The Hidden Cybersecurity threats in Old Hard Drives and Smartphones

~ Reporter ~ Leave a comment

In today’s digital age, personal and professional data are constantly being stored, transferred, and backed up across various devices. Among these devices, hard drives and smartphones often contain an immense amount of sensitive information—data that, if left unprotected or improperly discarded, can pose significant cybersecurity threats.

As people upgrade their technology, it’s easy to forget that the devices they no longer use still contain vast amounts of data. Whether you’re clearing out old hard drives, passing along smartphones, or simply discarding outdated technology, you might be unknowingly opening the door to a host of cybersecurity risks. Let’s dive into why old devices can be a cybersecurity minefield and how to protect your data from potential breaches.

The Data Dilemma: Why Old Devices Are Cybersecurity Hazards

1. Residual Data on Hard Drives

When a hard drive is no longer needed, many people make the mistake of simply deleting files, formatting the drive, or tossing it away. However, these actions don’t fully erase the data. When you delete a file, the operating system marks the space as available for use, but the actual data remains intact until overwritten by new information. Without specialized tools, recovering these files is relatively easy.

Cybersecurity Risk: If an attacker gains access to an old hard drive, they can recover sensitive information like passwords, banking details, business files, and even personal communications. This data can be used for identity theft, financial fraud, corporate espionage, or further cyberattacks.

2. Smartphones: A Treasure Trove of Personal Information

Old smartphones, especially when they are sold or donated without proper data erasure, can be a goldmine for cybercriminals. A smartphone doesn’t just store your contacts and photos; it may also contain sensitive information such as passwords, email accounts, banking apps, GPS history, and more.

Cybersecurity Risk: If a device is sold or disposed of without clearing all data, the new owner can easily access personal information. Smartphones are often not just personal, but interconnected with various services like social media accounts, cloud backups, and even your workplace’s internal networks. If not wiped correctly, an attacker could use the data for malicious activities such as social engineering, theft, or identity fraud.

3. Inadequate Factory Resets

People often believe that performing a factory reset on their smartphones or laptops will completely remove all data from the device. However, factory resets are not foolproof. In some cases, the data remains on the device in a recoverable format. While a factory reset does delete data from the operating system, it may leave traces of your information in other areas of the device, especially in hidden or encrypted storage locations.

Cybersecurity Risk: Without fully erasing or encrypting data before disposing of a device, there’s always the risk that critical data will remain intact and accessible by malicious actors. It’s not uncommon for thieves to buy old smartphones or hard drives and use advanced data recovery software to retrieve sensitive files.

4. Weak Security on Older Devices

Old hard drives and smartphones may also suffer from outdated security protocols. As hardware ages, manufacturers stop updating the device’s software, leaving it vulnerable to known exploits and security loopholes. For example, older smartphones that are no longer supported by the manufacturer may still run outdated operating systems with security flaws, making them easy targets for hackers.

Cybersecurity Risk: These outdated devices, when connected to a network, can act as a weak point in a larger system. If a cybercriminal gains access to an old device with outdated security, they might be able to exploit vulnerabilities to infiltrate networks, gain unauthorized access to files, or launch attacks on other devices.

How to Safeguard Your Data: Best Practices for Old Devices

To ensure that your sensitive data doesn’t fall into the wrong hands, it’s essential to take certain precautions when dealing with old hard drives and smartphones.

1. Use Data Destruction Tools

Simply deleting files or doing a factory reset isn’t enough to safeguard your data. Specialized data destruction software, such as DBAN (Darik’s Boot and Nuke) for hard drives, can overwrite data multiple times to ensure it is unrecoverable. This software uses secure algorithms to render the data irretrievable.

For smartphones, apps like iShredder or Factory Reset Protection can help completely wipe your device clean before disposal. If possible, use encryption to make sure that even if data is recovered, it remains unreadable without the decryption key.

2. Physically Destroy the Device

For high-value or extremely sensitive data, physical destruction of the device may be the best option. You can crush, shred, or melt down hard drives to render them unusable. For smartphones, remove the battery (if possible), smash the device, and ensure the internal memory is destroyed. While this may seem extreme, it’s the most secure way to ensure that the data is completely unrecoverable.

