--Large language models (LLMs) have transformed natural language processing, but their ability to memorize training data poses significant privacy risks. This paper investigates model inversion attacks on the Llama 3.2 model, a multilingual LLM developed by Meta. By querying the model with carefully crafted prompts, we demonstrate the extraction of personally identifiable information (PII) such as passwords, email addresses, and account numbers. Our findings highlight the vulnerability of even smaller LLMs to privacy attacks and underscore the need for robust defenses. We discuss potential mitigation strategies, including differential privacy and data sanitization, and call for further research into privacy-preserving machine learning techniques.

Conventional text style transfer approaches focus on sentence-level style transfer without considering contextual information, and the style is described with attributes (e.g., formality). When applying style transfer in conversations such as task-oriented dialogues, existing approaches suffer from these limitations as context can play an important role and the style attributes are often difficult to define in conversations. In this paper, we introduce conversation style transfer as a few-shot learning problem, where the model learns to perform style transfer by observing only a few example dialogues in the target style. We propose a novel in-context learning approach to solve the task with style-free dialogues as a pivot. Human evaluation shows that by incorporating multi-turn context, the model is able to match the target style while having better appropriateness and semantic correctness compared to utterance/sentence-level style transfer. Additionally, we show that conversation style transfer can also benefit downstream tasks. For example, in multi-domain intent classification tasks, the F1 scores improve after transferring the style of training data to match the style of the test data.

From a broad perspective as a software engineer a big part of my work consists in aligning expectations between stakeholders and creating code that transforms and forwards data. During the last 15 years I have developed software and feel fascinated by this part of computer sciences. Curiosity and interest in other topics from the same field; data sciences and machine learning, made me decide to start a simple hands-on project in order to learn and practice in a typical experiment oriented approach. After two months I had created a software different from the others I had developed so far, it "learned" from data and after that it could make "predictions", and correct ones. The software result is an International Bank Account Number (or IBAN) validator.

Google is stepping way more ahead by introducing a bunch of new features to their services in India. With these new features, users of Google assistant in India can easily get to set up their vaccination appointment while Google pay users will be able to command in Hinglish (a mixture of English and Hindi) to make any financial transaction. Google pay is now one of the most popular apps for financial transactions in India. So for adding many spices to its feature Google is going to introduce a speech text feature. With this New advanced AI, users just need to command which bank and which account number they want to send money and as soon as the recipient confirms, their money will be sent in seconds.

DefCon is an annual conference hosted every summer in Las Vegas, Nevada, where thousands of hackers from around the world congregate to learn on new technology vulnerabilities and cyberattacks. Over the past weekend in Las Vegas, Nevada, thousands of hackers congregated at the 27th annual DefCon, the world's oldest and largest running hacker convention, to learn from their peers about the latest hacking techniques. During the show, there were sessions like "Say Cheese, How I Ransomwared Your DSLR Camera" by Check Point Software security researcher Eyal Itkin (more on that in a later post), "Defeating Bluetooth Low Energy 5 For Fun", "Breaking Google Home" or "Reverse Engineering 4G Hotspots For Fun, Bugs, And Net Financial Loss". And if that's your thing, then check out the conference's schedule here as well as the event's media server where most of the presentations are available for free. In this report, I'll focus on the presentation titled "Black Mirror: You Are Your Own Privacy Nightmare–The Hidden Threat of Paying For Subscription Services" given by security expert Cat Murdock on how she used information from online subscription services like Netflix, Apple Music or Spotify to access a banking account and steal confidential financial information.

Applications using gesture-based human-computer interface require a new user login method with gestures because it does not have a traditional input method to type a password. However, due to various challenges, existing gesture-based authentication systems are generally considered too weak to be useful in practice. In this paper, we propose a unified user login framework using 3D in-air-handwriting, called FMCode. We define new types of features critical to distinguish legitimate users from attackers and utilize Support Vector Machine (SVM) for user authentication. The features and data-driven models are specially designed to accommodate minor behavior variations that existing gesture authentication methods neglect. In addition, we use deep neural network approaches to efficiently identify the user based on his or her in-air-handwriting, which avoids expansive account database search methods employed by existing work. On a dataset collected by us with over 100 users, our prototype system achieves 0.1% and 0.5% best Equal Error Rate (EER) for user authentication, as well as 96.7% and 94.3% accuracy for user identification, using two types of gesture input devices. Compared to existing behavioral biometric systems using gesture and in-air-handwriting, our framework achieves the state-of-the-art performance. In addition, our experimental results show that FMCode is capable to defend against client-side spoofing attacks, and it performs persistently in the long run. These results and discoveries pave the way to practical usage of gesture-based user login over the gesture interface.

Artificial intelligence (AI) is fast becoming the defining technology of our age. As with any new technology however, bad actors are equally adept at harnessing its power for their own nefarious ends. The power of AI has seen fraudsters increasingly able to penetrate banking and payment systems. As in any conflict, there is an arms race between the defenders and attackers developing. In the case of card fraud, fortunately the defenders are winning.

Life on Earth has been shaped by billions of years of evolution. In fact, to be specific, it's estimated that life on Earth has existed for about 3.8 billion years. The age of the Earth is tagged at 4.543 billion years old. Thus life has, in some form or another, occupied Earth for approximately 83% of its history. What began with single-celled prokaryotic cells like bacteria, life on Earth is now teaming with more than 8.7 million different species.

I'm done with artificial intelligence. I will settle for human intelligence. Our access to human intelligence -- let's call it HI -- is increasingly limited in our online environment. Humans have become a rare species, accessed only after hours wasted waiting on the phone. Recently, I applied online for the Power Smart rebate on my new, energy-efficient heat pump that purrs away on the wall in my Saturna Island home.

It's the mantra of many a financial advisor: "It's not what you spend that matters. But the mantra of many respondents is "easier said than done." In hopes of making saving easier, San Francisco-based start-up Digit created a chatbot that helps you put money aside by analyzing your spending history and daily activity. It then figures out where to siphon off small sums of cash on a regular basis. To see how well the bot's algorithms work, I decided to try it out. It took me less than a minute to sign up on Digit's website, where I handed over my email address and mobile phone number. After verifying the email and providing my bank login credentials, the bot kicked in. Within a few days, it started to withdraw small amounts of money (between 0 and 150). The bot isn't supposed to transfer more than you can afford but if it does cause an overdraft, Digit refunds the fee. The funds are then held by Digit in what they call your "Digit account." To withdraw funds you text the bot and the ...