Comment on Malicious NPM packages are part of a malware “barrage” hitting repositories

Enlarge (credit: Kaspersky Lab) The Biden administration will ban all sales of Kaspersky antivirus software in the US starting in July, according to reporting from Reuters and a filing from the US Department of Commerce (PDF). The US believes that security software made by Moscow-based Kaspersky Lab represents a national security risk, and that the Russian government could use Kaspersky's software to install malware, block other security updates, and "collect and weaponize the personal information of Americans," said US Commerce Secretary Gina Raimondo. “When you think about national security, you may think about guns and tanks and missiles,” said Raimondo during a press briefing, as reported by Wired.

Enlarge (credit: Anthropic / Benj Edwards) On Thursday, Anthropic announced Claude 3.5 Sonnet, its latest AI language model and the first in a new series of "3.5" models that build upon Claude 3, launched in March. Claude 3.5 can compose text, analyze data, and write code. It features a 200,000 token context window and is available now on the Claude website and through an API.

Enlarge (credit: Aurich Lawson | Getty Images) Pornhub will soon be blocked in five more states as the adult site continues to fight what it considers privacy-infringing age-verification laws that require Internet users to provide an ID to access pornography. On July 1, according to a blog post on the adult site announcing the impending block, Pornhub visitors in Indiana, Idaho, Kansas, Kentucky, and Nebraska will be "greeted by a video featuring" adult entertainer Cherie Deville, "who explains why we had to make the difficult decision to block them from accessing Pornhub." Pornhub explained that—similar to blocks in Texas, Utah, Arkansas, Virginia, Montana, North Carolina, and Mississippi—the site refuses to comply with soon-to-be-enforceable age-verification laws in this new batch of states that allegedly put users at "substantial risk" of identity theft, phishing, and other harms.

Enlarge / The Tourbillon is recognizable as a modern Bugatti, but it's very different under the skin. (credit: Bradley Iger) Since the launch of the hypercar-defining Veyron back in 2005, modern Bugattis have served as benchmarks for straight-line performance and no-expense-spared automotive engineering. At a time when a 300 horsepower Mustang GT was something to crow about, the quad-turbocharged, W16-powered Veyron offered more than a thousand, metric (987 hp/736 kW). Perhaps more importantly, and in contrast to most other world-beating performance cars, the Veyron wasn't presented as some skunkworks project that had been pushed to the ragged edge.

Enlarge / Signage outside a Dell campus. (credit: Getty) Big tech companies are still trying to rally workers back into physical offices, and many workers are still not having it. Based on a recent report, computer-maker Dell has stumbled even more than most. Dell announced a new return-to-office initiative earlier this year.

Enlarge (credit: Aurich Lawson | Getty Images) It's one of the world's worst-kept secrets that large language models give blatantly false answers to queries and do so with a confidence that's indistinguishable from when they get things right. There are a number of reasons for this. The AI could have been trained on misinformation; the answer could require some extrapolation from facts that the LLM isn't capable of; or some aspect of the LLM's training might have incentivized a falsehood. But perhaps the simplest explanation is that an LLM doesn't recognize what constitutes a correct answer but is compelled to provide one.