Microsoft has deployed a generative AI model entirely divorced from the internet, saying US intelligence agencies can now safely harness the powerful technology to analyze top-secret information. From a report: It's the first time a major large language model has operated fully separated from the internet, a senior executive at the US company said. Most AI models including OpenAI's ChatGPT rely on cloud services to learn and infer patterns from data, but Microsoft wanted to deliver a truly secure system to the US intelligence community.

Spy agencies around the world want generative AI to help them understand and analyze the growing amounts of classified information generated daily, but must balance turning to large language models with the risk that data could leak into the open -- or get deliberately hacked. Microsoft has deployed the GPT4-based model and key elements that support it onto a cloud with an "air-gapped" environment that is isolated from the internet, said William Chappell, Microsoft's chief technology officer for strategic missions and technology.

The Register provides a retrospective look at how Microsoft "absorbed the handset division of Nokia" ten years ago, only to kill the unit two years later and write it off as a tax loss. What went wrong? "It was a fatal combination of bad management, a market evolving in ways hidebound people didn't predict, and some really (with a few superb exceptions) terrible products," reports The Register. From the report: Like Nokia, Windows Mobile's popularity peaked in 2007, then started to drop away. The iPhone was the tech item of choice for fashionistas, Blackberry was seen as essential for serious business, and Android -- with Google as its new owner -- was gaining traction. Microsoft by that time had a new CEO in Steve Ballmer, who completely and famously failed to see the shifting sands in the mobile market. He dismissed the iPhone as a threat to what he thought was Windows Mobile's unassailable market position, and was roundly mocked for it. So the scene was set for a mobile standards war, and Steve Ballmer staked his professional pride on winning it. Microsoft recruited Nokia to help out. [...]

Under [Executive VP of Microsoft Stephen Elop's] leadership, a closer working relationship with Microsoft was a given -- but in 2013 Redmond announced it was going the whole hog and buying Nokia's handset business outright for $7.2 billion. The deal was done in April 2014, a decade ago from today. Microsoft also got a ten-year license on Nokia's patents and the option to renew in perpetuity. It also got Elop back, as executive vice president of the Microsoft Devices Group. That meant stepping down as CEO of Nokia, for which he trousered an 18.8 million bonus package -- a payoff the Finnish prime minister at the time called "outrageous." Nokia retained its networking business in Finland. It purchased Siemens' half of the Nokia Siemens Networks joint venture and renamed in Nokia Networks. The Nokia board rolled the dice again on hiring another non-Suomi manager, Rajeev Suri, and this time hit a double D20 in D&D terms.

When Ballmer stepped down from the helm at Microsoft in 2014 -- shortly before the Nokia deal completion -- he left a hot mess to deal with. His plan had been to develop the mobile operating system in conjunction with Windows 10, and Windows Mobile 10 was supposed to be a part of a unified code environment. While Windows 10 on the desktop wasn't a bad operating system, Windows Mobile 10 really was. The promised synergy just didn't happen -- it was power-hungry, clunky, and about as popular as a rattlesnake in a pinata. It was this mess that Satya Nadella faced when he took over the reins. Nadella was never very keen on the phone platform and spent more time in press conferences talking about cricket or the cloud than Microsoft's mobile ambitions. It was clear to all that this really wasn't working. Elop was laid off by Redmond a year later.

