1419 stories
·
0 followers

StubHub CEO is helping fund mass scalpers on his own platform

1 Share
Stubhub CEO Eric Baker is pouring millions of dollars into the ticket-scalping market, CBC reports.

Read the whole story
Share this story
Delete

The case of the mysterious changes to integers when there shouldn’t have been any code generation effect

2 Shares

A colleague made some code changes that should not have had any effect on the generated binary. Specifically, they migrated from the NDIS_STRING_CONST macro to the more type-safe RTL_CONSTANT_STRING macro. The two macros produce the same results at the end of the day, so the expectation was that this would not result in any change to the binary.

But they found a change to the binary.

Specifically, four functions changed, and what is particularly strange is that none of them involved the macro changes. Three of the functions are in one source file, and the fourth is in a source file that wasn’t even touched!

The changes looked like this:

Before After
contoso!Evt­Wdf­Widget­Context­Cleanup
mov rax, [contoso!WdfFunctions_01031]
lea rcx, [??_C@__0DK@MPBCIIPN@...]
mov [rsp+20h], rcx
mov r9d, 62Bh
mov r8d, 52467443h
mov rcx, [contoso!WdfDriverGlobals]
mov rdx, rbx
mov rax, [rax+670h]
call __guard_dispatch_call
mov rax, [contoso!WdfFunctions_01031]
lea rcx, [??_C@__0DK@MPBCIIPN@...]
mov [rsp+20h], rcx
mov r9d, 62Ah
mov r8d, 52467443h
mov rcx, [contoso!WdfDriverGlobals]
mov rdx, rbx
mov rax, [rax+670h]
call __guard_dispatch_call
contoso!Function2
mov rax, [contoso!WdfFunctions_01031]
lea rcx, [??_C@__0DK@MPBCIIPN@...]
mov [rsp+20h], rcx
mov r9d, 616h
mov rcx, [contoso!WdfDriverGlobals]
mov r8d, 52467443h
mov rdx, rdi
mov rax, [rax+668h]
call __guard_dispatch_call
mov rax, [contoso!WdfFunctions_01031]
lea rcx, [??_C@__0DK@MPBCIIPN@...]
mov [rsp+20h], rcx
mov r9d, 615h
mov rcx, [contoso!WdfDriverGlobals]
mov r8d, 52467443h
mov rdx, rdi
mov rax, [rax+668h]
call __guard_dispatch_call
contoso!Function3
mov rax, [contoso!WdfFunctions_01031]
lea rcx, [??_C@__0DK@MPBCIIPN@...]
mov [r11-20h], rcx
xor r8d, r8d
mov rcx, [contoso!WdfDriverGlobals]
mov r9d, 35Dh
mov rax, [rax+0DB0h]
call __guard_dispatch_call
mov rax, [contoso!WdfFunctions_01031]
lea rcx, [??_C@__0DK@MPBCIIPN@...]
mov [r11-20h], rcx
xor r8d, r8d
mov rcx, [contoso!WdfDriverGlobals]
mov r9d, 35Ch
mov rax, [rax+0DB0h]
call __guard_dispatch_call
contoso!Function4
mov rax, [contoso!WdfFunctions_01031]
lea rcx, [??_C@__0DK@MPBCIIPN@...]
mov rdx, [rbp+8]
mov r9d, 377h
mov [rsp+20h], rcx
mov r8d, 49507443h
mov rcx, [contoso!WdfDriverGlobals]
mov rax, [rax+0DB8h]
call __guard_dispatch_call
mov rax, [contoso!WdfFunctions_01031]
lea rcx, [??_C@__0DK@MPBCIIPN@...]
mov rdx, [rbp+8]
mov r9d, 376h
mov [rsp+20h], rcx
mov r8d, 49507443h
mov rcx, [contoso!WdfDriverGlobals]
mov rax, [rax+0DB8h]
call __guard_dispatch_call

In all of the cases, the change is that a single integer changed to a value one smaller.

My colleague asked an LLM to explain this change, and it suggested that the changes were related to control flow guard metadata. Does this make sense?

It didn’t make sense to me, on two points. First, for the guard dispatch call, the only parameter to control flow guard is the rax register, which is the function being checked. All the other registers contain the parameters to the called function. Since the changes are to the r9d register, they are not related to control flow guard.

Second, the control flow guard metadata is not stored in code. It’s stored as a data block inside the binary.

So what are we seeing?

