HP is squeezing more margin out of print customers, the result of a multi-year strategy to convert unprofitable business into something more lucrative, and says its subscription model is "locking" in people. From a report: Tech vendors -- software, hardware, and cloud services -- generally avoid terms that suggest they're perhaps in some way pinning down customers in a strategic sales hold. But as Marie Myers, chief financial officer at HP, was this week talking to the UBS Global Technology conference, in front of investors, the thrust of the message was geared toward the audience. "We absolutely see when you move a customer from that pure transactional model ... whether it's Instant Ink, plus adding on that paper, we sort of see a 20 percent uplift on the value of that customer because you're locking that person, committing to a longer-term relationship."

Instant Ink is a subscription in which ink or toner cartridges are dispatched when needed, with customers paying for plans that start at $0.99 and run to $25.99 per month. As of May last year, HP had more than 11 million subscribers to the service. Since then it has banked double-digit percentage figures on the revenues front. By pre-pandemic 2019, HP had grown weary of third-party cartridge makers stealing its supplies business. It pledged to charge more upfront for certain printer hardware ("rebalance the system profitability, capturing more profit upfront").

What's behind a supposed shortage of cybersecurity workers? Last month cybersecurity professional Ben Rothke questioned whether a "shortage" even existed. Instead Rothke argued that human resources "needs to understand how to effectively hire information security professionals. Expecting an HR generalist to find information security specialists is a fruitless endeavor at best."

Rothke — a founding member of the Cloud Security Alliance — contacted Slashdot this week with "a follow-up piece" arguing there's another problem. "How can you know how many security jobs there are if there's no real statistical data available?" (Most articles on the topic cite the exact same two studies, which Rothke sees as "not statistically defendable.") Which begs the question — how many information security jobs are there? The short answer is that no one has a clue. The problem is that there is no statistically verifiable and empirically researched data on the number of current information security jobs and what the future holds. All data to date is based on surveys and extrapolations, which is a poor way to do meaningful statistical research... Based on LinkedIn job postings, veteran industry analyst Richard Stiennon found 15,849 job openings at 1,433 cybersecurity vendors. As to the millions of security jobs, he notes that the same could be extrapolated for office administrators. There are millions of companies, but it's not like they all will need full-time security people.

Helen Patton is a veteran information security professional and CISO at Cisco Security Business Group, and the author of Navigating the Cybersecurity Career Path. As to the security jobs crisis, she notes that there are plenty of talented and capable people looking for jobs, and feels there's in fact, no crisis at all. Instead, she says part of the issue is hiring managers who don't truly stop to think about the skills required for a role, and how a candidate can demonstrate those skills. What they do is post jobs that ask for false proxies for experience — degrees, certifications, work experience — and as a consequence, they are looking for candidates that don't exist. She suggests that fixing the hiring process will go a lot further to close the skills gap, than training a legion of new people.
Challenging this supposed glut of unfilled positions, Rothke also shares some recent stories from people who've recently looked for information security jobs. ("He tried to explain to the CIO that Agile was not an appropriate methodology for security projects unless they were primarily software-based. The CIO replied, 'oh the CIO at Chase would tell you differently.' Not realizing that most projects at the bank are software-based.") If you want to know how few information security jobs there really are — speak to people who have graduated from security bootcamps and master's degree programs, and they will tell you the challenges they are facing... That's not to say there are not lots of information security jobs. It's just that there are not the exaggerated and hyperbolic amounts that are reported.

The Atlantic writes: Failing a CAPTCHA isn't just annoying — it keeps people from navigating the internet. Older people can take considerably more time to solve different kinds of CAPTCHAs, according to the UC Irvine researchers, and other research has found that the same is true for non-native English speakers. The annoyance can lead a significant chunk of users to just give up.
But is it all also just a big waste of time? The article notes there's now even CAPTCHA-solving services you can hire. ("2Captcha will solve a thousand CAPTCHAs for a dollar, using human workers paid as low as 50 cents an hour. Newer companies, such as Capsolver, claim to instead be using AI and charge roughly the same price.")

