Feed aggregator

Three NASA astronauts and a Russian cosmonaut splashed down off the Florida coast early Friday, capping a nearly eight-month science and research mission to the International Space Station.

(Image credit: Bill Stafford)

Zero-trust access is a rigorous security model that is increasingly becoming the benchmark for companies and governments. It shifts away from traditional perimeter-based security to continuously challenge and verify the identity and authorization of users and devices before granting access – even to the CEO, who has worked there for twenty years. Users are then granted only the minimum permissions necessary to perform their tasks, limiting the potential damage they can do while ensuring they can still do their jobs.

One area where zero-trust can be effective is with log file intelligence. This is because while incredibly valuable for infosecurity and threat detection, log files can also be a system vulnerability. As such, they need to be both protected at all times and accessible to those who need them.

This article explores the challenges of implementing zero-trust log file intelligence and how emerging technologies can address these challenges.

Log files: they reveal everything

Log files are digital records that reveal information about a system's activities. They are a crucial source of intelligence as, by analyzing them, organizations can gain valuable insights into network performance, identify vulnerabilities, and detect suspicious activity.

However, their value is also their threat. As if they reveal everything, then those with access to them know everything as well. For example, an attacker could use log files to track users' activities, identify privileged accounts, and steal sensitive information. Once they have used that information to access the system, they could use log files to manipulate, steal, or hold critical information to ransom.

It is, therefore, crucial to manage log file access throughout the workflow to ensure the absolute minimum access possible for analysts and cybersecurity staff and to protect them from exposure.

Step one: secure collection and storage

To protect the integrity and security of log files, collecting and storing them in real-time in a tamper-proof and isolated environment is crucial. One way to manage the collection of this large-scale log file data is with OpenTelemetry. Its standardized approach and ability to integrate with various backends, including postgres, makes it a go-to option.

Blockchain technology, meanwhile, offers an ideal solution for their storage. Its immutable nature ensures that logs cannot be altered, preserving their integrity and ensuring a compliant and transparent record. Additionally, the decentralized nature of blockchain reduces the risk of an attack with no single point of focus.

Step two: least privilege access control

Secure log management requires balancing security and productivity to ensure logs are never exposed while still enabling them to be analyzed. This is a challenge for traditional access controls like data classification, masking, and query-based access because while they can limit exposure, they can also hinder threat detection and analyst efficiency. They are also not entirely secure, with access still granted on a wide scale to the decrypted logs.

One way to achieve the least privileged access control without compromising productivity is homomorphic encryption, a cryptography solution enabling data to remain encrypted throughout its lifecycle. This is because, with homomorphic encryption, those who require access to logs for threat intelligence are able to analyze them in an encrypted state without actually being able to read them.

This encrypted access control can also be extended beyond the analysts to anyone involved in the log management. For example, admins will be able to manage the permissions and access to the logs and check access requests without ever being able to read the logs themselves with them remaining encrypted. This is true across the full breadth of zero-trust systems using homomorphic encryption with admins and any super users not having the ability to read the data under their care but still being able to manage it.

Step three: threat intelligence and response

It is crucial to limit the amount of data that is shared externally of the secure system in order to prevent potential exposure and the creation of vulnerable access points. A potential solution to this is to use native AI instead of third-party tools for the analysis.

For example a private Small Language Model (SLM) AI working within the database could provide specialized insights and machine learning on the encrypted data without that data ever being shared externally of the system. Furthermore, as it is an SLM, the results have the potential to be more accurate and free from AI hallucinations because the model is not trained on vast pools of data that may be inaccurate or biased and instead only works on the encrypted log file data and any relevant given resources.

As the logs remain encrypted at all times and access is only granted to analyze the encrypted logs on a least privilege basis, strict zero-trust security is maintained.

Final thoughts

This article has shown that zero-trust is viable regarding the complex issue of log file intelligence and management and optimal for security and privacy. After all, logs should never be exposed, and they should never be edited. What’s better for that than an immutable system of zero-trust access?

Even if you do not adopt a zero-trust approach to your log management and intelligence, however, it is still crucial to keep this essential data pool protected at all times - even while being used.

We've reviewed and rated the best identity management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Here are the answers for The New York Times Mini Crossword for Oct. 25

Get $50 off with this Target promo code and shop these top deals to save on electronics, baby items, groceries, and more.

