To me, a smartwatch is the ideal alarm clock. It can be silent, so you don’t need to wake sleeping partners, and also connected to your wrist, so you’re likely to feel the taps gently rise you from the most interesting of dreams. It’s nearly perfect. And yet, the Apple Watch had a fatal flaw that made using it a risky affair—that is, until now.

Your Apple Watch doesn’t have many buttons. There are two, in fact: the crown (which can also be turned like a dial), and the Side button. To compensate, Apple assigns a lot of functionality to the touch screen, just as it does on your iPhone. One of those shortcuts happens to impact how you turn off an alarm once it goes off in the morning: You can quickly silence the alarm by covering the watch face with your palm for three seconds. That also goes for haptics, too: Even if you have a silent alarm, covering the watch face will kill any taps or vibrations.

That feature works well when you know about it. But, chances are you didn’t know about it. What’s more, you definitely don’t know about it when you’re just waking up, and half asleep you might accidentally cover the screen with your hand just because you don’t know it’s there. That has the unintended consequence of silencing your alarm, potentially causing you to sleep much later than you wanted to. If you’ve ever wondered why your watch says “Alarm,” but it isn’t making noise when you wake up, this feature is likely why.

Apple finally addressed this issue, presumably after one too many executives missed their morning meetings due to missed alarms. With watchOS 9.4, the company has disabled the ability to cover your watch to mute an alarm when using a Focus. So, if your alarm is set to go off at 6 a.m. from your Sleep Focus, you’ll definitely hear and/or feel it. We have a whole guide on using Focuses in iOS (which will carry over to the watch) if you’d like to get started.

To take advantage of the change, make sure your watch is updated to at least watchOS 9.4. You’ll find the option on your watch from Settings > General > Software Update.

But that’s only true when using Focuses. If you opt out of Focuses and set a typical alarm, you’ll run into the same issues with “Cover to Mute.” If you don’t want to switch up your sleep habits, the safer bet is to disable the cover feature altogether. You’ll find the option from your watch’s Settings > Sounds & Haptics > Cover to Mute. Now, you won’t be able to use the shortcut for quickly silencing alerts like phone calls, but at least you can sleep easy.

from Lifehacker https://ift.tt/dnBoEJR

This Friday is April 1, April Fool’s Day, the annual holiday that celebrates pranking, hoaxes, and all manner of jack-a-napes and tomfoolery. But why? Where did this faux-holiday come from? Why do we do this to each other, and when will we finally just stop?

These are surprisingly tricky questions. As far back as 1708, the British newspaper Apollo asked, “Whence proceeds the custom of making April Fools?” and provided unconvincing answers. Although the tradition definitely goes back centuries, the exact origins of the holiday remains a mystery, which is honestly par for the course. The appropriate lack of certainty has led to a number of birth stories, all of which reek faintly of bullshit.

April Fool’s Day origin story #1: The great French calendar switch of 1582

The most popular still probably bullshit origin story blames France for the genesis of April Fool’s Day. It goes like this: Along with declaring that Christ is entirely present in both the consecrated bread and wine in the Eucharist, the Council of Trent in 1563 decreed that Catholic nations should use the Gregorian calendar instead of the Julian calendar.

France’s King Charles IX ordered his nation to get on board with the switch by 1582, but when the actual day rolled around, some citizens were non-compliant. (French people can be stubborn.) April 1 is beginning of a new year according to the Julian calendar, and some people either didn’t know about the new calendar or didn’t like it, because they went on celebrating new years on April 1.

To get everyone back in line, people started mocking calendar-truthers and playing tricks on them. Because the first day of April used to coincide with the end of Lent, and fish was popular Lenten gift, and thus giving a fool a fake fish was thought to be a hilarious joke, or so the story goes. This evolved into the (very real) French April 1 prank of affixing a paper fish to someone’s back, which is still practiced to this day, mainly by school kids; it’s why French people call April 1 poisson d’avril, or April fish.

I like the alternative “April fish” origin story better though: The real prank was secretly sliding a fish in someone’s pocket and hoping they didn’t notice until it started to stink. That’s timeless comedy and requires no explanation.

So case closed, right? “April fool’s Day began in France when the calendar changed.” Probably not (April Fool’s!), because the first written reference to the day dates back some two decades earlier, to 1561. Flemish writer Eduard De Dene’s Refereyn vp verzendekens dach / Twelck den eersten April te zyne plach is a comical poem about nobleman sending his gullible servant on a series of ridiculous fake errands on April 1. Along with a message that remains timely today (“You’re a fool to believe what someone says on April 1”), the poem makes it clear that the season pranks were already a widespread, well-known phenomenon decades before the calendar changed in France. Unlike many holidays with changing customs and rites, April fool’s seems to be celebrated in much the same way now as it was in the 1500s.