And they also write that this summer saw more discouraging news: In a recent study from researchers at UC Irvine and Microsoft:

- most of the 1,400 human participants took 15 to 26 seconds to solve a CAPTCHA with a grid of images, with 81% accuracy.

- A bot tested in March 2020, meanwhile, was shown to solve similar puzzles in an average of 19.9 seconds, with 83% accuracy.
The article ultimately argues that for roughly 20 years, "CAPTCHAs have been engaged in an arms race against the machines," and that now "The burden is on CAPTCHAs to keep up" — which they're doing by evolving. The most popular type, Google's reCAPTCHA v3, should mostly be okay. It typically ascertains your humanity by monitoring your activity on websites before you even click the checkbox, comparing it with models of "organic human interaction," Jess Leroy, a senior director of product management at Google Cloud, the division that includes reCAPTCHA, told me.
But the automotive site Motor Biscuit speculates something else could also be happening. "Have you noticed it likes to ask about cars, buses, crosswalks, and other vehicle-related images lately?" Google has not confirmed that it uses the reCAPTCHA system for autonomous vehicles, but here are a few reasons why I think that could be the case. Self-driving cars from Waymo and other brands are improving every day, but the process requires a lot of critical technology and data to improve continuously.

According to an old Google Security Blog, using reCAPTCHA and Street View to make locations on Maps more accurate was happening way back in 2014... [I]t would ask users to find the street numbers found on Google Street View and confirm the numbers matched. Previously, it would use distorted text or letters. Using this data, Google could correlate the numbers with addresses and help pinpoint the location on Google Maps...

Medium reports that more than 60 million CAPTCHAs are being solved every day, which saves around 160,000 human hours of work. If these were helping locate addresses, why not also help identify other objects? Help differentiate a bus from a car and even choose a crosswalk over a light pole.
Thanks to Slashdot reader rikfarrow for suggesting the topic.

According to Microsoft Gaming CEO Phil Spencer, the company is talking to partners to help launch a mobile gaming store that will take on Apple and Google. "It's an important part of our strategy and something we are actively working on today not only alone, but talking to other partners who'd also like to see more choice for how they can monetize on the phone," Spencer said in an interview in Sao Paulo during the CCXP comics and entertainment convention. From the report: The executive declined to give a specific date for a launch of the online store, which earlier reports suggested could be next year. "I don't think this is multiple years away, I think this is sooner than that,'' he said. [...] Microsoft's mobile store would also enter a challenging regulatory climate around smartphone-based digital marketplaces. Fortnite-maker Epic Games has sued both Apple and Alphabet's Google over their iOS and Android store practices, alleging they are unnecessarily restrictive and unfair. Apple doesn't allow competing stores on its iPhone and iPad platforms, and collects a 30% cut of sales for most purchases. Game makers have taken issue with the fees.

Epic lost its battle with Apple but in September asked the US Supreme Court to weigh in. Apple is also petitioning that court to reverse an order that would force the company to let developers steer customers to other payment methods. Epic is still in court fighting its case against Google, which does allow third-party app stores on its devices.The European Union's Digital Markets Act, which is just beginning to take effect, could force Apple to open up its app store ecosystem. Apple is challenging the regulation.

Microsoft may be able to use long-standing resentment against the market leaders to martial support for its store offering. Xbox's cloud gaming technology already lets users stream blockbuster games to mobile phones. "We've talked about choice, and today on your mobile phones, you don't have choice,'' Spencer said. "To make sure that Xbox is not only relevant today but for the next 10, 20 years, we're going to have to be strong across many screens." Earlier this week, Xbox CFO Tim Stuart said during the Wells Fargo TMT Summit that Microsoft wants to make first-party games and Game Pass available on "every screen that can play games," including rival consoles. "It's a bit of a change of strategy. Not announcing anything broadly here, but our mission is to bring our first-party experiences [and] our subscription services to every screen that can play games," Stuart said. "That means smart TVs, that means mobile devices, that means what we would have thought of as competitors in the past like PlayStation and Nintendo."