It was clear that Windows Mobile wasn't going to work. Android and iOS were drinking Microsoft's milkshake, and Redmond realized the game was up. Microsoft started shedding mobile jobs -- both in Finland and Redmond. While mobile was still publicly touted as the way forward for Microsoft with Ballmer gone, the impetus wasn't there and support for the mobile OS shriveled. In 2015 Microsoft declared it was writing off $7.6 billion on the Phone Hardware division as "goodwill and asset impairment charges" -- $400 million more than it had originally paid for the Finnish firm. Nokia bought European networking giant Alcatel-Lucent in a $16.7 billion deal in 2015. Around the same time, Suri announced a move into tablets, since it had a non-compete agreement with Microsoft on mobiles. Meanwhile a bunch of former Nokia execs who'd fled Elop and Microsoft had started a mobile biz of their own: HMD. It was Finnish, but outsourced production to Foxconn in China, and was planning to make cheapish Android devices. In 2016 Microsoft sold its mobile hardware arm to HMD for an undisclosed -- but probably not large -- sum. Nadella clearly wanted out of the whole business and the Finnish startup concentrated on selling good-enough Android smartphones to Nokia's traditional cheap markets.

The Rabbit R1 is one of the first standalone AI companion devices to hit the market, offering the ability to translate languages, identify objects in your environment, and order DoorDash, among other things. It's been in the news last week for its all around poor reviews that cite poor battery life, painfully slow responses, and missing features (sound familiar?). Now, it's been confirmed that the Rabbit R1 is powered by an Android app that can run on existing Android phones. Android Authority reports: What ended up souring a lot of people's opinions on the product was the revelation -- in an Android Authority original report -- that the R1 is basically an Android app in a box. Many consumers who believed that the product would be better suited as a mobile app felt validated after our report, but there was one stickler in it that we needed to address: how we got the R1 launcher up and running on an Android phone. See, in our preliminary report, we mentioned that the Rabbit R1's launcher app is intended to be preinstalled in the firmware and be granted several privileged, system-level permissions. While that statement is still true, we should've clarified that the R1 launcher doesn't actually need those permissions. In fact, none of the system-level permissions that the R1 launcher requests are at all necessary for the app to perform its core functionality.

To prove this, we got the Rabbit R1 launcher up and running again on a stock, unrooted Android device (a Xiaomi 13T Pro), thanks to help from a team of reverse engineers including ChromMob, EmilyLShepherd, marceld505, thel3l, and uwukko. We were able to go through the entire setup process as if our device was an actual Rabbit R1. Afterwards, we were able to talk to ChatGPT, use the Vision function to identify objects, play music from Spotify, and even record voice notes. As demonstrated in our hands-on video at the top of this article, all of the existing core functionality that the Rabbit R1 offers would work as an Android or even iOS app. The only functions that wouldn't work are unrelated to the product's core functionality and are things your phone can already do, such as powering off or rebooting the device, toggling Bluetooth, connecting to a cellular or Wi-Fi network, or setting a screen lock.

During our research, Android Authority was also able to obtain a copy of the Rabbit R1's firmware. Our analysis reveals that Rabbit did not make significant modifications to the BSP (Board Support Package) provided by MediaTek. The R1, in fact, still ships with all the standard apps included in AOSP, as well as the many apps provided by MediaTek. This is despite the fact that none of these apps are needed nor ever shown to the user, obviously. Rabbit only made a few changes to the AOSP build that MediaTek provided them, such as adding the aforementioned R1 launcher app, adding a fork of the open-source "AnySoftKeyboard" app with a custom theme, adding an OTA updater app, and adding a custom boot animation. [...] Yes, it's true that all the R1 launcher does is act as a local client to the cloud services offered by Rabbit, which is what truly handles the core functionality. It's also true that there's nothing wrong or unusual with companies using AOSP for their own hardware. But the fact of the matter is that Rabbit does little to justify its use of custom hardware except by making the R1 have an eye-catching design.

An anonymous reader quotes a report from TechCrunch: CoreWeave, the GPU infrastructure provider that began life as a cryptocurrency mining operation, this week raised $1.1 billion in new funding from investors, including Coatue, Fidelity and Altimeter Capital. The round brings its valuation to $19 billion post-money and its total raised to $5 billion in debt and equity -- a remarkable figure for a company that's less than 10 years old. It's not just CoreWeave. Lambda Labs, which also offers an array of cloud-hosted GPU instances, in early April secured a "special purpose financing vehicle" of up to $500 million, months after closing a $320 million Series C round. The nonprofit Voltage Park, backed by crypto billionaire Jed McCaleb, last October announced that it's investing $500 million in GPU-backed data centers. And Together AI, a cloud GPU host that also conducts generative AI research, in March landed $106 million in a Salesforce-led round.