April Fool’s Day origin #2: The ancient Romans did it

Some historians have dug all the way back to Ancient Rome to uncover evidence of the first April fool. Back then, they called days of rejoicing “hilaria.” People had private hilaria, like their wedding days, or public ones, like the Hilaria Matris Deûm, celebrated on March 25 as part of a 10 day festival to honor Cybele, the mother of the gods. After several festival days devoted to fasting, castration, mourning, and scourging, the hilaria gave everyone the chance to enjoy some much needed fun, playing games and having orgies (I assume).

The biggest highlight of Hilaria Matris Deûm was masquerading. You could get away with imitating anyone you wanted on this day, including government officials. So maybe this was the original April Fool’s Day? The evidence seems a little shaky to me, to be honest. The time of year is roughly correct, but the connection to pranks and hoaxes seems tenuous—dressing up as someone to mock them is not the same as tricking them into eating a donut filled with mayo.

Ultimately, no one knows where or when April Fool’s Day originated, so I’m going to say it came from...oh, Denmark. From there, it spread to the rest of Europe, probably. By the late 1600s, it was so firmly established that newsletters had no reason to explain it to readers. For example, the April 2, 1698 edition of Dawks’s News-Letter contains an item that reads: “Yesterday being the first of April, several persons were sent to the Tower Ditch to see the Lions washed.”

April Fool’s Day goes from personal to public

Whether it’s sticking a paper fish on someone’s back or sending tourists to see the lion washings, the first few hundred years of April Fool’s Day pranks were personal. It wasn’t an official holiday, it was just a bunch of folks joshing their friends or strangers on the street. But as society shifted from individual experiences to more mediated ones, the nature of April Fool’s pranks shifted too. Beginning in the early 1900s, newspapers started publishing fake stories on April 1. Then radio started doing it, telling listeners there wasps were about to attack them, or the world was going to end. In the 1950s, television got in the act; even the staid BBC pranked viewers with a fake story about the Swiss spaghetti harvest.

The April Fool’s prank’s current most popular form—fake announcements on the internet—is fitting for our culture. Traditionally pranks were at least enjoyable for the one doing the pranking, but modern April Fool’s isn’t fun for anyone. The audience knows it’s going to happen, so no one is tricked, and if you think technology companies are “pranking” people because their marketing departments are enjoying it, not because they want “engagement” and to further solidify their brand image, you really are a fool. April fool’s day is now fully corporate-approved. The only thing that was ever good about the annoying holiday was that it at least used to be a home-grown, unofficial holiday of the people. The jerky people, but still.

There aren’t really any studies on this, but strictly from a personal, “I’ve been on the Internet for a long time” perspective, the popularity of online April fool’s jokes have been declining for several years. April Fool’s jokes have always been annoying to a lot of people (which should be expected from a holiday tradition that has victims) but increasingly, it’s not funny to anyone.

In the disinformation age, every day is April 1, and we’re all constantly being taken for fools. We’re constantly being bombarded by people using technology to try to fool us, whether it’s criminal robots sending text to steal the money in our bank accounts, influencers monetizing our envy through filters and careful camera angles, AI generated deep-fakes of the pope in puffer jacket, or the more subtle, but all-encompassing hoaxes of modern politics and commerce—would that fake news only spread online on one day out of 365. In a way, April Fool’s Day is now the most honest day of the year, as at least the people pranking us are willing to admit it’s all fake.

from Lifehacker https://ift.tt/OgFa69J

It’s pretty clear by now that ChatGPT is not good at being creative, understanding a subject area, or pretty much anything else we associate with “intelligence,” artificial or otherwise. As I noticed when I tried to use it as a personal trainer:

It is an expert bullshitter. If you’ve ever been cornered by a mansplainer at a party, you’ll recognize the tone: authoritative, blustery, and a bit vague on the details. If you catch it in a lie, it will deliver a perfectly bland non-apology.

But let’s give it credit for a few things: Its grammar is always correct. It writes in full sentences. It refrains from offering opinions or showing much emotion or personality at all. And sometimes, that’s just what you need to help you with life’s little correspondences. 

For example, I told ChatGPT I was a 7-year-old child and asked it to help me write a thank-you note to my aunt for a gift I didn’t like. If you’ve ever been forced to sit at a desk until you can come up with enough non-insulting words to fill a thank-you card, you’ll know how this usually goes. But ChatGPT came through:

Dear Auntie,

Thank you sooooo much for the sweater you gave me for my birthday. It was really nice of you to pick out a gift just for me. Even though the sweater wasn’t my most favorite thing ever, I still think it’s cool that you thought of me.

I can’t wait to wear the sweater and show everyone how nice my auntie is. Thank you for making my birthday even better!