China is waging a growing number of cyberattacks on neighboring Taiwan, according to cybersecurity experts at Alphabet's Google. From a report: Google has observed a "massive increase" in Chinese cyberattacks on Taiwan in the last six months or so, said Kate Morgan, a senior engineering manager in Google's threat analysis division, which monitors government-sponsored hacking campaigns. Morgan warned that Chinese hackers are employing tactics that make their work difficult to track, such as breaking into small home and office internet routers and repurposing them to wage attacks while masking their true origin.

"The number of groups in China that are performing hacking and trying to get into technology companies or get into cloud customers is huge," Morgan said. "I don't have the exact number, but it is probably over 100 groups that we are tracking just out of China alone." The hackers are going "after everything," including defense sector, government and private industry on the island, she said. Google's findings come as concerns have grown over the prospect of a conflict in Taiwan. The relationship between the US -- Taiwan's top military backer -- and China has deteriorated in recent years over a wide range of issues including Taiwan, human rights and a race to dominate advanced technologies such as chips, quantum computing and artificial intelligence.

Michael Larabel reports via Phoronix: The open-source Roundcube webmail software project has "merged" with Nextcloud, the prominent open-source personal cloud software. In boosting Nextcloud's webmail software capabilities, Roundcube is joining Nextcloud as what's been described as a merger. In 2024 Nextcloud is to invest into Roundcube to accelerate the development of this widely-used webmail open-source software. Today's press release says Roundcube will not replace Nextcloud Mail with at least no plans for merging the two in the short-term.

Today's press release says that there are no immediate changes for Roundcube and Nextcloud users besides looking forward to improved integration and accelerated development beginning in the short term.

An anonymous reader quotes a report from the New York Times: As the host of global climate talks that begin this week, the United Arab Emirates is expected to play a central role in forging an agreement to move the world more rapidly away from coal, oil and gas. But behind the scenes, the Emirates has sought to use its position as host to pursue a contradictory goal: to lobby on oil and gas deals around the world, according to an internal document made public by a whistle-blower. In one example, the document offers guidance for Emirati climate officials to use meetings with Brazil's environment minister to enlist her help with a local petrochemical deal by the Abu Dhabi National Oil Company, the Emirates' state-run oil and gas company, known as Adnoc. Emirati officials should also inform their Chinese counterparts that Adnoc was "willing to jointly evaluate international LNG opportunities" in Mozambique, Canada and Australia, the document indicates. LNG stands for liquefied natural gas, which is a fossil fuel and a driver of global warming.

These and other details in the nearly 50-page document -- obtained by the Centre for Climate Reportingand the BBC -- have cast a pall over the climate summit, which begins on Thursday. They are indications, experts said, that the U.A.E. is blurring the boundary between its powerful standing as host of the United Nations climate conference, and U.A.E.'s position as one of the world's largest oil and gas exporters. [...] In private, delegates preparing to travel to Dubai expressed concerns that the cloud surrounding the host nation threatened to discredit the talks themselves. The allegations, they said, risked undermining what many have hoped the negotiations will yield: a deal to replace polluting fossil fuels with clean energy such as wind and solar power. But many said they were reluctant to speak out publicly, for fear of jeopardizing their ability to negotiate.

Emilia David reports via The Verge: AWS added new languages to its Amazon Transcribe product, offering generative AI-based transcription for 100 languages and a slew of new AI capabilities for customers. Announced during the AWS re: Invent event, Amazon Transcribe can now recognize more spoken languages and spin up a call transcription. AWS customers use Transcribe to add speech-to-text capabilities to their apps on the AWS Cloud.

The company said in a blog post that Transcribe trained on "millions of hours of unlabeled audio data from over 100 languages" and uses self-supervised algorithms to learn patterns of human speech in different languages and accents. AWS said it ensured that some languages were not overrepresented in the training data to ensure that lesser-used languages could be as accurate as more frequently spoken ones. In late 2022, Amazon Transcribe supported 79 languages.