So why all the enthusiasm for -- and cash pouring into -- the alternative cloud space? The answer, as you might expect, is generative AI. As the generative AI boom times continue, so does the demand for the hardware to run and train generative AI models at scale. GPUs, architecturally, are the logical choice for training, fine-tuning and running models because they contain thousands of cores that can work in parallel to perform the linear algebra equations that make up generative models. But installing GPUs is expensive. So most devs and organizations turn to the cloud instead. Incumbents in the cloud computing space -- Amazon Web Services (AWS), Google Cloud and Microsoft Azure -- offer no shortage of GPU and specialty hardware instances optimized for generative AI workloads. But for at least some models and projects, alternative clouds can end up being cheaper -- and delivering better availability.

On CoreWeave, renting an Nvidia A100 40GB -- one popular choice for model training and inferencing -- costs $2.39 per hour, which works out to $1,200 per month. On Azure, the same GPU costs $3.40 per hour, or $2,482 per month; on Google Cloud, it's $3.67 per hour, or $2,682 per month. Given generative AI workloads are usually performed on clusters of GPUs, the cost deltas quickly grow. "Companies like CoreWeave participate in a market we call specialty 'GPU as a service' cloud providers," Sid Nag, VP of cloud services and technologies at Gartner, told TechCrunch. "Given the high demand for GPUs, they offers an alternate to the hyperscalers, where they've taken Nvidia GPUs and provided another route to market and access to those GPUs." Nag points out that even some Big Tech firms have begun to lean on alternative cloud providers as they run up against compute capacity challenges. Microsoft signed a multi-billion-dollar deal with CoreWeave last June to help provide enough power to train OpenAI's generative AI models.

"Nvidia, the furnisher of the bulk of CoreWeave's chips, sees this as a desirable trend, perhaps for leverage reasons; it's said to have given some alternative cloud providers preferential access to its GPUs," reports TechCrunch.

samleecole writes: Utah set up an online form for people to accuse other citizens and public establishments of violating the state's recently-enacted transphobic "bathroom bill." The submission form is being flooded with memes and troll comments, and the auditor also left the submissions database open to the public -- without a password, authentication, or any other protections that would keep anyone from viewing other people's submissions.

After 404 Media contacted the auditor's office for comment, they changed the permissions to require authentication. The form link has been posted to Twitter, and people have repeatedly posted screenshots of themselves uploading memes. In the database, those included photos of Barry Wood, characters from Bee Movie, and Shutterstock images of bull testicles. Twitter users have also found a link to the database that the form is connected to, which is hosted on a public Google cloud console bucket that as of Thursday, required no authentication to view. I tested the form, and found that my submission -- a photo of the yelling table cat meme -- appeared instantly in the Google Console bucket. The submission form offers anonymity with the option for the state auditor to contact submitters for more details. I haven't seen names and contact information shared in the database, but comments and image attachments were easily viewable.

An anonymous reader quotes a report from Reuters: Microsoft said on Thursday it will invest $2.2 billion over the next four years in Malaysia to expand cloud and artificial intelligence (AI) services in the company's latest push to promote its generative AI technology in Asia. The investment, the largest in Microsoft's 32-year history in Malaysia, will include building cloud and AI infrastructure, creating AI-skilling opportunities for 200,000 people, and supporting the country's developers, the company said.