Love, [Your name]

That’s...not bad, actually. Let’s try a grown-up situation that can inspire a similar blank-page panic: sending a note to an acquaintance about a death in the family.

Dear [Name],

I was deeply saddened to hear about the loss of your mother. Please know that my thoughts and prayers are with you and your family during this difficult time. Your mother was a wonderful person and I feel privileged to have known her through you.

I know that no words can ease the pain you must be feeling right now, but please don’t hesitate to reach out to me if there is anything I can do to help. I am here for you and I care about you.

Please accept my heartfelt condolences.

Sincerely, [Your Name]

You can, of course, go through a few iterations with the bot, regenerating the response to get different options, or nudging it to mention or not mention certain things.

But don’t fiddle forever—once you’ve got a good start, take it on yourself to edit the bot’s output. As writers know, it’s producing that first draft that is the most nerve-wracking step in the writing process. Once you have something to work with—even if it is bad—you can get to work fixing it.

The bot can write more specific things if you give it more specific information, which can be helpful if you have the info at your fingertips but aren’t sure how to begin writing. For example, you can give ChatGPT your resume and then ask it to generate a few cover letters for the job you’re applying to; stitch together the parts you like from each, and you have a draft that you can rewrite to your own tastes.

Or use it to write a blander, more diplomatic version of what’s really on your mind. One of my favorite examples of this is the nurse who got a 5% raise for their whole department with the help of a ChatGPT-generated letter. “I am writing to discuss an important matter regarding our department’s compensation” just has a better ring to it—if you’re a boss—than a more straightforward sentiment like, “fuck you, pay me.”

from Lifehacker https://ift.tt/nSFIzK0

After you finish spring cleaning, you might wonder what to tackle next. Now that you’ve cleaned up, reorganized, and decluttered, you might find that it’s time for a little redecorating—but where should you begin? You can start by clearing away all of the decorations currently living in your space and taking inventory of them. Then, you’ll implement the “Rule of Three.”

What is the “Rule of Three” in decorating?

If you watch a lot of home-decor-themed shows or read a lot of DIY blogs, you might be familiar with the Rule of Three without fully knowing what it is. Jackie Hernandez, who manages the online School of Decorating, breaks it down like this: “For decorating, the Rule of Three means objects look better in a group of three.”

It’s really that simple. In general, odd numbers are the way to go no matter what, according to Apartment Therapy, so if you absolutely have to have a bunch of items on your horizontal surfaces, you can go for five or seven or nine. If you’re angling for a fresh, decluttered look, though, three should be your maximum.

Odd numbers force your eyes to move around the group, but also give them a central piece to focus on. In general, human beings just prefer things in odd-numbered groups, especially in groupings of three. If you’ve ever taken a film or photography class, for instance, you know that you’re supposed to frame all your shots by the Rule of Thirds, breaking the screen into three sections horizontally and vertically, to make every scene more visually appealing.

Three of what, though?

As long as you stick with odd-numbered groupings, your options for decorating are pretty endless. Let’s consider your bedside table. You probably have a lamp, so you have space for two more things. You want the three items on each flat surface to vary, either by texture or height—or both. A ceramic dish for your rings and a picture frame are two solid options for your remaining spaces. Anything else should be put in the drawer or somewhere else.

Your coffee table can have a stack of textured coasters, a stack of books, and a small plant. See how easy this is? It even works for your walls: Don’t hang one or two pieces of art; hang three to up the visual intrigue without getting too cluttered.

Per Hernandez, on larger surfaces, you can cluster items in groups of threes, too, such as on a desk or dining room buffet. Try using decorative dishes to hold the clusters, which will create visual distinction between them, or just space them out.

This is a great way to go through all the knickknacks that crowd your space and determine which ones really deserve to be on display, which ones can be stored away, and which ones can be tossed or donated. See? Even your options come in threes.

from Lifehacker https://ift.tt/g8rFRnQ

Photo: offkein.pro (Shutterstock)

Phone calls sound like crap. They sound better than they used to, but if you need to rely on a special alphabet system for separating B’s from D’s, it’s not looking great. A new iPhone feature aims to tackle this problem by boosting your voice and reducing background sounds. You just need to know where to find it.

As reported by 9to5Mac, Apple is adding Voice Isolation mode to phone calls as part of iOS 16.4. According to Apple, Voice Isolation mode “prioritizes your voice and blocks out ambient noise around you,” a simple solution to clearer audio during phone calls. 

This feature isn’t necessarily new to iOS. Apple included it as part of iOS 15 back in 2021, as well as an inverse “Wide Spectrum” option which amplifies background sounds. Those features were only available for FaceTime audio and video calls. Even now, there’s no Wide Spectrum option for phone calls—only Voice Isolation.