Amazon Transcribe has 20 to 50 percent accuracy across many languages, according to AWS. It also offers automatic punctuation, custom vocabulary, automatic language identification, and custom vocabulary filters. It can recognize speech in audio and video formats and noisy environments. With better language recognition, AWS said advances with Amazon Transcribe also bleed into better accuracy with its Call Analytics platform, which its contact center customers often use. Amazon Transcribe Call Analytics, now also powered by generative AI models, summarizes interactions between an agent and a customer. AWS said this cuts down on after-call work creating reports, and managers can quickly read information without needing to go through the entire transcript.

An anonymous reader quotes a report from Ars Technica: A prolific espionage hacking group with ties to China spent over two years looting the corporate network of NXP, the Netherlands-based chipmaker whose silicon powers security-sensitive components found in smartphones, smartcards, and electric vehicles, a news outlet has reported. The intrusion, by a group tracked under names including "Chimera" and "G0114," lasted from late 2017 to the beginning of 2020, according to Netherlands national news outlet NRC Handelsblad, which cited "several sources" familiar with the incident. During that time, the threat actors periodically accessed employee mailboxes and network drives in search of chip designs and other NXP intellectual property. The breach wasn't uncovered until Chimera intruders were detected in a separate company network that connected to compromised NXP systems on several occasions. Details of the breach remained a closely guarded secret until now.

NRC cited a report published (and later deleted) by security firm Fox-IT, titled Abusing Cloud Services to Fly Under the Radar. It documented Chimera using cloud services from companies including Microsoft and Dropbox to receive data stolen from the networks of semiconductor makers, including one in Europe that was hit in "early Q4 2017." Some of the intrusions lasted as long as three years before coming to light. NRC said the unidentified victim was NXP. "Once nested on a first computer -- patient zero -- the spies gradually expand their access rights, erase their tracks in between and secretly sneak to the protected parts of the network," NRC reporters wrote in an English translation. "They try to secrete the sensitive data they find there in encrypted archive files via cloud storage services such as Microsoft OneDrive. According to the log files that Fox-IT finds, the hackers come every few weeks to see whether interesting new data can be found at NXP and whether more user accounts and parts of the network can be hacked."

NXP did not alert customers or shareholders to the intrusion, other than a brief reference in a 2019 annual report. It read: "We have, from time to time, experienced cyber-attacks attempting to obtain access to our computer systems and networks. Such incidents, whether or not successful, could result in the misappropriation of our proprietary information and technology, the compromise of personal and confidential information of our employees, customers, or suppliers, or interrupt our business. For instance, in January 2020, we became aware of a compromise of certain of our systems. We are taking steps to identify the malicious activity and are implementing remedial measures to increase the security of our systems and networks to respond to evolving threats and new information. As of the date of this filing, we do not believe that this IT system compromise has resulted in a material adverse effect on our business or any material damage to us. However, the investigation is ongoing, and we are continuing to evaluate the amount and type of data compromised. There can be no assurance that this or any other breach or incident will not have a material impact on our operations and financial results in the future."

Amazon's cloud-computing unit announced updated versions of its in-house computer chips while also forging closer ties with Nvidia -- dual efforts designed to ensure it can get enough supplies of crucial data-center processors. From a report: New homegrown Graviton4 chips will have as much as 30% better performance than their predecessors, Amazon Web Services said at its annual re:Invent conference in Las Vegas. Computers using the processors will start coming online in the coming months.

The company also unveiled Trainium2, an updated version of a processor designed for artificial intelligence systems. It will begin powering new services starting next year, Amazon said. That chip provides an alternative to so-called AI accelerators sold by Nvidia -- processors that have been vital to the build-out of artificial intelligence services. But Amazon also touted "an expansion of its partnership" with Nvidia, whose chief executive officer, Jensen Huang, joined AWS counterpart Adam Selipsky on stage. AWS will be the first big user of an updated version of that company's Grace Hopper Superchip, and it will be one of the data-center companies hosting Nvidia's DGX Cloud service.