Microsoft will also work with the Malaysian government to establish a national AI Centre of Excellence and enhance the nation's cybersecurity capabilities, the company said in a statement. Prime Minister Anwar Ibrahim, who met Nadella on Thursday, said the investment supported Malaysia's efforts in developing its AI capabilities. Microsoft is trying to expand its support for the development of AI globally. Nadella this week announced a $1.7 billion investment in neighboring Indonesia and said Microsoft would open its first regional data centre in Thailand. "We want to make sure we have world class infrastructure right here in the country so that every organization and start-up can benefit," Microsoft Chief Executive Satya Nadella said during a visit to Kuala Lumpur.

An anonymous reader quotes a report from Bloomberg: Dropbox said its digital-signature product, Dropbox Sign, was breached by hackers, who accessed user information including emails, user names and phone numbers. The software company said it became aware of the cyberattack on April 24, sought to limit the incident and reported it to law enforcement and regulatory authorities. "We discovered that the threat actor had accessed data related to all users of Dropbox Sign, such as emails and user names, in addition to general account settings," Dropbox said Wednesday in a regulatory filing. "For subsets of users, the threat actor also accessed phone numbers, hashed passwords, and certain authentication information such as API keys, OAuth tokens, and multi-factor authentication."

Dropbox said there is no evidence hackers obtained user accounts or payment information. The company said it appears the attack was limited to Dropbox Sign and no other products were breached. The company didn't disclose how many customers were affected by the hack. The hack is unlikely to have a material impact on the company's finances, Dropbox said in the filing. The shares declined about 2.5% in extended trading after the cyberattack was disclosed and have fallen 20% this year through the close.

An anonymous reader shares that IPv6rs has debuted a new one-click self hosting system: Everyone seemed like they were talking about self hosting, but we didn't understand why it wasn't more prolific. Thus, we conducted a survey to hear reasons. It turned out the two most common reasons were:

1. Lack of an external IP address 2. Too difficult to setup and maintain

Our service already solves the first issue. We set out with a self-hostathon to figure out what the blockers were in setting up and running a self-hosted server. ... writes IPv6rs on their blog. We needed to make things easier, so we created Cloud Seeder, a one click installer that instantly launches a fully encapsulated server appliance that is externally reachable.

At the time of launching, the current version of Cloud Seeder supports 20+ different appliances - from Mastodon which federates with Meta's Threads to Nextcloud which provides an enterprise-level, self-hosted alternative to the big-name collaboration suites.

It also automatically handles updates/maintenance.

We hope this will bring a new era to self hosting and, in turn, will bring the decentralized internet forest back. Is the self hosting era making its return?

Maciej Pocwierz, a senior software engineer Semantive, writing on Medium: A few weeks ago, I began working on the PoC of a document indexing system for my client. I created a single S3 bucket in the eu-west-1 region and uploaded some files there for testing. Two days later, I checked my AWS billing page, primarily to make sure that what I was doing was well within the free-tier limits. Apparently, it wasn't. My bill was over $1,300, with the billing console showing nearly 100,000,000 S3 PUT requests executed within just one day! By default, AWS doesn't log requests executed against your S3 buckets. However, such logs can be enabled using AWS CloudTrail or S3 Server Access Logging. After enabling CloudTrail logs, I immediately observed thousands of write requests originating from multiple accounts or entirely outside of AWS.

Was it some kind of DDoS-like attack against my account? Against AWS? As it turns out, one of the popular open-source tools had a default configuration to store their backups in S3. And, as a placeholder for a bucket name, they used... the same name that I used for my bucket. This meant that every deployment of this tool with default configuration values attempted to store its backups in my S3 bucket! So, a horde of misconfigured systems is attempting to store their data in my private S3 bucket. But why should I be the one paying for this mistake? Here's why: S3 charges you for unauthorized incoming requests. This was confirmed in my exchange with AWS support. As they wrote: "Yes, S3 charges for unauthorized requests (4xx) as well[1]. That's expected behavior." So, if I were to open my terminal now and type: aws s3 cp ./file.txt s3://your-bucket-name/random_key. I would receive an AccessDenied error, but you would be the one to pay for that request. And I don't even need an AWS account to do so.

