Connect with us

Biz & IT

Google Play is changing how app ratings work

Published

on

Two years ago, Apple changed the way its app store ratings worked by allowing developers to decide whether or not their ratings would be reset with their latest app update — a feature that Apple suggests should be used sparingly. Today, Google announced it’s making a change to how its Play Store app ratings work, too. But instead of giving developers the choice of when ratings will reset, it will begin to weight app ratings to favor those from more recent releases.

“You told us you wanted a rating based on what your app is today, not what it was years ago, and we agree,” said Milena Nikolic, an engineering director leading Google Play Console, who detailed the changes at the Google I/O Developer conference today.

She explained that, soon, the average rating calculation for apps will be updated for all Android apps on Google Play. Instead of a lifetime cumulative value, the app’s average rating will be recalculated to “give more weight” to the most recent users’ ratings.

With this update, users will be able to better see, at a glance, the current state of the app — meaning, any fixes and changes that made it a better experience over the years will now be taken into account when determining the rating.

“It will better reflect all your hard work and improvements,” touted Nikolic, of the updated ratings.

On the flip side, however, this change also means that once high-quality apps that have since failed to release new updates and bug fixes will now have a rating that reflects their current state of decline.

It’s unclear how much the change will more broadly impact Google Play Store SEO, where today app search results are returned based on a combination of factors, including app names, descriptions, keywords, downloads, reviews and ratings, among other factors.

The updated app ratings was one of numerous Google Play changes announced today, along with the public launch of dynamic delivery features, new APIs, refreshed Google Play Console data, custom listings and even “suggested replies” — like those found in Gmail, but for responding to Play Store user reviews.

End users of the Google Play Store won’t see the new, recalculated rating until August, but developers can preview their new rating today in their Play Store Console.

Source link

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Biz & IT

Tesla shows off underwhelming human robot prototype at AI Day 2022

Published

on

Enlarge / The walking Optimus prototype demonstrated at the AI Day 2022 event.

Tesla

Today at Tesla’s “AI Day” press event, Tesla CEO Elon Musk unveiled an early prototype of its Optimus humanoid robot, which emerged from behind a curtain, walked around, waved, and “raised the roof” with its hands to the beat of techno music.

It was a risky reveal for the prototype, which seemed somewhat unsteady on its feet. “Literally the first time the robot has operated without a tether was on stage tonight,” said Musk. Shortly afterward, Tesla employees rolled a sleeker-looking Optimus model supported by a stand onto the stage that could not yet stand on its own. It waved and lifted its legs. Later, it slumped over while Musk spoke.

Video of Tesla AI Day 2022

The entire live robot demonstration lasted roughly seven minutes, and the firm also played a demonstration video of the walking Optimus prototype slowly picking up a box and putting it down, slowly watering a plant, and slowly moving metal parts in a factory-like setting—all while tethered to an overhead cable. The video also showed a 3D-rendered view of the world that represents what the Optimus robot can see.

Three stages of the Tesla Optimus robot so far, presented at AI Day 2022.
Enlarge / Three stages of the Tesla Optimus robot so far, presented at AI Day 2022.

Tesla

Tesla first announced its plans to built a humanoid robot during its AI Day event in August of last year. During that earlier event, a human dressed in a spandex suit resembling a robot and did the Charleston on stage, which prompted skepticism in the press.

At the AI Event today, Musk and his team emphasized that the walking prototype was an early demo developed in roughly six months using “semi-off the shelf actuators,” and that the sleeker model much more closely resembled the “Version 1” unit they wanted to ship. He said it would probably be able to walk in a few weeks.

Goals of the Optimus project include high-volume production (possibly “millions of units sold,” said Musk), low-cost (“probably less than $20,000”), and high-reliability. Comparing the plans for Optimus to existing humanoid robots from competitors, Musk also emphasized that the Optimus robot should have the brains-on-board to work autonomously, citing Tesla’s work with its automotive Autopilot system.

Tesla shared some specifications of its
Enlarge / Tesla shared some specifications of its “Latest Generation” prototype Optimus robot.

Tesla

Shortly afterward, Musk handed over the stage to Tesla engineers that gave jargon-heavy overviews about developing the power systems, actuators, and joint mechanisms that would make Optimus possible, replete with fancy graphs but with few concrete specifics about how they would apply to a shipping product. “We are carrying over most of our design experience from the car to the robot,” said one engineer, while another engineer said they drew much of their inspiration from human biology, especially in joint design.

Earlier in the demonstration, Musk said that they were having the event to “convince some of the most talented people in the world to come to Tesla and help bring this to fruition.” Musk also emphasized the public nature of Tesla several times, mentioning that if the public doesn’t like what Tesla is doing they could purchase stock and vote against it. “If I go crazy, you can fire me,” he said.

[This is a developing story and will be updated as new information comes in.]

Continue Reading

Biz & IT

High-severity Microsoft Exchange 0-day under attack threatens 220,000 servers

Published

on

Microsoft late Thursday confirmed the existence of two critical vulnerabilities in its Exchange application that have already compromised multiple servers and pose a serious risk to an estimated 220,000 more around the world.

The currently unpatched security flaws have been under active exploit since early August, when Vietnam-based security firm GTSC discovered customer networks had been infected with malicious webshells and that the initial entry point was some sort of Exchange vulnerability. The mystery exploit looked almost identical to an Exchange zero-day from 2021 called ProxyShell, but the customers’ servers had all been patched against the vulnerability, which is tracked as CVE-2021-34473. Eventually, the researchers discovered the unknown hackers were exploiting a new Exchange vulnerability.