India's government has granted its Computer Emergency Response Team, CERT-In, immunity from Right To Information (RTI) requests, the nation's equivalent of the freedom of information queries in the US, UK, or Australia. From a report: Reasons for the exemption have not been explained, but The Register has reported on one case in which an RTI request embarrassed CERT-In. That case related to India's sudden decision, in April 2022, to require businesses of all sizes to report infosec incidents to CERT-in within six hours of detection. The rapid reporting requirement applied both to serious incidents like ransomware attacks, and less critical messes like the compromise of a social media account.

CERT-In justified the rules as necessary to defend the nation's cyberspace and gave just sixty days notice for implementation. The plan generated local and international criticism for being onerous and inconsistent with global reporting standards such as Europe's 72-hour deadline for notifying authorities of data breaches. The reporting requirements even applied to cloud operators, who were asked to report incidents on tenants' servers. Big Tech therefore opposed the plan.

An anonymous reader quotes a report from Ars Technica: On Tuesday, Stability AI released Stable Video Diffusion, a new free AI research tool that can turn any still image into a short video -- with mixed results. It's an open-weights preview of two AI models that use a technique called image-to-video, and it can run locally on a machine with an Nvidia GPU. [...] Right now, Stable Video Diffusion consists of two models: one that can produce image-to-video synthesis at 14 frames of length (called "SVD"), and another that generates 25 frames (called "SVD-XT"). They can operate at varying speeds from 3 to 30 frames per second, and they output short (typically 2-4 second-long) MP4 video clips at 576x1024 resolution.

In our local testing, a 14-frame generation took about 30 minutes to create on an Nvidia RTX 3060 graphics card, but users can experiment with running the models much faster on the cloud through services like Hugging Face and Replicate (some of which you may need to pay for). In our experiments, the generated animation typically keeps a portion of the scene static and adds panning and zooming effects or animates smoke or fire. People depicted in photos often do not move, although we did get one Getty image of Steve Wozniak to slightly come to life.

Given these limitations, Stability emphasizes that the model is still early and is intended for research only. "While we eagerly update our models with the latest advancements and work to incorporate your feedback," the company writes on its website, "this model is not intended for real-world or commercial applications at this stage. Your insights and feedback on safety and quality are important to refining this model for its eventual release." Notably, but perhaps unsurprisingly, the Stable Video Diffusion research paper (PDF) does not reveal the source of the models' training datasets, only saying that the research team used "a large video dataset comprising roughly 600 million samples" that they curated into the Large Video Dataset (LVD), which consists of 580 million annotated video clips that span 212 years of content in duration.

Simon Sharwood reports via The Register: Amazon Web Services has announced the WorkSpaces Thin Client -- a device dedicated to connecting to its WorkSpaces desktop-as-a service offering and based on Amazon's own "Fire Cube" smart TV box. The $195 machine has the same hardware as the Fire Cube: the eight-core Arm-powered Amlogic POP1-G SoC, plus 2GB of LPDDR4 RAM, 10/100 ethernet, and a single USB-A 2.0 port. Bluetooth is included to connect other peripherals. A second HDMI output can be added by acquiring an $85 hub that also offers four more USB ports. Like the Fire TV Cube, the Thin Client also runs a modified cut of Android.

But there the similarities end. AWS created custom firmware and ripped out anything remotely related to running a consumer device, replacing it with software designed solely to create a secure connection between the device and desktops running in the Amazonian cloud. Amazon Business -- the B2B version of Jeff Bezos's digital souk -- will ship the device to your door, and charge it to your AWS bill. At least if you are in the USA. Europe will get the Thin Client in early 2024, and it'll eventually migrate elsewhere.