A California-based produce company was the source of fresh onions linked to a deadly E. coli food poisoning outbreak at McDonald’s, restaurant chain officials said.

(Image credit: Mike Stewart)

Britain's handling of its involvement in the trans-Atlantic slave trade is seen by many as a litmus test for the Commonwealth's adaptation to a modern-day world.

(Image credit: Rick Rycroft)

Russian President Vladimir Putin neither confirms nor denies the presence of North Korean troops in Ukraine. Putin’s comments came during a press conference at a Russian-hosted summit for the world’s top developing economies.

(Image credit: Maxim Shipenkov)

But it remains to be seen how the next president will approach the controversial and complex issue.

Here are some hints — and the answers — for Connections No. 502 for Oct. 25.

Here are some hints, and the answers, for the Oct. 25 Strands puzzle, No. 236.

Here are some hints and the answer for Wordle No. 1,225 for Oct. 25.

Here are some hints — and the answers — for Connections: Sports Edition No. 32 for Oct. 25.

Character.AI has rolled out new safety features and policies for building and interacting with the AI-powered virtual personalities it hosts. The new measures aim to make the platform safer for all users, but particularly younger people. The update includes more control over how minors engage with the AI chatbot, more content moderation, and better detection of the AI discussing topics like self-harm.

Though not cited in the blog post about the update, Character AI linked to the announcement in a post on X expressing condolences to the family of a 14-year-old who spent months interacting with one of Character.AI's chatbots before taking his own life. His family has now filed a lawsuit against Character.AI for wrongful death, citing a lack of safeguards for the AI chatbots as a contributor to his suicide​.

We are heartbroken by the tragic loss of one of our users and want to express our deepest condolences to the family. As a company, we take the safety of our users very seriously and we are continuing to add new safety features that you can read about here:…October 23, 2024

AI chat guardrails

Character AI's post laid out several new safety features for the platform. For instance, if the model detects keywords related to suicide or self-harm, it will display a pop-up urging the user to the National Suicide Prevention Lifeline and related resources. The AI will also be better at spotting and removing inappropriate content in a conversation, with a particular sensitivity to when users are under 18.

Presumably, minors would already have restricted content in conversations, but Character.AI may have upped that sensitivity further. In cases where that might not be enough, entire chatbots have been removed.

"We conduct proactive detection and moderation of user-created Characters, including using industry-standard and custom blocklists that are regularly updated. We proactively, and in response to user reports, remove Characters that violate our Terms of Service," Character.AI explained in its post. "Users may notice that we’ve recently removed a group of Characters that have been flagged as violative, and these will be added to our custom blocklists moving forward."

Other new features are more about helping ground users. So, you'll see a notification when you have spent an hour on the platform asking if you want to keep going as a way of helping make sure you don't lose track of time. You'll also see more prominent disclaimers emphasizing that the AI is not a real person. There are already such disclaimers in the conversations, but Character.AI wants to make it impossible to ignore.

These safety features are the flipside of how Character.AI has made engaging with chatbots feel more like talking to a real person, including voices and the two-way voice conversations available with the Character Calls feature. Still, the company is likely keen to ensure its services are as safe as possible, and its moves could inform how others in the space shape their own AI chatbot characters.

You Might Also Like...

• Character.ai lets you talk to your favorite (synthetic) people on the phone – which isn't weird at all
• I created an AI clone of myself and the result was unintentionally hilarious
• This ChatGPT rival lets you talk to anyone, dead or alive

Looking for the best internet provider in Salinas? Options may be limited but here are the best ones, based on our reviews.

If Batman: Arkham Shadow is tempting you to finally pick up a Meta Quest 3 or Meta Quest 3S, or you already own one of Meta’s best VR headsets, then this might sweeten the deal. Meta has revealed the dates of the 52 free NBA and WNBA matches it’s hosting in Horizon Worlds for the 2024-2025 season.

To catch you up to speed, Meta allows its headset owners (in supported regions) to jump into the NBA Arena in Horizon Worlds to virtually sit courtside during live matches. If you miss the game, you can also tune into immersive highlights for 24 hours after the game has ended. Additionally, you can play mini-games and hang out with friends like you would in other Horizon Worlds.

If you subscribe to NBA League Pass, you can use Xtadium to watch every live 2D game in mixed reality – it’s not quite as immersive, but it's still a lot of fun for sports fans, especially if you’re already paying for the content.