3. Don’t Trust Factory Resets Alone

If you decide to use a factory reset, it’s important to encrypt your device first, especially on smartphones. Encryption adds an extra layer of protection by ensuring that even if the data is somehow retrieved, it will be unreadable. After encrypting, perform a factory reset, and if possible, do a second reset to further reduce the chances of residual data.

4. Recycle Devices Properly

Instead of simply discarding old devices, consider donating or recycling them. Many organizations offer secure data destruction services and may even provide certificates of data destruction for peace of mind. Certified recycling centers ensure that your devices are properly wiped or destroyed before being disposed of.

5. Be Aware of Data on External Storage Devices

It’s not just hard drives and smartphones that pose risks. External storage devices like USB drives, SD cards, and even cloud backups can harbor old, sensitive data. Always ensure that any external storage devices are fully wiped using trusted data-erasure tools before you part with them.

The Bottom Line

Old hard drives and smartphones are much more than just outdated technology; they are storage devices that may contain an alarming amount of personal, financial, and professional data. Whether you’re upgrading your phone or clearing out your old storage devices, always take the time to ensure that your data is securely erased.

The cybersecurity risks posed by improperly disposed of devices are real, and the consequences can be severe, ranging from identity theft to corporate espionage. By following best practices for data destruction and remaining vigilant about device security, you can significantly reduce the likelihood of your old devices becoming a gateway for cyberattacks.

The post The Hidden Cybersecurity threats in Old Hard Drives and Smartphones first appeared on Cybersecurity Insiders.

The post The Hidden Cybersecurity threats in Old Hard Drives and Smartphones appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/rJquQRC
via IFTTT

The Oracle Breach Is Bigger Than You Think—5 Urgent Steps to Take Now

~ Reporter ~ Leave a comment

In a troubling development for enterprise cloud users, federal authorities are investigating a major data breach involving Oracle—one of the world’s leading cloud infrastructure providers. Hackers reportedly gained unauthorized access to Oracle systems, stealing sensitive client login credentials including usernames, passkeys, and encrypted passwords. According to a Bloomberg report, this is Oracle’s second cybersecurity disclosure in just a month, raising serious concerns about the security of cloud platforms and what businesses should do in response.

The incident is being jointly investigated by the FBI and cybersecurity firm CrowdStrike. Early findings suggest that the attacker may have demanded an extortion payment from Oracle, highlighting the growing trend of cybercriminals using ransomware-style tactics even against major tech giants.

So what does this breach mean for Oracle’s cloud customers—and potentially for any business relying on third-party cloud services?

For one, it’s a harsh reminder that even the biggest cloud providers are not immune to breaches. And when credentials are compromised, the fallout can cascade across systems, especially if those credentials are reused or tied to critical business operations. It underscores the urgent need for cloud customers to revisit and strengthen their security posture.

Akash Mahajan, cybersecurity expert and CEO of Kloudle, outlines five immediate actions companies should take if they believe they may have been affected by the Oracle breach—or if they want to proactively guard against similar threats.

1. Force Password Resets Across All Systems

If your organization uses Oracle services, assume credentials may be compromised. Immediately reset all passwords associated with these accounts. Adopt strong password policies—minimum 16 characters, complex combinations, and absolutely no reuse across systems. Consider deploying password managers to help staff generate and store secure credentials.

2. Implement Multi-Factor Authentication (MFA)

Even if attackers have stolen credentials, MFA can act as a critical line of defense. Enable MFA across all systems, especially cloud services, administrative accounts, and remote access portals. Mahajan recommends using app-based authenticators or hardware tokens over SMS, which is more vulnerable to interception.

3. Audit Access Logs for Suspicious Activity

Comb through your logs for red flags—unusual login times, logins from unfamiliar IP addresses, or unexpected data exports. Focus on systems connected to Oracle and accounts that share similar credentials. Pay close attention to privileged accounts, which are prime targets for attackers.

4. Review and Restrict Third-Party Integrations

If your Oracle environment connects with other systems—whether through APIs, OAuth tokens, or service accounts—those credentials could also be exposed. Audit all third-party connections and revoke or rotate any potentially compromised tokens. Apply the principle of least privilege to limit access and reduce the blast radius of any future breach.

5. Implement Enhanced Monitoring and Threat Detection

This isn’t a one-and-done scenario. Set up systems to detect brute force attacks, credential stuffing, or other signs of compromise. Configure alerts for any login attempts using known compromised credentials. Lock out accounts after a set number of failed attempts and consider implementing behavior-based monitoring to spot anomalies.