Another question was bugging me: why was over half of my bill coming from the us-east-1 region? I didn't have a single bucket there! The answer to that is that the S3 requests without a specified region default to us-east-1 and are redirected as needed. And the bucket's owner pays extra for that redirected request. The security aspect: We now understand why my S3 bucket was bombarded with millions of requests and why I ended up with a huge S3 bill. At that point, I had one more idea I wanted to explore. If all those misconfigured systems were attempting to back up their data into my S3 bucket, why not just let them do so? I opened my bucket for public writes and collected over 10GB of data within less than 30 seconds. Of course, I can't disclose whose data it was. But it left me amazed at how an innocent configuration oversight could lead to a dangerous data leak! Lesson 1: Anyone who knows the name of any of your S3 buckets can ramp up your AWS bill as they like. Other than deleting the bucket, there's nothing you can do to prevent it. You can't protect your bucket with services like CloudFront or WAF when it's being accessed directly through the S3 API. Standard S3 PUT requests are priced at just $0.005 per 1,000 requests, but a single machine can easily execute thousands of such requests per second.

If 2023 was the tech industry's year of the A.I. chatbot, 2024 is turning out to be the year of A.I. plumbing. From a report: It may not sound as exciting, but tens of billions of dollars are quickly being spent on behind-the-scenes technology for the industry's A.I. boom. Companies from Amazon to Meta are revamping their data centers to support artificial intelligence. They are investing in huge new facilities, while even places like Saudi Arabia are racing to build supercomputers to handle A.I. Nearly everyone with a foot in tech or giant piles of money, it seems, is jumping into a spending frenzy that some believe could last for years.

Microsoft, Meta, and Google's parent company, Alphabet, disclosed this week that they had spent more than $32 billion combined on data centers and other capital expenses in just the first three months of the year. The companies all said in calls with investors that they had no plans to slow down their A.I. spending. In the clearest sign of how A.I. has become a story about building a massive technology infrastructure, Meta said on Wednesday that it needed to spend billions more on the chips and data centers for A.I. than it had previously signaled. "I think it makes sense to go for it, and we're going to," Mark Zuckerberg, Meta's chief executive, said in a call with investors.

The eye-popping spending reflects an old parable in Silicon Valley: The people who made the biggest fortunes in California's gold rush weren't the miners -- they were the people selling the shovels. No doubt Nvidia, whose chip sales have more than tripled over the last year, is the most obvious A.I. winner. The money being thrown at technology to support artificial intelligence is also a reminder of spending patterns of the dot-com boom of the 1990s. For all of the excitement around web browsers and newfangled e-commerce websites, the companies making the real money were software giants like Microsoft and Oracle, the chipmaker Intel, and Cisco Systems, which made the gear that connected those new computer networks together. But cloud computing has added a new wrinkle: Since most start-ups and even big companies from other industries contract with cloud computing providers to host their networks, the tech industry's biggest companies are spending big now in hopes of luring customers.

An anonymous reader quotes a report published last week by Physics World: Researchers at the Dutch quantum institute QuTech in Delft have announced plans to build Europe's first 100-quantum bit (qubit) quantum computer. When complete in 2026, the device will be made publicly available, providing scientists with a tool for quantum calculations and simulations. The project is funded by the Dutch umbrella organization Quantum Delta NL via the European OpenSuperQPlus initiative, which has 28 partners from 10 countries. Part of the 10-year, 1 billion-euro European Quantum Flagship program, OpenSuperQPlus aims to build a 100-qubit superconducting quantum processor as a stepping stone to an eventual 1000-qubit European quantum computer.