Webshells, backdoors, and fake sites

“After successfully mastering the exploit, we recorded attacks to collect information and create a foothold in the victim’s system,” the researchers wrote in a post published on Wednesday. “The attack team also used various techniques to create backdoors on the affected system and perform lateral movements to other servers in the system.”

On Thursday evening, Microsoft confirmed that the vulnerabilities were new and said it was scrambling to develop and release a patch. The new vulnerabilities are: CVE-2022-41040, a server-side request forgery vulnerability, and CVE-2022-41082, which allows remote code execution when PowerShell is accessible to the attacker.

“​​At this time, Microsoft is aware of limited targeted attacks using the two vulnerabilities to get into users’ systems,” members of the Microsoft Security Response Center team wrote. “In these attacks, CVE-2022-41040 can enable an authenticated attacker to remotely trigger CVE-2022-41082.” Team members stressed that successful attacks require valid credentials for at least one email user on the server.

The vulnerability affects on-premises Exchange servers and, strictly speaking, not Microsoft’s hosted Exchange service. The huge caveat is that many organizations using Microsoft’s cloud offering choose an option that uses a mix of on-premises and cloud hardware. These hybrid environments are as vulnerable as standalone on-premises ones.

Searches on Shodan indicate there are currently more than 200,000 on-premises Exchange servers exposed to the Internet and more than 1,000 hybrid configurations.

Wednesday’s GTSC post said the attackers are exploiting the zero-day to infect servers with webshells, a text interface that allows them to issue commands. These webshells contain simplified Chinese characters, leading the researchers to speculate the hackers are fluent in Chinese. Commands issued also bear the signature of the China Chopper, a webshell commonly used by Chinese-speaking threat actors, including several advanced persistent threat groups known to be backed by the People’s Republic of China.

GTSC went on to say that the malware the threat actors eventually install emulates Microsoft’s Exchange Web Service. It also makes a connection to the IP address 137[.]184[.]67[.]33, which is hardcoded in the binary. Independent researcher Kevin Beaumont said the address hosts a fake website with only a single user with one minute of login time and has been active only since August.

Kevin Beaumont

The malware then sends and receives data that’s encrypted with an RC4 encryption key that’s generated at runtime. Beaumont went on to say that the backdoor malware appears to be novel, meaning this is the first time it has been used in the wild.

People running on-premises Exchange servers should take immediate action. Specifically, they should apply a blocking rule that prevents servers from accepting known attack patterns. The rule can be applied by going to “IIS Manager -> Default Web Site -> URL Rewrite -> Actions.” For the time being, Microsoft also recommends people block HTTP port 5985 and HTTPS port 5986, which attackers need to exploit CVE-2022-41082.

Microsoft’s advisory contains a host of other suggestions for detecting infections and preventing exploits until a patch is available.

Continue Reading

Biz & IT

Bruce Willis sells deepfake rights to his likeness for commercial use

Published

on

Enlarge / Deepfake Bruce Willis as he appeared in a 2021 commercial for Russian mobile company MegaFon.

MegaFon

Bruce Willis has sold the “digital twin” rights to his likeness for commercial video production use, according to a report by The Telegraph. This move allows the Hollywood actor to digitally appear in future commercials and possibly even films, and he has already appeared in a Russian commercial using the technology.

Willis, who has been diagnosed with a language disorder called aphasia, announced that he would be “stepping away” from acting earlier this year. Instead, he will license his digital rights through a company called Deepcake. The company is based in Tbilisi, Georgia, and is doing business in America while being registered as a corporation in Delaware.

In 2021, a deepfake Bruce Willis appeared in a Russian cell phone commercial for MegaFon.

Deepcake obtained Willis’ likeness by training a deep learning neural network model on his appearances in blockbuster action films from the 1990s. With his facial appearance known, the model can then apply Willis’ head to another actor with a similar build in a process commonly called a deepfake. Deepfakes have become popular in recent years on TikTok, with unauthorized deepfakes of Tom Cruise and Keanu Reeves gathering large followings.

In a statement on Deepcake’s website, Bruce Willis reportedly said:

I liked the precision of my character. It’s a great opportunity for me to go back in time. The neural network was trained on [the] content of Die Hard and Fifth Element, so my character is similar to the images of that time.

With the advent of the modern technology, I could communicate, work, and participate in filming, even being on another continent. It’s a brand new and interesting experience for me, and I [am] grateful to our team.

According to Deepcake’s website, the firm aims to disrupt the traditional casting process by undercutting it in price, saying that its method “allows us to succeed in tasks minus travel expenses, expensive filming days, insurance, and other costs. You pay for endorsement contract with the celeb’s agent, and a fee for Deepcake’s services. This is game-changingly low.”

While the Telegraph report claims that Willis is “the first Hollywood star to sell his rights to allow a ‘digital twin’ of himself to be created for use on screen,” Ars Technica could not verify that claim outside of the context of a first license with the firm Deepcake. Evidence suggests that a similar licensing precedent exists—in Hollywood, deepfakes have already been used in several Star Wars films and TV shows, for example.

Looking deeper, the concept of having a “digital twin” isn’t new to Willis, either. In 1998, he starred in a PlayStation video game called Apocalypse that involved digitizing his face and capturing the motion of his body as he acted out scenes. Still, it’s notable to see an aging actor sidelined by illness who is willing to volunteer a digital double to work for him. James Earl Jones did so recently with his voice for Darth Vader. It’s possible we’ll see much more of this as deepfake technology improves.

Continue Reading

Trending