As of this article, the 16.4 update isn’t out yet, but there is a public beta available for anyone interested to try. Of course, you need to know the risks before installing beta software to your personal device. While we don’t hear about Apple betas going belly up very option, installing any unfinished software on your device could result in unpredictable bugs and issues. If you need to remove the beta and install the regular build on your device, you could lose any data not backed up to a proper source ahead of time.

If you’re interested, however, you can install the iOS 16.4 beta by enrolling your iPhone in the Apple beta program here.

How to enable Voice Isolation mode on iOS 16.4

To use Voice Isolation on your next phone call (assuming you’re running iOS 16.4 or newer), start by calling someone. Then, open Control Center, tap “Mic Mode,” then choose “Voice Isolation.” That’s it! Your iPhone will focus on your voice, and make you sound better than ever.

from Lifehacker https://ift.tt/DgrNxj5

A vulnerability in the redis-py open-source library was at the root of last week’s ChatGPT data leak, OpenAI has confirmed.

Not only were some ChatGPT users able to see what other users have been using the AI chatbot for, but limited personal and billing information ended up getting revealed, as well.

How did the ChatGPT data leak happen?

ChatGPT suffered an outage on March 20 and then problems with making conversation history accessible to users.

But it turned out to be an even more serious problem:

“During a nine-hour window on March 20, 2023, another ChatGPT user may have inadvertently seen your billing information when clicking on their own ‘Manage Subscription’ page,” OpenAI notified 1.2% of the ChatGPT Plus subscribers via email.

“The billing information another user might have seen consisted of your first and last name, billing address, credit card type, credit card expiration date, and the last four digits of your credit card. The information did not include your full credit card number, and we have no evidence that any customer information was viewed by more than one other ChatGPT user.”

In regards to the leaked chat history, the good news is that only the titles of the conversation prompts were accessible.

The internal investigation OpenAI mounted pointed to a bug in the Redis client open-source library redis-py.

As the company explain, they use Redis to cache user information in their server, Redis Cluster to distribute this load over multiple Redis instances, and the redis-py library to interface with Redis from their Python server, which runs with Asyncio.

“The library maintains a shared pool of connections between the server and the cluster, and recycles a connection to be used for another request once done. When using Asyncio, requests and responses with redis-py behave as two queues: the caller pushes a request onto the incoming queue, and will pop a response from the outgoing queue, and then return the connection to the pool. If a request is canceled after the request is pushed onto the incoming queue, but before the response popped from the outgoing queue, we see our bug: the connection thus becomes corrupted and the next response that’s dequeued for an unrelated request can receive data left behind in the connection,” they noted.

Unfortunately, that Monday they made a change to their server that caused a spike in Redis request cancellations, so many connections ended up returning bad data.

Fixing the problem

The bug has since been patched, and OpenAI has added checks to make sure requesting users don’t get data belonging to other users. Then they trawled their logs to make sure the unwanted behavious stopped and to identify affected users.

Finally, they say, they’ve improved the robustness and scale of their Redis cluster to reduce the likelihood of connection errors at extreme load – a wise course of action given ChatGPT’s huge popularity.

It has been estimated that the AI chatbot has reached 100 million monthly active users in January 2023, a mere two months after its launch.

It’s popular with both consumers and businesses, though the latter should ensure it and OpenAI undergo the same third-party risk management process as any other application.

from Help Net Security https://ift.tt/CVE4JIl

An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver:

On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, Windows 11, and macOS zero-day exploits and exploit chains to win $375,000 and a Tesla Model 3.

The first to fall was Adobe Reader in the enterprise applications category after Haboob SA’s Abdul Aziz Hariri (@abdhariri) used an exploit chain targeting a 6-bug logic chain abusing multiple failed patches which escaped the sandbox and bypassed a banned API list on macOS to earn $50,000.

The STAR Labs team (@starlabs_sg) demoed a zero-day exploit chain targeting Microsoft’s SharePoint team collaboration platform that brought them a $100,000 reward and successfully hacked Ubuntu Desktop with a previously known exploit for $15,000.

Synacktiv (@Synacktiv) took home $100,000 and a Tesla Model 3 after successfully executing a TOCTOU (time-of-check to time-of-use) attack against the Tesla-Gateway in the Automotive category. They also used a TOCTOU zero-day vulnerability to escalate privileges on Apple macOS and earned $40,000.

Oracle VirtualBox was hacked using an OOB Read and a stacked-based buffer overflow exploit chain (worth $40,000) by Qrious Security’s Bien Pham (@bienpnn).

Last but not least, Marcin Wiązowski elevated privileges on Windows 11 using an improper input validation zero-day that came with a $30,000 prize.

The con’s second and third days were equally impressive.

from Schneier on Security https://ift.tt/pHvD6Zz