Quantum Delta NL says the 100-qubit quantum computer will be made publicly available via a cloud platform as an extension of the existing platform Quantum Inspire that first came online in 2020. It currently includes a two-qubit processor of spin qubits in silicon, as well as a five-qubit processor based on superconducting qubits. Quantum Inspire is currently focused on training and education but the upgrade to 100 qubits is expected to allow research into quantum computing. Lead researcher from QuTech Leonardo DiCarlo believes the R&D cycle has "come full circle," where academic research first enabled spin-off companies to grow and now their products are being used to accelerate academic research.

Alphabet has reported first quarter results that topped analysts' estimates with soaring profits in its cloud division. It also announced its first-ever dividend. CNBC shares the results: Earnings per share: $1.89 vs. $1.51 per share expected by LSEG
Revenue: $80.54 billion vs. $78.59 billion expected by LSEG

Wall Street is also watching several other numbers in the report:

YouTube advertising revenue: $8.09 billion vs. $7.72 billion expected, according to StreetAccount.
Google Cloud revenue: $9.57 billion vs. $9.35 billion expected, according to StreetAccount.
Traffic acquisition costs (TAC): $12.95 billion $12.74 billion expected, according to StreetAccount.

Alphabet's revenue increased 15% from $69.79 billion a year earlier, the fastest rate of growth since early 2022. Alphabet said its board approved a cash dividend of 20 cents per share to be paid on June 17, to stockholders of record as of June 10. The company said it "intends to pay quarterly cash dividends in the future."

An anonymous reader quotes a report from TorrentFreak: Late January, the U.S. Department of Commerce published a notice of proposed rulemaking for establishing new requirements for Infrastructure as a Service providers (IaaS) . The proposal boils down to a 'Know Your Customer' regime for companies operating cloud services, with the goal of countering the activities of "foreign malicious actors." Yet, despite an overseas focus, Americans won't be able to avoid the proposal's requirements, which covers CDNs, virtual private servers, proxies, and domain name resolution services, among others. [...] Under the proposed rule, Customer Identification Programs (CIPs) operated by IaaS providers must collect information from both existing and prospective customers, i.e. those at the application stage of opening an account. The bare minimum includes the following data: a customer's name, address, the means and source of payment for each customer's account, email addresses and telephone numbers, and IP addresses used for access or administration of the account.

What qualifies as an IaaS is surprisingly broad: "Any product or service offered to a consumer, including complimentary or "trial" offerings, that provides processing, storage, networks, or other fundamental computing resources, and with which the consumer is able to deploy and run software that is not predefined, including operating systems and applications. The consumer typically does not manage or control most of the underlying hardware but has control over the operating systems, storage, and any deployed applications. The term is inclusive of "managed" products or services, in which the provider is responsible for some aspects of system configuration or maintenance, and "unmanaged" products or services, in which the provider is only responsible for ensuring that the product is available to the consumer."

And it doesn't stop there. The term IaaS includes all 'virtualized' products and services where the computing resources of a physical machine are shared, such as Virtual Private Servers (VPS). It even covers 'baremetal' servers allocated to a single person. The definition also extends to any service where the consumer does not manage or control the underlying hardware but contracts with a third party for access. "This definition would capture services such as content delivery networks, proxy services, and domain name resolution services," the proposal reads. The proposed rule, National Emergency with Respect to Significant Malicious Cyber-Enabled Activities, will stop accepting comments from interested parties on April 30, 2024.

Jeff Lawson, the cofounder of cloud computing company Twilio, appears to have purchased the satirical news website The Onion from G/O Media. Business Insider reports: A trust linked to Lawson is behind a San Francisco-based company called Global Tetrahedron, which shares the name of a fictional evil megacorporation in a long-running Onion gag, business records show. G/O Media CEO Jim Spanfeller confirmed the sale of The Onion to Global Tetrahedron in an email Thursday to staff, first reported by New York Times journalist Katie Robertson.