Every free immersive NBA and WNBA game

Here’s the full list of free matches you can watch:

• October 25 – Chicago Bulls vs. Milwaukee Bucks – 5pm PT
• October 26 – Oklahoma City Thunder vs. Chicago Bulls – 5pm PT
• October 28 – Indiana Pacers vs. Orlando Magic – 4pm PT
• November 2 – Golden State Warriors vs. Houston Rockets – 5pm PT
• November 4 – Los Angeles Lakers vs. Detroit Pistons – 4:30pm PT
• November 7 – Portland Trail Blazers vs. San Antonio Spurs – 7pm PT
• November 12 – Phoenix Suns vs. Utah Jazz – 6pm PT
• November 15 – Miami Heat vs. Indiana Pacers – 4pm PT
• November 19 – Denver Nuggets vs. Memphis Grizzlies – 5pm PT
• November 22 – Boston Celtics vs. Washington Wizards – 4pm PT
• November 24 – LA Clippers vs. Philadelphia 76ers – 3pm PT
• November 26 – Houston Rockets vs. Minnesota Timberwolves – 5pm PT
• November 29 – Orlando Magic vs. Brooklyn Nets – 4:30pm PT
• December 1 – Boston Celtics vs. Cleveland Cavaliers – 3pm PT
• December 3 – Philadelphia 76ers vs. Charlotte Hornets – 4pm PT
• December 5 – Phoenix Suns vs. New Orleans Pelicans – 5pm PT
• December 8 – Minnesota Timberwolves vs. Golden State Warriors – 3:30pm PT
• December 20 – Oklahoma City Thunder vs. Miami Heat – 5pm PT
• December 26 – Miami Heat vs. Orlando Magic – 4pm PT
• December 27 – Dallas Mavericks vs. Phoenix Suns – 6pm PT
• December 28 – Milwaukee Bucks vs. Chicago Bulls – 6pm PT
• December 29 – Indiana Pacers vs. Boston Celtics – 3pm PT
• January 3, 2025 – San Antonio Spurs vs. Denver Nuggets – 6pm PT
• January 4, 2025 – New York Knicks vs. Chicago Bulls – 5pm PT
• January 6, 2025 – Dallas Mavericks vs. Memphis Grizzlies – 5pm PT
• January 10, 2025 – Golden State Warriors vs. Indiana Pacers – 4pm PT
• January 18, 2025 – Cleveland Cavaliers vs. Minnesota Timberwolves – 6pm PT
• January 19, 2025 – Philadelphia 76ers vs. Milwaukee Bucks – 4pm PT
• January 24, 2025 – Portland Trail Blazers vs. Charlotte Hornets – 4pm PT
• January 27, 2025 – Orlando Magic vs. Miami Heat – 4:30pm PT
• February 2, 2025 – LA Clippers vs. Toronto Raptors – 12:30pm PT
• February 3, 2025 – Milwaukee Bucks vs. Oklahoma City Thunder – 5pm PT
• February 8, 2025 – Indiana Pacers vs. Los Angeles Lakers – 5pm PT
• February 10, 2025 – Minnesota Timberwolves vs. Cleveland Cavaliers – 4pm PT
• February 22, 2025 – Phoenix Suns vs. Chicago Bulls – 4:30pm PT
• February 24, 2025 – Denver Nuggets vs. Indiana Pacers – 4pm PT
• March 3, 2025 – Houston Rockets vs. Oklahoma City Thunder – 5pm PT
• March 10, 2025 – Dallas Mavericks vs. San Antonio Spurs – 5:30pm PT
• March 14, 2025 – LA Clippers vs. Atlanta Hawks – 4:30pm PT
• March 16, 2025 – Orlando Magic vs. Cleveland Cavaliers – 3pm PT
• March 20, 2025 – New York Knicks vs. Charlotte Hornets – 4pm PT
• March 22, 2025 – Golden State Warriors vs. Atlanta Hawks – 4pm PT
• March 23, 2025 – Denver Nuggets vs. Houston Rockets – 3pm PT
• March 24, 2025 – Dallas Mavericks vs. Brooklyn Nets – 4:30pm PT
• March 27, 2025 – Los Angeles Lakers vs. Chicago Bulls – 4pm PT
• March 28, 2025 – New York Knicks vs. Milwaukee Bucks – 5pm PT
• March 29, 2025 – Miami Heat vs. Philadelphia 76ers – 4:30pm PT
• March 31, 2025 – LA Clippers vs. Orlando Magic – 4pm PT
• April 5, 2025 – New York Knicks vs. Atlanta Hawks – 12pm PT
• April 6, 2025 – Indiana Pacers vs. Denver Nuggets – 5pm PT
• April 11, 2025 – LA Clippers vs. Sacramento Kings – 7pm PT
• April 13, 2025 – LA Lakers vs. Portland Trail Blazers – 12:30pm PT

