Tag: websites

‘We Were Wrong’: An Oral History of WIRED’s Original Website

[ad_1]

Kevin: When we went to do the IPO, it was very, very clear that the digital side was far more valuable than the magazine side. That was the beginning of the craziness. Here’s a magazine that has a lot of revenue, respectability, great enthusiasm, and support from the readership. And here’s this really weird digital side that’s worth 10 times the magazine.

Jane: When Condé Nast bought WIRED and Lycos bought HotWired, the company combined was worth less than the company separated. To this day, we liken it to Nike deciding to sell their footwear to Puma and their apparel to Adidas. Why would you do that? Why would you take the premier brand that had both the technical credibility as well as the upside of the lifestyle and culture stuff and pull it apart?

Jeff: It was a very traditional and typical tech acquisition where the startup gets acquired and comes into the bigger corporate culture. It just doesn’t work very well.

Jane: Louis and I were so crestfallen, heartbroken, and devastated, and everyone’s like, “Yeah, but everyone got rich.” That was not the point. It was a very, very difficult time.

June: Almost all of us started to feel a pretty profound sense of loss and grief that the culture we knew, the values we believed in as innovators and creators, had been lost. That the industry was no longer about innovation, invention, creativity, and certainly not about democratization. That everything was about money.

Well, maybe. There are 5.45 billion internet users on planet Earth, and sure, some of them are bad actors—no argument from WIRED. But most of us are still raving around the internet, hanging with pals, cruising for jobs and mates, catching up on gossip and news, buying and selling stuff, and finding fellow travelers who share our woes and our passions. And, yes, a slice of us are into fraud, abuse, and bad ideology. Did HotWired not anticipate that humans would be human?

A day at the HotWired office

Photograph: Courtesy of Julie Chiron; TREATMENT: JAMES MARSHALL

Ian: Back in those days, we’d say, The nice thing about the internet is how safe it is. Everybody’s there to help you, and everybody just wants to do good things. People asked, Why require passwords for stuff, because who’s going to do anything terrible on the internet?

Kevin: Today, a new thing comes along and people immediately say, “I don’t know what it is, but it’s going to hurt me. It’s going to bite me.” That’s definitely a change that wasn’t present when we were starting.

Jeff: But nostalgia can be dangerous. It was really hard what we did, and stressful, and we didn’t know what we were doing. When people say, “If we could only go back to then,” I’m like, no, we only had modems. It was terrible.

John P: As a business, HotWired failed. But all that stuff that we were doing, it was scientific investigation.

Jonathan: We thought the internet was going to be good for people. We were wrong.

Jeff: I still feel like literally anybody with an idea can start hacking on the web or making apps or things like that. That’s all still there. I think the nucleus of what we started back then still exists on the web, and it still makes me really, really happy.

John: We were lucky with WIRED. With HotWired there was no choice, and we couldn’t do it differently if we went back and tried. But we were unlucky to be first.

Condé Nast eventually bought WIRED’s website too—in 2006.

Animation: James Marshall

Let us know what you think about this article. Submit a letter to the editor at [email protected].

[ad_2]

Source link

October 29, 2024
Why It’s So Hard to Fully Block X in Brazil

[ad_1]

The social network X has been largely inaccessible in Brazil since Saturday, after the country’s Supreme Court ordered all mobile and internet service providers to block the platform. The court order followed a months-long dispute between Judge Alexandre de Moraes and X CEO Elon Musk over the company’s misinformation, hate speech, and moderation policies.

With Brazil’s population of 215 million people, a mature democracy, a sprawling land mass, and more than 20,000 internet service providers, it isn’t straightforward to block a web platform in the South American nation. And while the biggest ISPs have implemented the ban, many are still scrambling to comply with the order, leaving a patchwork of access to the site.

“Brazil has made headway blocking X on the main internet providers, but our telemetry indicates there’s a long tail of local and regional ISPs where the service is still available,” says Isik Mater, director of research at the internet censorship analysis group NetBlocks.

The Open Observatory of Network Interference reported that a similar progression played out in when Brazil’s Federal Police obtained a court order in April 2023 for ISPs to block the communication platform Telegram because it would not fully share information about users involved in neo-Nazi group chats. Some large ISPs began blocking Telegram immediately; “however, the block was not implemented by all ISPs in Brazil, nor was it implemented in the same way,” the group wrote. “This suggests lack of coordination between providers, and that each ISP implemented the block autonomously.”