"This company is made up of four digital media veterans with a profound love for The Onion and comedy based content," Spanfeller wrote. "The site's new owners have agreed to keep The Onion's entire staff intact and in Chicago, something we insisted be part of the deal." When asked about the purchase, Lawson replied: "What's The Onion?" Then, "What's a Tetrahedron?"

An anonymous reader quotes a report from MIT Technology Review: Almost all keyboard apps used by Chinese people around the world share a security loophole that makes it possible to spy on what users are typing. The vulnerability, which allows the keystroke data that these apps send to the cloud to be intercepted, has existed for years and could have been exploited by cybercriminals and state surveillance groups, according to researchers at the Citizen Lab, a technology and security research lab affiliated with the University of Toronto.

These apps help users type Chinese characters more efficiently and are ubiquitous on devices used by Chinese people. The four most popular apps -- built by major internet companies like Baidu, Tencent, and iFlytek -- basically account for all the typing methods that Chinese people use. Researchers also looked into the keyboard apps that come preinstalled on Android phones sold in China. What they discovered was shocking. Almost every third-party app and every Android phone with preinstalled keyboards failed to protect users by properly encrypting the content they typed. A smartphone made by Huawei was the only device where no such security vulnerability was found.

In August 2023, the same researchers found that Sogou, one of the most popular keyboard apps, did not use Transport Layer Security (TLS) when transmitting keystroke data to its cloud server for better typing predictions. Without TLS, a widely adopted international cryptographic protocol that protects users from a known encryption loophole, keystrokes can be collected and then decrypted by third parties. Even though Sogou fixed the issue after it was made public last year, some Sogou keyboards preinstalled on phones are not updated to the latest version, so they are still subject to eavesdropping. [...] After the researchers got in contact with companies that developed these keyboard apps, the majority of the loopholes were fixed. But a few companies have been unresponsive, and the vulnerability still exists in some apps and phones, including QQ Pinyin and Baidu, as well as in any keyboard app that hasn't been updated to the latest version.

Hartley Charlton reports via MacRumors: Apple is said to be developing its own AI server processor using TSMC's 3nm process, targeting mass production by the second half of 2025. According to a post by the Weibo user known as "Phone Chip Expert," Apple has ambitious plans to design its own artificial intelligence server processor. The user, who claims to have 25 years of experience in the integrated circuit industry, including work on Intel's Pentium processors, suggests this processor will be manufactured using TSMC's 3nm node.

Apple's purported move toward developing a specialist AI server processor is reflective of the company's ongoing strategy to vertically integrate its supply chain. By designing its own server chips, Apple can tailor hardware specifically to its software needs, potentially leading to more powerful and efficient technologies. Apple could use its own AI processors to enhance the performance of its data centers and future AI tools that rely on the cloud. While Apple is rumored to be prioritizing on-device processing for many of its upcoming AI tools, it is inevitable that some operations will have to occur in the cloud. By the time the custom processor could be integrated into operational servers in late 2025, Apple's new AI strategy should be well underway.

According to the Wall Street Journal, a deal for IBM to acquire HashiCorp could materialize in the next few days. Shares of HashiCorp jumped almost 20% on the news.

UPDATE 4/24/24: IBM has confirmed the deal valued at $6.4 billion. "IBM will pay $35 per share for HashiCorp, a 42.6% premium to Monday's closing price," reports Reuters. "The acquisition will be funded by cash on hand and will add to adjusted core profit within the first full year of closing, expected by the end of 2024." HashiCorp's shares continued to surge Tuesday on the news. CNBC reports: Developers use HashiCorp's software to set up and manage infrastructure in public clouds that companies such as Amazon and Microsoft operate. Organizations also pay HashiCorp for managing security credentials. Founded in 2012, HashiCorp went public on Nasdaq in 2021. The company generated a net loss of nearly $191 million on $583 million in revenue in the fiscal year ending Jan. 31, according to its annual report. In December, Mitchell Hashimoto, co-founder of HashiCorp, whose family name is reflected in the company name, announced that he was leaving.