(Image credit: Shutterstock / Prostock-studio) Don't dismiss Horizon Worlds

Horizon Worlds is one of those apps that I’ll be the first to admit is easy to dismiss. A disappointing launch and sporadic rollout meant it never quite hit its stride in many people’s eyes.

That’s definitely starting to change. The Worlds it offers are steadily becoming a lot more impressive, and with these free sports games and free immersive concerts being hosted regularly, it’s become one of those VR apps which, if you aren’t using regularly, you’re missing out on a big chunk of what your Meta Quest headset has to offer.

You might also like...

• One simple prompt can make AI images come alive in Facebook Messenger
• No, Meta – I won’t fake my northern lights photos even though I’m gutted that I missed the real thing
• The Meta Quest 3S is fantastic, but there’s one big reason to choose the Quest 3 instead

Switching repayment plans could help you wipe out your student loan debt faster.

It's a confusing time to start repaying your student loans. Here's what you need to know.

Want to star in an animated film as an anthropomorphic animal version of yourself? Runway's AI video creation platform has a new AI tool to do just that. The new Act-One feature may make motion-capture suits and manual computer animation unnecessary to match live action.

Act-One streamlines what is usually a long process for facial animation. All you need is a video camera facing an actor and able to capture their face as they perform.

The AI fueling Act-One reworks the facial movements and expressions from the inputted video to fit an animated character. Runway claims even the most nuanced emotions are visible through micro-expressions, eyeliners, and other facets of the performance. Act-One can even produce multi-character dialogue scenes, which Runway suggests are difficult for most generative AI video models.

To produce one, a single actor performs multiple roles, and the AI animates the different performances mapped onto different characters in one scene as though they are talking to each other.

That's a far cry from the laborious traditional animation requirements and makes animation far more accessible to creators with limited budgets or technical experience. Not that it's always going to match the skills of talented teams of animators with big movie budgets, but the relatively low barrier of entry might let amateurs and those with limited resources have the chance to play with character designs that are still realistic in portraying emotions, all without breaking the bank or missing deadlines. You can see some demonstrations below.

Animated Runway

Act-One is, in some ways, an enhancement for Runway's video-to-video feature within its Gen-3 Alpha model. But while that tool uses a video and a text prompt to adjust the setting, performers, or other elements, Act-One skips straight to mapping human expressions onto animated characters. It also fits with how Runway has been pushing out more features and options for its platform, such as the Gen-3 Alpha Turbo version of its model, which sacrifices some functionality for speed.

Like its other AI video tools, Runway has some restrictions on Act-One to prevent people from misusing it or breaking its terms and conditions. You can't make content with public figures, for instance, and it employs techniques to ensure anyone whose voice is used in the final video has given their permission. The model is continuously monitored to spot any attempts to break those or other rules.

"We're excited to see what forms of creative storytelling Act-One brings to animation and character performance. Act-One is another step forward in our goal to bringing previously sophisticated techniques to a broader range of creators and artists," Runway wrote in its announcement. "We look forward to seeing how artists and storytellers will use Act-One to bring their visions to life in new and exciting ways."

Act-One may be somewhat unique among AI video generators, though Adobe Firefly and Meta’s MovieGen have some similar efforts in their portfolio. Runway’s Act-One seems to be much easier to use than Firefly's equivalent and more available than the restricted MovieGen model.

Still, there's s ever more AI video competition as OpenAI's Sora model starts to spread, and Stability AI, Pika, Luma Labs' Dream Machine, and others push out a steady stream of features for AI video production. If you want to try Act-One, Runway's paid plans start at $12 a month.

You might also like...

• This AI can turn your mundane video into a special effects spectacular
• Forget Sora, Runway is the AI video maker coming to blow your mind
• Turn your selfie into an action star with this new AI image-to-video feature

Curl up by the fire—or start your own—with our favorite vibrators, suction toys, lubes, and condoms this holiday season.