A similar progression has been playing out with the X ban. Brazil’s 20,000 ISPs produce a notably competitive market, but only a few have infrastructure nationwide. About 40 percent are tiny regional providers with 5,000 customers or fewer. The human and digital rights watchdog Freedom House rates Brazil’s internet freedom as “partly free” and trending to be more restrictive, because of the country’s far reaching efforts to crack down on political misinformation in recent years and its three-day ban on Telegram. Brazil also blocked the secure communication platform WhatsApp in December 2015 and again in May 2016 because it did not respond to similar data requests.

Brazil’s National Telecommunications Agency ANATEL did not respond to WIRED’s multiple requests for comment.

Unlike in countries including Russia, Iran, and China, there is currently no legal apparatus or technical infrastructure by which the Brazilian government can systematically and comprehensively restrict access to particular websites or online platforms or impose connectivity blackouts on its citizens.

Reports indicate that many Brazilian ISPs that have implemented the ban are using the technique known as “DNS filtering” to block access to X. The Domain Name System is the internet’s phonebook for looking up the IP addresses associated with URLs like www.wired.com. DNS queries are sent to a DNS “resolver” that does the IP address lookups, and ISPs can configure their resolvers to filter or block requests for particular websites.

Mobile apps like X’s Android and iOS apps don’t rely on DNS, though, so DNS filtering alone is not enough to block all connections to a web platform. Some Brazilian ISPs seem to also be using IP address “sinkholing”—redirecting online traffic to a different server than the users intended to visit—as a way to send traffic meant for X into the abyss.

“We’re seeing variation by provider in Brazil and right now it looks they’re each trying their own thing to see what works,” NetBlocks’ Mater says. “Brazil has a diverse network infrastructure with lots of ways for data to enter and leave the country, so there isn’t that centralized choke point and ‘kill switch’ we see in [some] authoritarian-leaning countries.”

VPN usage has surged in Brazil this week under the ban as a way around ISP attempts to block X, but the court order ban includes a provision that people could be charged a fine of 50,000 reais—about $8,900—per day for using circumvention tools like VPNs.

[ad_2]

Source link

September 5, 2024
Major Sites Are Saying No to Apple’s AI Scraping

[ad_1]

In a separate analysis conducted this week, data journalist Ben Welsh found that just over a quarter of the news websites he surveyed (294 of 1,167 primarily English-language, US-based publications) are blocking Applebot-Extended. In comparison, Welsh found that 53 percent of the news websites in his sample block OpenAI’s bot. Google introduced its own AI-specific bot, Google-Extended, last September; it’s blocked by nearly 43 percent of those sites, a sign that Applebot-Extended may still be under the radar. As Welsh tells WIRED, though, the number has been “gradually moving” upward since he started looking.

Welsh has an ongoing project monitoring how news outlets approach major AI agents. “A bit of a divide has emerged among news publishers about whether or not they want to block these bots,” he says. “I don’t have the answer to why every news organization made its decision. Obviously, we can read about many of them making licensing deals, where they’re being paid in exchange for letting the bots in—maybe that’s a factor.”

Last year, The New York Times reported that Apple was attempting to strike AI deals with publishers. Since then, competitors like OpenAI and Perplexity have announced partnerships with a variety of news outlets, social platforms, and other popular websites. “A lot of the largest publishers in the world are clearly taking a strategic approach,” says Originality AI founder Jon Gillham. “I think in some cases, there’s a business strategy involved—like, withholding the data until a partnership agreement is in place.”

There is some evidence supporting Gillham’s theory. For example, Condé Nast websites used to block OpenAI’s web crawlers. After the company announced a partnership with OpenAI last week, it unblocked the company’s bots. (Condé Nast declined to comment on the record for this story.) Meanwhile, Buzzfeed spokesperson Juliana Clifton told WIRED that the company, which currently blocks Applebot-Extended, puts every AI web-crawling bot it can identify on its block list unless its owner has entered into a partnership—typically paid—with the company, which also owns the Huffington Post.

Because robots.txt needs to be edited manually, and there are so many new AI agents debuting, it can be difficult to keep an up-to-date block list. “People just don’t know what to block,” says Dark Visitors founder Gavin King. Dark Visitors offers a freemium service that automatically updates a client site’s robots.txt, and King says publishers make up a big portion of his clients because of copyright concerns.

Robots.txt might seem like the arcane territory of webmasters—but given its outsize importance to digital publishers in the AI age, it is now the domain of media executives. WIRED has learned that two CEOs from major media companies directly decide which bots to block.

Some outlets have explicitly noted that they block AI scraping tools because they do not currently have partnerships with their owners. “We’re blocking Applebot-Extended across all of Vox Media’s properties, as we have done with many other AI scraping tools when we don’t have a commercial agreement with the other party,” says Lauren Starke, Vox Media’s senior vice president of communications. “We believe in protecting the value of our published work.”