I took a look a Evt­Wdf­Widget­Context­Cleanup.

void EvtWdfWidgetContextCleanup(_In_ WDFOBJECT Object)
{
    auto widgetContext = GetContextFromWidgetHandle(Object);
    if (widgetContext->NeedsDereference)
    {
        widgetContext->NeedsDereference = FALSE;
        WdfObjectDereferenceWithTag(Object, CONTOSO_WIDGET_TAG);
    }
}

The compiler points to the Wdf­Object­Dereference­With­Tag as the location of the change. And we see that it is defined as a macro:

#define WdfObjectDereferenceWithTag(Handle, Tag) \
        WdfObjectDereferenceActual(Handle, Tag, __LINE__, __FILE__)

which is itself an inline function:

_IRQL_requires_max_(DISPATCH_LEVEL)
VOID
FORCEINLINE
WdfObjectReferenceActual(
    _In_
    WDFOBJECT Handle,
    _In_opt_
    PVOID Tag,
    _In_
    LONG Line,
    _In_z_
    PCCH File
    )
{
    ((PFN_WDFOBJECTREFERENCEACTUAL) WdfFunctions[WdfObjectReferenceActualTableIndex])
        (WdfDriverGlobals, Handle, Tag, Line, File);
}

The last little detail is that WdfFunctions is a macro that expands to WdfFunctions_01031. The WDF header files give each version a unique name so that mismatched versions lead to a linker error rather than undefined behavior at runtime.

Now we can see how this code maps to the compiler output.

    mov rax, [contoso!WdfFunctions_01031]   ; WdfFunctions
    lea rcx, [??_C@__0DK@MPBCIIPN@...]      ; Address of something
    mov [rsp+20h], rcx                      ; is the File parameter
    mov r9d, 62Bh                           ; Line parameter
    mov r8d, 52467443h                      ; Tag parameter
    mov rcx, [contoso!WdfDriverGlobals]     ; hard-coded parameter
    mov rdx, rbx                            ; Handle parameter
    mov rax, [rax+670h]                     ; Load the function pointer
    call __guard_dispatch_call              ; Validate and call¹

So the value that changed is the line number.

I went back to the pull request and observed that the pull requested deleted a line from the source file.

#include <strsafe.h>
#include "stringutils.h"

Part of the pull request included deleting the no-longer-needed header because it contained a private definition of the NDIS_STRING_CONST macro, which the code no longer uses.

Deleting a line from the source file causes all the line numbers to shift by one!

So what they were seeing was just a change to the line numbers. No change in functionality.

If they really wanted to make this a “no binary effect” change, they could replace the #include "stringutils.h with a comment or just leave it as a blank line.

Or they could just accept that line numbers can change when you change lines.

Bonus chatter: But wait, I said that three of the changes were in one file, the one with the deleted line, but a fourth was in a file that didn’t change at all. What’s that about?

The fourth function contained a call to a function in the modified file, and link-time code generation decided to inline that call. The changed line number propagated into the inline function and resulted in a code generation change in a file that wasn’t even affected by the pull request.

¹ Recall that in the validate-and-call pattern, the function pointer is passed in the rax register, and everthing else is set up as if you were calling the function yourself.

The post The case of the mysterious changes to integers when there shouldn’t have been any code generation effect appeared first on The Old New Thing.

Read the whole story
Share this story
Delete

OpenAI may have made a fatal misstep in copyright fight with news orgs

1 Share

OpenAI is facing calls for "serious sanctions" after fighting to keep news organizations from snooping through millions of logs to find evidence of users skirting their paywalls by prompting ChatGPT to regurgitate their articles.

This evidence is considered among the most important to both sides, potentially either dooming OpenAI as an infringer or exonerating its chatbot technology as a transformative fair use of news sites' content.

In a sanctions motion Thursday, news organizations suing OpenAI—led by The New York Times—accused the AI firm of repeatedly lying for years to conceal evidence of infringement that could hobble OpenAI's defense.

These alleged lies were exposed when the court compelled an “ill-prepared witness,” OpenAI privacy engineer Vincent Monaco, to be re-deposed. During the subsequent April deposition, he inadvertently revealed that OpenAI misled the court for two years about the cost and burdens of searching ChatGPT logs, NYT’s filing said.

Among the most shocking revelations, OpenAI allegedly pretended from the earliest stages of the case that it did not have the technical ability to search large anonymized samples of ChatGPT logs when it had actually already conducted such searches prior to the start of litigation, NYT alleged.

Sanctions are warranted because “OpenAI's concealment of this fact withheld highly relevant evidence, prolonged discovery, inflated expenses, and burdened the Court,” news plaintiffs alleged.

Asked for comment, an OpenAI spokesperson suggested that NYT's sanctions motion was a late litigation effort to access more logs and infringe more users' privacy. The spokesperson claimed that when the NYT recently dropped some claims in the lawsuit, it was a sign that news plaintiffs' case was crumbling, not OpenAI's defense.