Revenue jumped almost 23% during that period, compared with 2% for IBM in 2023. IBM executives pointed to a difficult economic climate during a conference call with analysts in January. The hardware, software and consulting provider reports earnings on Wednesday. Cisco held $9 million in HashiCorp shares at the end of March, according to a regulatory filing. Cisco held early acquisition talks with HashiCorp, according to a 2019 report.

Just as Google, Samsung and Microsoft continue to push their efforts with generative AI on PCs and mobile devices, Apple is moving to join the party with OpenELM, a new family of open source large language models (LLMs) that can run entirely on a single device rather than having to connect to cloud servers. From a report: Released a few hours ago on AI code community Hugging Face, OpenELM consists of small models designed to perform efficiently at text generation tasks. There are eight OpenELM models in total -- four pre-trained and four instruction-tuned -- covering different parameter sizes between 270 million and 3 billion parameters (referring to the connections between artificial neurons in an LLM, and more parameters typically denote greater performance and more capabilities, though not always).

[...] Apple is offering the weights of its OpenELM models under what it deems a "sample code license," along with different checkpoints from training, stats on how the models perform as well as instructions for pre-training, evaluation, instruction tuning and parameter-efficient fine tuning. The sample code license does not prohibit commercial usage or modification, only mandating that "if you redistribute the Apple Software in its entirety and without modifications, you must retain this notice and the following text and disclaimers in all such redistributions of the Apple Software." The company further notes that the models "are made available without any safety guarantees. Consequently, there exists the possibility of these models producing outputs that are inaccurate, harmful, biased, or objectionable in response to user prompts."

Nvidia, in a blog post: To help customers make more efficient use of their AI computing resources, NVIDIA today announced it has entered into a definitive agreement to acquire Run:ai, a Kubernetes-based workload management and orchestration software provider. Customer AI deployments are becoming increasingly complex, with workloads distributed across cloud, edge and on-premises data center infrastructure.

Managing and orchestrating generative AI, recommender systems, search engines and other workloads requires sophisticated scheduling to optimize performance at the system level and on the underlying infrastructure. Run:ai enables enterprise customers to manage and optimize their compute infrastructure, whether on premises, in the cloud or in hybrid environments. The deal is valued at about $700 million.

The Ray-Ban Meta Smart Glasses now feature support for multimodal AI -- without the need for a projector or $24 monthly fee. (We're looking at you, Humane AI.) With the new update, the Meta AI assistant will be able to analyze what you're seeing, and it'll give you smart, helpful answers or suggestions. The Verge reports: First off, there are some expectations that need managing here. The Meta glasses don't promise everything under the sun. The primary command is to say "Hey Meta, look and..." You can fill out the rest with phrases like "Tell me what this plant is." Or read a sign in a different language. Write Instagram captions. Identify and learn more about a monument or landmark. The glasses take a picture, the AI communes with the cloud, and an answer arrives in your ears. The possibilities are not limitless, and half the fun is figuring out where its limits are. [...]

To me, it's the mix of a familiar form factor and decent execution that makes the AI workable on these glasses. Because it's paired to your phone, there's very little wait time for answers. It's headphones, so you feel less silly talking to them because you're already used to talking through earbuds. In general, I've found the AI to be the most helpful at identifying things when we're out and about. It's a natural extension of what I'd do anyway with my phone. I find something I'm curious about, snap a pic, and then look it up. Provided you don't need to zoom really far in, this is a case where it's nice to not pull out your phone. [...]

But AI is a feature of the Meta glasses. It's not the only feature. They're a workable pair of livestreaming glasses and a good POV camera. They're an excellent pair of open-ear headphones. I love wearing mine on outdoor runs and walks. I could never use the AI and still have a product that works well. The fact that it's here, generally works, and is an alright voice assistant -- well, it just gets you more used to the idea of a face computer, which is the whole point anyway.