[ad_2]

Source link

August 29, 2024
Thousands of Corporate Secrets Were Left Exposed. This Guy Found Them All

[ad_1]

If you know where to look, plenty of secrets can be found online. Since the fall of 2021, independent security researcher Bill Demirkapi has been building ways to tap into huge data sources, which are often overlooked by researchers, to find masses of security problems. This includes automatically finding developer secrets—such as passwords, API keys, and authentication tokens—that could give cybercriminals access to company systems and the ability to steal data.

Today, at the Defcon security conference in Las Vegas, Demirkapi is unveiling the results of this work, detailing a massive trove of leaked secrets and wider website vulnerabilities. Among at least 15,000 developer secrets hard-coded into software, he found hundreds of username and password details linked to Nebraska’s Supreme Court and its IT systems; the details needed to access Stanford University’s Slack channels; and more than a thousand API keys belonging to OpenAI customers.

A major smartphone manufacturer, customers of a fintech company, and a multibillion-dollar cybersecurity company are counted among the thousands of organizations that inadvertently exposed secrets. As part of his efforts to stem the tide, Demirkapi hacked together a way to automatically get the details revoked, making them useless to any hackers.

In a second strand to the research, Demirkapi also scanned data sources to find 66,000 websites with dangling subdomain issues, making them vulnerable to various attacks including hijacking. Some of the world’s biggest websites, including a development domain owned by The New York Times, had the weaknesses.

While the two security issues he looked into are well-known among researchers, Demirkapi says that turning to unconventional datasets, which are usually reserved for other purposes, allowed thousands of issues to be identified en masse and, if expanded, offers the potential to help protect the web at large. “The goal has been to find ways to discover trivial vulnerability classes at scale,” Demirkapi tells WIRED. “I think that there’s a gap for creative solutions.”

Spilled Secrets; Vulnerable Websites

It is relatively trivial for a developer to accidentally include their company’s secrets in software or code. Alon Schindel, the vice president of AI and threat research at the cloud security company Wiz, says there’s a huge variety of secrets that developers can inadvertently hard-code, or expose, throughout the software development pipeline. These can include passwords, encryption keys, API access tokens, cloud provider secrets, and TLS certificates.

“The most acute risk of leaving secrets hard-coded is that if digital authentication credentials and secrets are exposed, they can grant adversaries unauthorized access to a company’s code bases, databases, and other sensitive digital infrastructure,” Schindel says.

The risks are high: Exposed secrets can result in data breaches, hackers breaking into networks, and supply chain attacks, Schindel adds. Previous research in 2019 found thousands of secrets were being leaked on GitHub every day. And while various secret scanning tools exist, these largely are focused on specific targets and not the wider web, Demirkapi says.

During his research, Demirkapi, who first found prominence for his teenage school-hacking exploits five years ago, hunted for these secret keys at scale—as opposed to selecting a company and looking specifically for its secrets. To do this, he turned to VirusTotal, the Google-owned website, which allows developers to upload files—such as apps—and have them scanned for potential malware.

[ad_2]

Source link

August 11, 2024
This Solar Eclipse Simulator Helps You Find the Best Place to Watch From

[ad_1]

A total solar eclipse is coming to North America on April 8. The Great North American Eclipse, as it has been dubbed, will be visible across 13 US States, plus parts of Mexico and eastern Canada. But it will not look the same for everybody.

For those living along the path of totality—the projection of the moon’s shadow on the Earth’s surface—the celestial event is bound to delight. For everyone else, experiencing the total eclipse will require extensive planning … which, if you’re organized, should’ve already happened, but let’s face it, it probably has not.

I, for one, was considering Lexington, Kentucky, as my viewing venue. I had read that the eclipse there would be “deep partial,” but having never before witnessed a solar eclipse, I wasn’t sure whether that was good enough. My quest to find out led me to a nifty solar eclipse simulator that helps users visualize what April’s solar eclipse will look like from any city, town, mountain peak, or desolate patch of land in the northern hemisphere. To feed your imagination as you “try out” various locations, the simulator lets you set choose one of more than 50 landscapes to match the vibe you’re looking for—a city skyline, a snowy mountain range, or a placid lakefront. You can drag a slider on a timeline and watch the sun and the moon glide across your screen until they become one as the sky turns a dusky shade of blue.

