesh WiFi system for just $199.99 at Best Buy.

Alexa, have you been hacked? New research finds major security flaws in Amazon’s virtual assistant


"Alexa, is a hacker listening to everything I say to you?" Cybersecurity firm Check Point just published its latest research into Amazon's virtual assistant Alexa. The report details major vulnerabilities allowing hackers to access your Alexa account and, in turn, your personal data. "Our findings show that certain Amazon/Alexa subdomains were vulnerable to Cross-Origin Resource Sharing (CORS) misconfiguration and Cross Site Scripting," reads the report. "Using the XSS we were able to get the CSRF token and perform actions on the victim's behalf." Translation: The flaws allowed malicious actors to install and delete skills -- anything from legitimate news apps to malicious skills developed by the hackers to steal your info -- on your Alexa account and obtain your personal information through those skills.

Amazon's Echo Show 5 is the perfect accessory for your desk

USATODAY - Tech Top Stories

You can choose from a variety of customizable clock faces to match your home's décor. Amazon's Echo Show 5 may be small, but it's loaded with many of the same features as bigger and more expensive models like the 2nd-generation Echo Show and Echo Show 8. The Echo Show 5 is great for tight spaces like desks, nightstands, and other books of the home. It comes with a front-facing camera so you can video chat with friends and family. The screen is bright and the resolution, while lower than other small smart displays, is pretty sharp given its petite size.

Amazon's Alexa has serious privacy flaws, researchers find

FOX News

Fox News Flash top headlines are here. Check out what's clicking on Flaws in Amazon's Alexa were serious enough that a user "in just one-click" could have handed over their voice history, home address and control of their Amazon account, cybersecurity firm Check Point said in a recent report. An attacker could have also silently installed, viewed and removed Alexa skills, Check Point said, referring to voice-driven Alexa apps. A hacker could have also accessed a victim's personal information, such as banking data history and usernames.

In one click: Amazon Alexa could be exploited for theft of voice history, PII, skill tampering


Amazon's Alexa voice assistant could be exploited to hand over user data due to security vulnerabilities in the service's subdomains. The smart assistant, which is found in devices such as the Amazon Echo and Echo Dot -- with over 200 million shipments worldwide -- was vulnerable to attackers seeking user personally identifiable information (PII) and voice recordings. Check Point Research said on Thursday that the security issues were caused by Amazon Alexa subdomains susceptible to Cross-Origin Resource Sharing (CORS) misconfiguration and cross-site scripting (XSS) attacks. When Check Point first began examining the Alexa mobile app, the company noticed the existence of an SSL mechanism that prevents traffic inspection. However, the script used could be bypassed using the Frida SSL universal unpinning script.

An Alexa Bug Could Have Exposed Your Voice History to Hackers


Smart-assistant devices have had their share of privacy missteps, but they're generally considered safe enough for most people. New research into vulnerabilities in Amazon's Alexa platform, though, highlights the importance of thinking about the personal data your smart assistant stores about you--and minimizing it as much as you can. Findings published on Thursday by the security firm Check Point reveal that Alexa's web services had bugs that a hacker could have exploited to grab a target's entire voice history, meaning their recorded audio interactions with Alexa. Amazon has patched the flaws, but the vulnerability could have also yielded profile information, including home address, as well as all of the "skills," or apps, the user had added for Alexa. An attacker could have even deleted an existing skill and installed a malicious one to grab more data after the initial attack.

Exploring GPT-3: A New Breakthrough in Language Generation - KDnuggets


It seems like only last year that we were arguing about whether the slow-release rollout of the 1.5 billion parameter Generative Pretrained Transformer-2 (GPT-2) was reasonable. If the debate seems recent, that's because it is (writing from 2020): The notorious GPT-2 model was announced by OpenAI in February 2019, but it wasn't fully released until nearly 9 months later (although it was replicated before that). The release schedule was admittedly somewhat experimental, meant more to foster discussion of responsible open publishing, rather than a last-ditch effort to avert an AI apocalypse. All that is a bit moot by now because not only has OpenAI trained a much larger language model in GPT-3, but you can sign up to access it through their new API. Comparing GPT-3 to GPT-2 is like comparing apples to, well, raisins, because the model is about that much larger.

Chinese Artificial Intelligence Firm Sues Apple for $1.4 Billion Over Siri


The company is calling for 10 billion yuan ($1.4 billion) in damages and demands that Apple cease "manufacturing, using, promising to sell, selling, and importing" products that infringe on the patent, it said in a social media post. In the lawsuit filed in a local Chinese court, Xiao-i argued that Apple's voice-recognition technology Siri infringes on a patent that it applied for in 2004 and was granted in 2009. In a statement, Apple said that its Siri does not contain features included in the Xiao-i patent, which the iPhone maker argues relates to games and instant messaging. The company also said that independent appraisers certified by the Supreme People's Court have concluded that Apple does not infringe Xiao-i Robot's technology. "We are disappointed Xiao-i Robot has filed another lawsuit," Apple said in a statement.

Police: Woman met man on dating app, held him up using a pink taser

Boston Herald

And then there are really bad dates. A Washington state woman with a pink taser was arrested on Tuesday after she was accused of trying to hold up a man she had met online, Boston police said. Selena Rivera-Apodaca, 24, of Kent, Wash., is expected to be arraigned in Boston Municipal Court on Wednesday on a charge of armed robbery. Shortly before noon on Tuesday, officers went to the Hyatt Regency Hotel at 1 Avenue De LaFayette in response to a radio call about an armed robbery. When they arrived, police said, officers were met by a man who said he had met a woman on an online dating app.