AWS decided to base the box on the Fire Cube because, according to a corporate blog post, AWS customers expressed a desire for cheaper and easier-to-maintain client devices. As AWS execs searched for a well-priced box, they considered the Fire TV Cube, found it fit the bill and noted it was already being made at scale. Keeping things in-house made sense, too. And so we find ourselves with AWS taking on established thin client providers. The cloudy concern is also keen to have a crack at the thick wedge of the enterprise PC market: call centers, payment processing centers, and other environments with lots of users and high staff turnover due to factors like seasonal demand for workers.

Google Drive users are reporting files mysteriously disappearing from the service, with some posters on the company's support forums claiming six or more months of work have unceremoniously vanished. From a report: The issue has been rumbling for a few days, with one user logging into Google Drive and finding things as they were in May 2023. According to the poster, almost everything saved since then has gone, and attempts at recovery failed. Others chimed in with similar experiences, and one claimed that six months of business data had gone AWOL. There is little information regarding what has happened; some users reported that synchronization had simply stopped working, so the cloud storage was out of date.

Others could get some of their information back by fiddling with cached files, although the limited advice on offer for the affected was to leave things well alone until engineers come up with a solution. A message purporting to be from Google support also advised not to make changes to the root/data folder while engineers investigate the issue. Some users speculated that it might be related to accounts being spontaneously dropped. We've asked Google for its thoughts and will update should the search giant respond.

Regulators in the European Union, China and France have asked for information on Nvidia's graphic cards, with more requests expected in the future, the U.S. chip giant said in a regulatory filing. From a report: Nvidia is the world's largest maker of chips used both for artificial intelligence and for computer graphics. Demand for its chips jumped following the release of the generative AI application ChatGPT late last year. The California-based company has a market share of around 80% via its chips and other hardware and its powerful software that runs them.

Its graphics cards are high-performance devices that enable powerful graphics rendering and processing for use in video editing, video gaming and other complex computing operations. The company said this has attracted regulatory interest around the world. "For example, the French Competition Authority collected information from us regarding our business and competition in the graphics card and cloud service provider market as part of an ongoing inquiry into competition in those markets," Nvidia said in a regulatory filing dated Nov. 21.

TorrentFreak: File-sharing and hosting giant Uloz has announced a radical change to its business model. The Czech site has been under fire for some time and was recently branded a 'notorious market' by the MPA. However, Uloz says that an imminent ban on file-sharing in favor of a private, cloud-based storage model, is due to the strict conditions imposed by the EU's Digital Services Act.

Nvidia's fiscal third-quarter results surpassed Wall Street's predictions, with revenue growing 206% year over year. However, Nvidia shares are down after the company called for a negative impact in the next quarter due to export restrictions affecting sales in China and other countries. CNBC reports: Nvidia's revenue grew 206% year over year during the quarter ending Oct. 29, according to a statement. Net income, at $9.24 billion, or $3.71 per share, was up from $680 million, or 27 cents per share, in the same quarter a year ago. The company's data center revenue totaled $14.51 billion, up 279% and more than the StreetAccount consensus of $12.97 billion. Half of the data center revenue came from cloud infrastructure providers such as Amazon, and the other from consumer internet entities and large companies, Nvidia said. Healthy uptake came from clouds that specialize in renting out GPUs to clients, Kress said on the call.

The gaming segment contributed $2.86 billion, up 81% and higher than the $2.68 billion StreetAccount consensus. With respect to guidance, Nvidia called for $20 billion in revenue for the fiscal fourth quarter. That implies nearly 231% revenue growth. [...] Nvidia faces obstacles, including competition from AMD and lower revenue because of export restrictions that can limit sales of its GPUs in China. But ahead of Tuesday report, some analysts were nevertheless optimistic.

Amazon is starting to offer free educational courses on generative AI with an aim to extend "critical skills" to adults and young learners everywhere. From a report: The company's initiative, called "AI Ready," is an extension of current AWS-based AI skills training programs offered by Amazon but now includes eight free courses that cover AI project management and development. Amazon says 21 million people have already trained on AWS cloud computing skills through its programs, and it hopes 2 million will use its AI courses by 2025. Amazon says that demand for talent for AI jobs is increasing, and companies are willing to pay higher salaries for those with the skills, but the courses are also geared toward promoting Amazon's own AI products.