Quordle was one of the original Wordle alternatives and is still going strong now more than 1,000 games later. It offers a genuine challenge, though, so read on if you need some Quordle hints today – or scroll down further for the answers.

Enjoy playing word games? You can also check out my Wordle today, NYT Connections today and NYT Strands today pages for hints and answers for those puzzles.

SPOILER WARNING: Information about Quordle today is below, so don't read on if you don't want to know the answers.

Quordle today (game #1005) - hint #1 - Vowels How many different vowels are in Quordle today?

• The number of different vowels in Quordle today is 4*.

* Note that by vowel we mean the five standard vowels (A, E, I, O, U), not Y (which is sometimes counted as a vowel too).

Quordle today (game #1005) - hint #2 - repeated letters Do any of today's Quordle answers contain repeated letters?

• The number of Quordle answers containing a repeated letter today is 1.

Quordle today (game #1005) - hint #3 - uncommon letters Do the letters Q, Z, X or J appear in Quordle today?

• Yes. One of Q, Z, X or J appears among today's Quordle answers.

Quordle today (game #1005) - hint #4 - starting letters (1) Do any of today's Quordle puzzles start with the same letter?

• The number of today's Quordle answers starting with the same letter is 2.

If you just want to know the answers at this stage, simply scroll down. If you're not ready yet then here's one more clue to make things a lot easier:

Quordle today (game #1005) - hint #5 - starting letters (2) What letters do today's Quordle answers start with?

• P

• E

• R

• P

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

Quordle today (game #1005) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle, game #1005, are…

• PRANK
• EXIST
• RUDDY
• PICKY

If number of distinct letters is a measure of a Quordle's difficulty – and it certainly can be – then today's is further towards hard than easy. It contains 14 characters, including an X and two Ks, so depending on how the letters fell for you, it may have been a tough one to solve.

I didn't find it too hard myself, fortunately. My start words gave me 12 of those letters – minus the X and K – and 16 of the 20 letters needed in total, which is not too bad as these things go. I messed up a little with EXIST, for some reason playing FIEST, which I'm not sure is a word but which Quordle inexplicably accepted – but otherwise it was fairly mundane.

How did you do today? Send me an email and let me know.

Daily Sequence today (game #1005) - the answers

(Image credit: Merriam-Webster)

The answers to today's Quordle Daily Sequence, game #1005, are…

• GIANT
• RUGBY
• EXTOL
• GREAT

Quordle answers: The past 20

• Quordle #1004, Thursday 24 October: DAIRY, RALLY, CURLY, LABEL
• Quordle #1003, Wednesday 23 October: DROSS, ANNEX, GRAVE, BROKE
• Quordle #1002, Tuesday 22 October: ADORE, SMITH, AFOOT, LUCID
• Quordle #1001, Monday 21 October: TREAD, NINTH, GRIEF, UNSET
• Quordle #1000, Sunday 20 October: CORAL, WHOSE, HEIST, SOAPY
• Quordle #999, Saturday 19 October: GUSTY, BROKE, ENJOY, HAZEL
• Quordle #998, Friday 18 October: PUPIL, MOCHA, EGRET, NATAL
• Quordle #997, Thursday 17 October: BUILD, BIRTH, LURCH, SASSY
• Quordle #996, Wednesday 16 October: EERIE, SMIRK, HUNCH, EMBED
• Quordle #995, Tuesday 15 October: UMBRA, BRIEF, GRAVY, TORUS
• Quordle #994, Monday 14 October: ROGUE, STORY, EMCEE, AUNTY
• Quordle #993, Sunday 13 October: UNFIT, NYMPH, THUMB, PUREE
• Quordle #992, Saturday 12 October: SAUCY, UNDUE, EGRET, HELLO
• Quordle #991, Friday 11 October: RINSE, ANIME, PUSHY, ZEBRA
• Quordle #990, Thursday 10 October: UNTIL, MARSH, METAL, WINDY
• Quordle #989, Wednesday 9 October: TRIAL, HUSKY, DOWNY, TRADE
• Quordle #988, Tuesday 8 October: TROUT, HATER, BARGE, DOZEN
• Quordle #987, Monday 7 October: CAULK, HALVE, APING, HEATH
• Quordle #986, Sunday 6 October: FUDGE, TENOR, BEGAT, ROUSE
• Quordle #985, Saturday 5 October: ELECT, CROAK, FRISK, JAUNT