A Breach With Lingering Consequences

“This breach is particularly concerning because of the potential for credential reuse across multiple systems,” warns Mahajan. He advises organizations to not only take immediate protective steps but also to conduct a full security assessment, engage their cyber insurance provider, and explore tools like privileged access management (PAM) solutions.

It’s also worth remembering: attackers don’t always strike immediately. Stolen credentials may lie dormant for weeks or months before being used. That’s why long-term vigilance—backed by strong monitoring, incident response planning, and regular security audits—is essential.

As the investigation into the Oracle breach unfolds, one thing is clear: trust in the cloud must be accompanied by a strong, proactive security strategy.

The post The Oracle Breach Is Bigger Than You Think—5 Urgent Steps to Take Now first appeared on Cybersecurity Insiders.

The post The Oracle Breach Is Bigger Than You Think—5 Urgent Steps to Take Now appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/EXsIRjT
via IFTTT

Announcing up to 85% price reductions for Amazon S3 Express One Zone

~ Reporter ~ Leave a comment

At re:Invent 2023, we introduced Amazon S3 Express One Zone, a high-performance, single-Availability Zone (AZ) storage class purpose-built to deliver consistent single-digit millisecond data access for your most frequently accessed data and latency-sensitive applications.

S3 Express One Zone delivers data access speed up to 10 times faster than S3 Standard, and it can support up to 2 million GET transactions per second (TPS) and up to 200,000 PUT TPS per directory bucket. This makes it ideal for performance-intensive workloads such as interactive data analytics, data streaming, media rendering and transcoding, high performance computing (HPC), and AI/ML trainings. Using S3 Express One Zone, customers like Fundrise, Aura, Lyrebird, Vivian Health, and Fetch improved the performance and reduced the costs of their data-intensive workloads.

Since launch, we’ve introduced a number of features for our customers using S3 Express One Zone. For example, S3 Express One Zone started to support object expiration using S3 Lifecycle to expire objects based on age to help you automatically optimize storage costs. In addition, your log-processing or media-broadcasting applications can directly append new data to the end of existing objects and then immediately read the object, all within S3 Express One Zone.

Today we’re announcing that, effective April 10, 2025, S3 Express One Zone has reduced storage prices by 31 percent, PUT request prices by 55 percent, and GET request prices by 85 percent. In addition, S3 Express One Zone has reduced the per-GB charges for data uploads and retrievals by 60 percent, and these charges now apply to all bytes transferred rather than just portions of requests greater than 512 KB.

Here is a price reduction table in the US East (N. Virginia) Region:

Price Previous New Price reduction
Storage
(per GB-Month)		 $0.16 $0.10 31%
Writes
(PUT requests)		 $0.0025 per 1,000 requests up to 512 KB $0.00113 per 1,000 requests 55%
Reads
(GET requests)		 $0.0002 per 1,000 requests up to 512 KB $0.00003 per 1,000 requests 85%
Data upload
(per GB)		 $0.008 $0.0032 60%
Data retrievals
(per GB)		 $0.0015 $0.0006 60%

For S3 Express One Zone pricing examples, go to the S3 billing FAQs or use the AWS Pricing Calculator.

These pricing reductions apply to S3 Express One Zone in all AWS Regions where the storage class is available: US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Europe (Ireland), and Europe (Stockholm) Regions. To learn more, visit the Amazon S3 pricing page and S3 Express One Zone in the AWS Documentation.

Give S3 Express One Zone a try in the S3 console today and send feedback to AWS re:Post for Amazon S3 or through your usual AWS Support contacts.

Channy

from AWS News Blog https://ift.tt/8mze4fs
via IFTTT

The Key Differences Between a Data Breach and a Data Leak

~ Reporter ~ Leave a comment

In today’s increasingly digital world, concerns about the safety and security of personal and corporate data are paramount. With high-profile incidents in the media, terms like “data breach” and “data leak” are often used interchangeably. However, there are significant differences between the two, each with unique implications for businesses and individuals. Understanding these differences is crucial for responding effectively to these incidents and protecting sensitive information.

What is a Data Breach?

A data breach refers to an intentional or unintentional incident where unauthorized individuals or entities gain access to sensitive or confidential data. The key aspect of a data breach is that it involves malicious or unauthorized access to protected data. This can happen in a variety of ways, such as through hacking, phishing attacks, or the exploitation of vulnerabilities in a system.