This week the Microsoft Security Response Center celebrated the 20th anniversary of Patch Tuesday updates.

In a blog post they call the updates "an initiative that has become a cornerstone of the IT world's approach to cybersecurity." Originating from the Trustworthy Computing memo by Bill Gates in 2002, our unwavering commitment to protecting customers continues to this day and is reflected in Microsoft's Secure Future Initiative announced this month. Each month, we deliver security updates on the second Tuesday, underscoring our pledge to cyber defense. As we commemorate this milestone, it's worth exploring the inception of Patch Tuesday and its evolution through the years, demonstrating our adaptability to new technology and emerging cyber threats...

Before this unified approach, our security updates were sporadic, posing significant challenges for IT professionals and organizations in deploying critical patches in a timely manner. Senior leaders of the Microsoft Security Response Center (MSRC) at the time spearheaded the idea of a predictable schedule for patch releases, shifting from a "ship when ready" model to a regular weekly, and eventually, monthly cadence...

This led to a shift from a "ship when ready" model to a regular weekly, and eventually, monthly cadence. In addition to consolidating patch releases into a monthly schedule, we also organized the security update release notes into a consolidated location. Prior to this change, customers had to navigate through various Knowledge Base articles, making it difficult to find the information they needed to secure themselves. Recognizing the need for clarity and convenience, we provided a comprehensive overview of monthly releases. This change was pivotal at a time when not all updates were delivered through Windows Update, and customers needed a reliable source to find essential updates for various products.

Patch Tuesday has also influenced other vendors in the software and hardware spaces, leading to a broader industry-wide practice of synchronized security updates. This collaborative approach, especially with hardware vendors such as AMD and Intel, aims to provide a united front against vulnerabilities, enhancing the overall security posture of our ecosystems. While the volume and complexity of updates have increased, so has the collaboration with the security community. Patch Tuesday has fostered better relationships with security researchers, leading to more responsible vulnerability disclosures and quicker responses to emerging threats...

As the landscape of security threats evolves, so does our strategy, but our core mission of safeguarding our customers remains unchanged.

Amazon "is investing millions in training an ambitious large language model," reports Reuters, "hoping it could rival top models from OpenAI and Alphabet, two people familiar with the matter told Reuters." The model, codenamed as "Olympus", has 2 trillion parameters, the people said, which could make it one of the largest models being trained. OpenAI's GPT-4 model, one of the best models available, is reported to have one trillion parameters...

The team is spearheaded by Rohit Prasad, former head of Alexa, who now reports directly to CEO Andy Jass... Amazon believes having homegrown models could make its offerings more attractive on AWS, where enterprise clients want to access top-performing models, the people familiar with the matter said, adding there is no specific timeline for releasing the new model.
"While the parameter count doesn't automatically mean Olympus will outperform GPT-4, it's probably a good bet that it will, at minimum, be very competitive with its rival from OpenAI," argues a financial writer at the Motley Fool — as well as Googles nascent AI projects. Amazon could have a key advantage over its competition, one that CEO Andy Jassy alluded to in the company's third-quarter earnings call. Jassy said, "Customers want to bring the models to their data, not the other way around. And much of that data resides in AWS [Amazon Web Services] as the clear market segment leader in cloud infrastructure...."

Amazon will likely also leverage Olympus in other ways. For example, the company could make its CodeWhisperer generative AI coding companion more powerful. Jassy noted in the Q3 call that all of Amazon's "significant businesses are working on generative AI applications to transform their customer experiences." Olympus could make those initiatives even more transformative.
They point out that Amazon's profits more than tripled in the third quarter of 2023 from where they were in 2022.

And Amazon's stock price has already jumped more than 40% in 2023.