The tool, which is based on centuries-old astronomical calculations as well as modern data, was built by Dan McGlaun, a retired mathematician from Purdue University and a self-professed geek who has been chasing eclipses since he was 10 years old. To date, McGlaun has witnessed 15 eclipses from incongruous places like airplanes and cruise ships. “I went to Kenya for an 11-second eclipse and it was the best day of my life,” he says.

The solar eclipse simulator is a side feature of McGlaun’s main website, through which he sells eclipse safety glasses. (These protective shades are an absolute must if you’re planning to look up at the sky during the eclipse.) But it only takes a minute on the phone with McGlaun to understand that the simulator is an absolute labor of love and the safety glasses business exists to fund it.

In 2017, McGlaun built a smartphone app that allowed people to choose an eclipse-viewing location on a map of the US to find out whether their chosen spot was in the path of totality for the eclipse during August of that year. Now, he’s furthered his effort to “evangelize eclipses” by building a more complex simulator, this one with an educational bent.

It took less than a minute of tinkering for me to understand that I would not be spending April 8 in Lexington, Kentucky, for the simple reasons that a partial eclipse—however “deep”—was nowhere near as impressive as the total eclipse I saw (on my screen) in places like Dallas, Texas, or Mazatlan, Mexico.

[ad_2]

Source link

February 24, 2024
This Tiny Website Is Google’s First Line of Defense in the Patent Wars

[ad_1]

A trio of Google engineers recently came up with a futuristic way to help anyone who stumbles through presentations on video calls. They propose that when algorithms detect a speaker’s pulse racing or “umms” lengthening, a generative AI bot that mimics their voice could simply take over.

That cutting-edge idea wasn’t revealed at a big company event or in an academic journal. Instead, it appeared in a 1,500-word post on a little-known, free website called TDCommons.org that Google has quietly owned and funded for nine years. Until WIRED received a link to an idea on TDCommons last year and got curious, Google had never spoken with the media about its website.

Scrolling through TDCommons, you can read Google’s latest ideas for coordinating smart home gadgets for better sleep, preserving privacy in mobile search results, and using AI to summarize a person’s activities from their photo archives. And the submissions aren’t exclusive to Google; about 150 organizations, including HP, Cisco, and Visa, also have posted inventions to the website.

The website is a home for ideas that seem potentially valuable but not worth spending tens of thousands of dollars seeking a patent for. By publishing the technical details and establishing “prior art,” Google and other companies can head off future disputes by blocking others from filing patents for similar concepts. Google gives employees a $1,000 bonus for each invention they post to TDCommons—a tenth of what it awards its patent seekers—but they also get an immediately shareable link to gloat about otherwise secretive work.

TDCommons adds to Google’s long-standing, and far more vocal, efforts to carve out greater space for freewheeling innovation in an industry where patents can be used to hobble or extract cash from competitors. The site may be dowdy and obscure, but it does the trick. “The beauty of defensive publications is that this website can be pretty simple,” says Laura Sheridan, Google’s head of patent policy. “It needs to establish a date. And it needs to have documents be accessible. There’s not much more we need to do.”

In reality, the experiment has struggled to cut through government bureaucracy and overcome competition from more robust archives. Sheridan acknowledges it’s a work in progress. TDCommons needs a bigger flow of uploads to become less peculiar and more vital. It offers a unique hope of expanding public access to the technical creativity happening inside corporate walls—and shifting more resources toward that work.

Playing Defense

The strategy underpinning TDCommons dates back decades to the 1950s, when invention powerhouses IBM and later Xerox began publishing journals filled with what they called technical disclosures. They’d then ship the journals to patent offices, in part to serve as prior art, staking a claim on the ideas contained within. About 84 percent of patent applications denied by the US Patent and Trademark Office in the 12 months ending September 2023 were scuppered at least in part by prior art, according to the agency.

During the early-2000s internet boom, entrepreneurs saw an opportunity to bring these defensive publications, or dpubs, to databases online. IP.com is widely considered the leader, with 215,000 inventions uploaded so far and searchable access to millions of additional documents from outlets including open-access research library arXiv.org. Unlike TDCommons, posting to or accessing IP.com isn’t free. Uploading a dpub costs $395 for up to 25 pages, while viewers pay $40 for individual downloads or $49 monthly for unlimited access. The USPTO is one of IP.com’s largest customers, according to the company, with subscriptions for most of the agency’s 9,200 examiners and supervisors.

[ad_2]

Source link

February 20, 2024
The Far-Right's Favorite Web Host Has a Shadowy New Owner

[ad_1]

Known for doing business with far-right extremist websites, Epik has been acquired by a company that specializes in helping businesses keep their operations secret.

[ad_2]

Source link

February 8, 2024