Examples of data breaches include:

•    Hackers gaining access to a company’s database and stealing sensitive customer data.
•    A company insider improperly accessing or misusing confidential information.
•    Ransomware attacks where data is encrypted and held hostage until a ransom is paid.

Data breaches can involve anything from email addresses to financial records, healthcare data, or intellectual property. Once the breach has occurred, the stolen or exposed data can be used for malicious purposes, such as identity theft, fraud, or even corporate espionage. Due to the intentional nature of the access, data breaches often have legal consequences, including fines, lawsuits, and reputational damage.

Key Characteristics of a Data Breach:

•    Unauthorized access to data, often by cybercriminals or insiders.
•    Malicious intent or exploitation of vulnerabilities.
•    Often results in stolen data being used for illegal activities.
•    Affected parties are often notified because of legal obligations.

What is a Data Leak?

A data leak, on the other hand, typically occurs when data is accidentally exposed or unintentionally made accessible to the public or unauthorized individuals. Unlike a data breach, there is usually no malicious intent behind a leak. The exposed data may have been left unprotected due to poor security practices or simple human error.

Examples of data leaks include:

•    A cloud server misconfiguration that makes sensitive files publicly accessible.
•    Employees accidentally emailing confidential documents to the wrong recipient.
•    A company’s website that inadvertently exposes user data due to coding errors or security flaws.

While data leaks do not involve the malicious theft of data, they can still have serious consequences. Exposed data can be accessed by anyone, including criminals, competitors, or hackers. In some cases, the leak may go unnoticed for an extended period of time, leaving the exposed data vulnerable to misuse.

Key Characteristics of a Data Leak:
•    Data is exposed due to human error or poor security practices.
•    There is no malicious intent behind the exposure.
•    Affected data is often accessible by anyone with the right access.
•    The exposed data may be accidentally found, without any criminal action.

Key Differences Between a Data Breach and a Data Leak

While both incidents result in the exposure of sensitive data, there are important distinctions between a data breach and a data leak:

1. Intent:

@   A data breach involves malicious intent or unauthorized access by cybercriminals or insiders.

#    A data leak is typically caused by human error or a lack of proper security protocols.

2. Cause:

@    A data breach is the result of deliberate actions, such as hacking or exploitation of system vulnerabilities.

#    A data leak usually occurs because of poor security practices, like leaving files publicly accessible or making inadvertent mistakes.

3. Consequences:

@    A data breach often involves the stolen data being used for fraudulent or malicious activities, such as identity theft, blackmail, or financial fraud.

#  A data leak may expose data, but typically there is no immediate malicious use, though it can still lead to reputational damage or legal action.

4. Discovery:

#  A data breach often takes longer to detect, as cybercriminals may cover their tracks or continue accessing the system without detection.

# A data leak is usually noticed sooner because it is typically accidental and can be easily accessed by anyone.

5.Legal Ramifications:

# A data breach often requires immediate notification to affected individuals, regulatory bodies, and possibly legal consequences for the organization responsible.

# A data leak might not involve the same level of legal responsibility if it’s due to negligence, though regulations like GDPR require organizations to address such issues.

Why Understanding the Difference Matters

For businesses, the distinction between a data breach and a data leak is crucial for determining their response strategies, liability, and the appropriate measures to take to prevent further exposure. Data breach protocols typically include immediate investigation, legal notifications, public disclosures, and credit monitoring for affected individuals. On the other hand, while data leaks may still require corrective actions, the primary focus is often on improving security measures and addressing any vulnerabilities.

For consumers, understanding the difference can help them better gauge the risk and potential impact of a data exposure incident. Whether it’s a breach or a leak, taking immediate steps to protect personal information, such as changing passwords, monitoring accounts, and staying informed, is essential.

Final Thoughts

Though the terms “data breach” and “data leak” are often used interchangeably, they represent distinct types of incidents with different causes, consequences, and responses. While data breaches involve deliberate criminal activity aimed at stealing sensitive information, data leaks typically result from accidental exposures or poor security practices. Both can have serious implications for privacy, security, and compliance, making it crucial for organizations to maintain robust cybersecurity measures and data protection protocols to safeguard sensitive information.

By understanding these differences, individuals and businesses can take appropriate steps to protect their data and respond effectively in the event of an incident.

The post The Key Differences Between a Data Breach and a Data Leak first appeared on Cybersecurity Insiders.

The post The Key Differences Between a Data Breach and a Data Leak appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/wMayxCt
via IFTTT

Hackers breach email systems of OCC to gather intelligence from emails

~ Reporter ~ Leave a comment

In what has become a significant and concerning information security incident, the Office of the Comptroller of the Currency (OCC), a key branch of the United States Treasury Department tasked with overseeing currency transactions within the nation’s banking system, has officially disclosed a serious breach involving its email systems. In a formal statement released recently, the OCC confirmed that it had notified Congress of the incident, which took place earlier this year in February.

The breach, which remains under investigation, involved an unknown malicious actor who successfully infiltrated the OCC’s email systems. According to the OCC, the cybercriminal(s) gained unauthorized access and potentially stole sensitive information linked to over 160,000 employees of the agency. The OCC’s statement underscored the gravity of the breach, which raises serious concerns about the security of sensitive governmental and financial data.

Cybersecurity Insiders have since learned that the intrusion into the OCC’s email systems might have started as early as June 2023. During this time, the hackers are believed to have accessed and exfiltrated over 150,000 emails, containing possibly confidential data. These activities appear to have gone undetected by the agency’s IT teams, raising questions about the effectiveness of its cybersecurity measures and the extent of the threat.

As of now, the OCC has not provided further details on the specific nature of the compromised data or whether it has impacted other critical systems within the Treasury Department. However, the scale of the breach and the sensitive nature of the agency’s role in monitoring financial transactions nationwide have made this breach particularly alarming.

New Regulations Impacting Data Transfers Across Borders

In related news, a new regulatory measure, which came into effect on Tuesday, April 8, 2025, imposes strict restrictions on businesses operating in key sectors, including manufacturing, technology, finance, and cloud storage. Under this new rule, companies in these industries are now prohibited or severely restricted from transferring bulk data to countries deemed to pose a national security threat. The list of such countries includes Russia, China, Iran, Cuba, North Korea, and Venezuela.

This regulation mandates that businesses, particularly those in the cloud storage sector, must ensure that no data—whether personal, business-related, or otherwise—is transferred to these nations. The data restrictions cover a wide range of sensitive information, including but not limited to, personally identifiable information (PII), biometric data, genomic information, geolocation data, metadata, and any form of government-related data. This also includes crucial information often stored by cloud services such as backup data, data analysis, and even metadata related to communication and activities.

The implications for non-compliance are severe. Companies that fail to adhere to these regulations face significant civil penalties, which could range up to $377,000. In some cases, the penalties could escalate to double the value of the transaction involved, and depending on the situation, violators could also face fines as high as $1 million. Additionally, there are provisions in the law that allow for criminal prosecution, potentially leading to jail terms of up to two years for individuals responsible for breaches of these rules.

The introduction of these new guidelines reflects the growing concerns around national security and the need for stronger control over data flows, particularly in light of rising geopolitical tensions. Businesses operating in these high-risk sectors must now review their data transfer practices carefully to ensure they remain in compliance with these new regulations.

The post Hackers breach email systems of OCC to gather intelligence from emails first appeared on Cybersecurity Insiders.

The post Hackers breach email systems of OCC to gather intelligence from emails appeared first on Cybersecurity Insiders.

from Cybersecurity Insiders https://ift.tt/TFpskOM
via IFTTT

AWS announces Pixtral Large 25.02 model in Amazon Bedrock serverless

~ Reporter ~ Leave a comment

Today at AWS Summit Paris, we announced that the Pixtral Large 25.02 model is now available in Amazon Bedrock as a fully managed, serverless offering. AWS is the first major cloud provider to deliver Pixtral Large as a fully managed, serverless model.

Working with large foundation models (FMs) often requires significant infrastructure planning, specialized expertise, and ongoing optimization to handle the computational demands effectively. Many customers find themselves managing complex environments or making trade-offs between performance and cost when deploying these sophisticated models.

The Pixtral Large model, developed by Mistral AI, represents their first multimodal model that combines advanced vision capabilities with powerful language understanding. A 128K context window makes it ideal for complex visual reasoning tasks. The model delivers exceptional performance on key benchmarks including MathVista, DocVQA, and VQAv2, demonstrating its effectiveness across document analysis, chart interpretation, and natural image understanding.

One of the most powerful aspects of Pixtral Large is its multilingual capability. The model supports dozens of languages including English, French, German, Spanish, Italian, Chinese, Japanese, Korean, Portuguese, Dutch, and Polish, making it accessible to global teams and applications. It’s also trained on more than 80 programming languages including Python, Java, C, C++, JavaScript, Bash, Swift, and Fortran, providing robust code generation and interpretation capabilities.

Developers will appreciate the model’s agent-centric design with built-in function calling and JSON output formatting, which simplifies integration with existing systems. Its strong system prompt adherence improves reliability when working with Retrieval Augmented Generation (RAG) applications and large context scenarios.

With Pixtral Large in Amazon Bedrock, you can now access this advanced model without having to provision or manage any infrastructure. The serverless approach lets you scale usage based on actual demand without upfront commitments or capacity planning. You pay only for what you use, with no idle resources.

Cross-Region inference
Pixtral Large is now available in Amazon Bedrock across multiple AWS Regions through cross-Region inference.

With Amazon Bedrock cross-Region inference, you can access a single FM across multiple geographic Regions while maintaining high availability and low latency for global applications. For example, when a model is deployed in both European and US Regions, you can access it through Region-specific API endpoints using distinct prefixes: eu.model-id for European Regions and us.model-id for US Regions . This approach enables Amazon Bedrock to route inference requests to the geographically closest endpoint, reducing latency while helping to meet regulatory compliance by keeping data processing within desired geographic boundaries. The system automatically handles traffic routing and load balancing across these Regional deployments, providing seamless scalability and redundancy without requiring you to keep track of individual Regions where the model is actually deployed.

See it in action
As a developer advocate, I’m constantly exploring how our newest capabilities can solve real problems. Recently, I had a perfect opportunity to test the new multimodal capabilities in the Amazon Bedrock Converse API when my daughter asked for help with her physics exam preparation.

Last weekend, my kitchen table was covered with practice exams full of complex diagrams, force vectors, and equations. My daughter was struggling with conceptualizing how to approach these problems. That’s when I realized this was the perfect use case for the multimodal capabilities we’d just launched. I snapped photos of a particularly challenging problem sheet containing several graphs and mathematical notation, then used the Converse API to create a simple application that could analyze the images. Together, we uploaded the physics exam materials and asked the model to explain the solution approach.

Physics problem in french

What happened next impressed both of us—the model interpreted the diagrams, recognized the french language and the mathematical notation, and provided a step-by-step explanation of how to solve each problem. As we asked follow-up questions about specific concepts, the model maintained context across our entire conversation, creating a tutoring experience that felt remarkably natural.

# Effet Doppler avec une Source Sonore en Rotation

## Analyse du problème

Ce problème concerne l'effet Doppler produit par une source sonore en rotation. Une source émettant un son à 1500 Hz tourne sur une table tournante dans le sens antihoraire, et nous devons déterminer comment les fréquences sont perçues par un microphone fixe.

## Concepts clés

L'effet Doppler se produit lorsqu'il y a un mouvement relatif entre une source sonore et un observateur. La fréquence perçue dépend de si la source se rapproche ou s'éloigne de l'observateur.

La formule de l'effet Doppler est:
- Pour une source qui se rapproche: $f_{observée} = f_{source} \cdot \frac{v_{son}}{v_{son} - v_{source}}$
- Pour une source qui s'éloigne: $f_{observée} = f_{source} \cdot \frac{v_{son}}{v_{son} + v_{source}}$

## Solution étape par étape

### Étape 1: Analyser le mouvement de la source
La source tourne sur un cercle et le microphone est fixe à 40 cm du centre de rotation. Aux différentes positions (a, b, c), la source a des vitesses radiales différentes par rapport au microphone:

- Position a: La source se déplace perpendiculairement à la ligne source-microphone (vitesse radiale nulle)
- Position b: La source s'éloigne du microphone (vitesse radiale positive)
- Position c: La source se rapproche du microphone (vitesse radiale négative)

### Étape 2: Déterminer l'effet sur les fréquences perçues

- À la position a: Pas d'effet Doppler car la vitesse radiale est nulle, donc $f_a = f_{source} = 1500$ Hz
- À la position b: La source s'éloigne, donc $f_b < f_{source}$, donc $f_b < 1500$ Hz
- À la position c: La source se rapproche, donc $f_c > f_{source}$, donc $f_c > 1500$ Hz

### Étape 3: Comparer les fréquences

D'après notre analyse:
- $f_a = 1500$ Hz
- $f_b < 1500$ Hz
- $f_c > 1500$ Hz

Donc: $f_c > f_a > f_b$

## Conclusion

La proposition correcte est: $f_c > f_a > f_b$

Cette réponse correspond à la troisième proposition dans l'énoncé. Lorsque la source tourne, la fréquence perçue est plus élevée quand la source se rapproche (position c), égale à la fréquence émise quand la source se déplace perpendiculairement (position a), et plus basse quand la source s'éloigne (position b).

The model uses the language of the question to respond. After a thoughtful analysis, it says that the correct answer is f_c > f_a > f_b (and it is right!)

The beauty of this interaction was how seamlessly the Converse API handled the multimodal inputs. As a builder, I didn’t need to worry about the complexity of processing images alongside text—the API managed that complexity and returned structured responses that my simple application could present directly to my daughter.

Here is the code I wrote. I used the Swift programming language, just to show that Python is not the only option you have 😇.

private let modelId = "us.mistral.pixtral-large-2502-v1:0"

// Define the system prompt that instructs Claude how to respond
let systemPrompt = """
You are a math and physics tutor. Your task is to:
1. Read and understand the math or physics problem in the image
2. Provide a clear, step-by-step solution to the problem
3. Briefly explain any relevant concepts used in solving the problem
4. Be precise and accurate in your calculations
5. Use mathematical notation when appropriate

Format your response with clear section headings and numbered steps.
"""
let system: BedrockRuntimeClientTypes.SystemContentBlock = .text(systemPrompt)

// Create the user message with text prompt and image
let userPrompt = "Please solve this math or physics problem. Show all steps and explain the concepts involved."
let prompt: BedrockRuntimeClientTypes.ContentBlock = .text(userPrompt)
let image: BedrockRuntimeClientTypes.ContentBlock = .image(.init(format: .jpeg, source: .bytes(finalImageData)))

// Create the user message with both text and image content
let userMessage = BedrockRuntimeClientTypes.Message(
    content: [prompt, image],
    role: .user
)

// Initialize the messages array with the user message
var messages: [BedrockRuntimeClientTypes.Message] = []
messages.append(userMessage)

// Configure the inference parameters
let inferenceConfig: BedrockRuntimeClientTypes.InferenceConfiguration = .init(maxTokens: 4096, temperature: 0.0)

// Create the input for the Converse API with streaming
let input = ConverseStreamInput(inferenceConfig: inferenceConfig, messages: messages, modelId: modelId, system: [system])

// Make the streaming request
do {
    // Process the stream
    let response = try await bedrockClient.converseStream(input: input)

    // Iterate through the stream events
    for try await event in stream {
        switch event {
        case .messagestart:
            print("AI-assistant started to stream")

        case let .contentblockdelta(deltaEvent):
            // Handle text content as it arrives
            if case let .text(text) = deltaEvent.delta {
                DispatchQueue.main.async {
                    self.streamedResponse += text
                }
            }

        case .messagestop:
            print("Stream ended")
            // Create a complete assistant message from the streamed response
            let assistantMessage = BedrockRuntimeClientTypes.Message(
                content: [.text(self.streamedResponse)],
                role: .assistant
            )
            messages.append(assistantMessage)

        default:
            break
        }
    }

And the result in the app is stunning.

iOS Physics problem resolver

By the time her exam rolled around, she felt confident and prepared—and I had a compelling real-world example of how our multimodal capabilities in Amazon Bedrock can create meaningful experiences for users.

Get started today
The new model is available through these Regional API endpoints: US East (Ohio, N. Virginia), US West (Oregon), and Europe (Frankfurt, Ireland, Paris, Stockholm). This Regional availability helps you meet data residency requirements while minimizing latency.

You can start using the model through either the AWS Management Console or programmatically through the AWS Command Line Interface (AWS CLI) and AWS SDK using the model ID mistral.pixtral-large-2502-v1:0.

This launch represents a significant step forward in making advanced multimodal AI accessible to developers and organizations of all sizes. By combining Mistral AI’s cutting-edge model with AWS serverless infrastructure, you can now focus on building innovative applications without worrying about the underlying complexity.

Visit the Amazon Bedrock console today to start experimenting with Pixtral Large 25.02 and discover how it can enhance your AI-powered applications.

— seb

How is the News Blog doing? Take this 1 minute survey!

(This survey is hosted by an external company. AWS handles your information as described in the AWS Privacy Notice. AWS will own the data gathered via this survey and will not share the information collected with survey respondents.)

from AWS News Blog https://ift.tt/yNkuo95
via IFTTT

Tech experts recommend full steam ahead on US export controls for AI

~ Reporter ~ Leave a comment

Technology experts pressed Congress to maintain export controls on semiconductor chips and other technologies, telling lawmakers Tuesday that the restrictions are among the most effective strategies to slow China and other rival countries in the AI race, thereby helping U.S. companies hold a competitive edge.

Placing export controls on these technologies is not new: both the Trump and Biden administrations have placed restrictions on Chinese companies’ ability to buy newer, more powerful computer chips that are powering the global AI industry.

However, this year’s emergence of multiple high-performance generative AI reasoning models from Chinese companies DeepSeek, Alibaba, Tencent and others has caused some to question whether those efforts were in vain. Experts who once thought the restrictions would ensure American AI dominance are now revisiting their views as China appears to have caught up to the U.S.

But during a House Science, Space and Technology Committee hearing, multiple technology experts advised the U.S. government to continue to impose new restrictions.

“I think an important question here is where might [China’s industry] be if U.S. policy had been different?” said Gregory Allen, director of the Wadhwani Center for AI and Advanced Technologies at the Center for Strategic and International Studies.

Allen argued that previous export restrictions have and will continue to blunt China’s progress in developing more advanced AI models, particularly in the near- and intermediate-term as the Chinese government looks to stand up its own manufacturing capacity.

Previous export restrictions, he said, likely prevented these Chinese companies from making even further progress and potentially surpassing their competitors in the United States.

DeepSeek, he pointed out, was spun out of a Chinese high-frequency finance trading firm, an industry that is “obsessed with their computing infrastructure” because they’re “chasing nanosecond advantages in beating the market.” That pre-existing infrastructure and technical talent enabled firms like DeepSeek to operate without more advanced chips and larger computing capabilities. However,  they will likely need access to those technologies to make the next leap in development.

Indeed, DeepSeek executives themselves have flagged a lack of computing power as one of their biggest challenges going forward. Last year, CEO Liang Wenfeng said in an interview that even top Chinese AI trainers need about twice the computing power compared to their Western counterparts to achieve the same performance.

Wenfeng also lamented the lack of a Chinese parallel to massive chip companies like NVIDIA, which he attributed to a collective effort by Western governments to support such industries.

“They saw the trend of the next generation of technology and had a roadmap in place. For China’s AI development, we also need such an ecosystem,” Wenfeng said, according to an English-translated version of his interview. “Many domestic chip projects can’t get off the ground because there’s no supporting technology community — only second-hand information. Someone in China has to stand on the frontier of innovation.”

While the release of DeepSeek has been compared to “Sputnik,” the Russian rocket that signaled the Soviet Union’s lead in the space race, one major difference is that DeepSeek was built with largely American-made technology.

“This gives us leverage in the form of export controls, and indeed DeepSeek’s founder said it best: the only thing holding them back is access to American chips,” said Tim Fist, director of emerging technology policy at the Institute for Progress.

Fist said the federal government needs a team of technical experts who can work with industry and the intelligence community to proactively study Chinese models and chips and facilitate quicker and more decisive actions around export controls.

Like others, Allen urged lawmakers to push for tighter controls in the future, and not to assume that the latest leap by Chinese AI firms represents a larger failure of previous controls.

In fact, he criticized the Biden administration for not being aggressive enough and for telegraphing specific controls ahead of time in a way that allowed Chinese firms to stockpile parts and components before the rules took effect.

“It’s not fun to have an aggressive export control policy,” Allen said, “but we are incurring all of the costs of a maximalist, aggressive export control policy and we are only incurring a fraction of the strategic potential benefits, because of the way that we are going about executing it.”

The post Tech experts recommend full steam ahead on US export controls for AI appeared first on CyberScoop.

from CyberScoop https://ift.tt/q0jai9D
via IFTTT