"As the Times’ case weakens and they’ve been forced to drop claims against us, they’re persisting with their efforts to invade the privacy of people who have nothing to do with this case, including by making these blatantly false allegations," OpenAI's spokesperson said. "We'll continue defending our users’ privacy and the long-established principles of fair use.”

However, last month, NYT spokesperson Graham James disputed to Ars that news plaintiffs' case was weakened by dropping claims. He suggested instead the suit was streamlined and strengthened by adding claims against Microsoft. "Our core claims remain the same from the day we filed this lawsuit—that Microsoft and OpenAI stole millions of The Times’s copyrighted works to compete with our products and illegally enrich themselves,” James said.

OpenAI allegedly hid 80M log sample

Although the sanctions motion is heavily redacted, it’s alleged that Monaco testified that OpenAI had two large samples—spanning 10 million and 78 million logs—which had already been de-identified and could have been made available to news plaintiffs early on to maximize the discovery period.

“Not once did OpenAI disclose the existence” of those samples over two years, news plaintiffs alleged.

Even more frustrating to plaintiffs, OpenAI had already searched those samples for NYT content as part of its research into “creating a filter that could be used to block the regurgitation of copyrighted content,” the court filing said.

“OpenAI was willing and able to search its output logs—when it benefitted OpenAI,” NYT alleged, accusing the ChatGPT maker of “making the discovery process as burdensome as possible.”

Court says OpenAI sample is "unusable"

In a statement to Ars, NYT’s lead counsel, Ian Crosby, suggested that OpenAI obstructed access to logs and distorted evidence to shield its fair use claims.

“For over two years, OpenAI lied to The Times, The Daily News Plaintiffs, the public, and the court,” Crosby said. “It claimed searching ChatGPT outputs for copies of The Times’ and the Daily News Plaintiffs’ content was infeasible, burdensome, and invasive of users' privacy—while at the same time concealing that it had already done such searches. If OpenAI genuinely believed that copying our clients’ journalism was fair and legal, it wouldn’t have hid the truth about having done it.”

Instead of being transparent about the existing samples, OpenAI forced news plaintiffs to spend eight months searching in a “sandbox,” where they could only access a heavily redacted sample of 20 million logs. That sample was much smaller than the 120 million news logs plaintiffs originally requested, allegedly narrowed due to OpenAI’s “false representations regarding its existing technical capabilities” to search larger samples.

“This representation is belied by Mr. Monaco's testimony that OpenAI already had the ability” to search “large datasets, such as the more than 80 million output logs,” NYT alleged.

The 20 million log sample was further “skewed” when OpenAI used AI to make 19 billion redactions to the sample—so many that the court found the sample “unusable.”

Eventually, OpenAI removed some of the redactions, but “even then, a large number of redactions remain, including to News Plaintiffs’ domains, names, and other fields, which has hampered News Plaintiffs’ searches over the data,” NYT alleged.

Meanwhile, “the entire time that OpenAI was engaging in the improper over-redaction of this sample, it had in its possession a sample of 78 million conversations that had already been de-identified,” NYT alleged.

“OpenAI did not just oppose production of this evidence based on burden or relevance; it falsely represented to the Court that obtaining this evidence was beyond its capabilities without the expenditure of and months of work and that it would be just as easy for Plaintiffs to do this work—without disclosing that this work had already been done,” news plaintiffs alleged.

Similarly frustrating were dragged-out meet-and-confers over data searches that news plaintiffs claimed further limited discovery. For example, very close to discovery ending, OpenAI confusingly claimed that the 78 million log samples had been available for inspection for “over a year,” NYT alleged. However, “this makes no sense,” news plaintiffs argued, considering OpenAI’s very public fight to supposedly defend ChatGPT user privacy by blocking access to any logs beyond the 20 million sample.

“Either OpenAI unintentionally produced the dataset and it was so hidden in the training inspection data that even OpenAI did not realize it, or OpenAI knew it buried the dataset in a previous production, but hid that fact from the Court and News Plaintiffs for nearly two years—all the while vigorously arguing that turning over these logs would violate user privacy,” NYT argued.

Additionally, news plaintiffs accused OpenAI of other misconduct to obstruct access to evidence. Although the exact amount is redacted, OpenAI randomly deleted some parts of that limited 20 million sample, they alleged. And that's on top of allegedly deleting or compressing billions of logs that should have been preserved. According to NYT, OpenAI's witness testified that OpenAI simply "decided" that complying with the court's sweeping preservation order to retain all chats "would be hard; and thus took no steps to do so."

“There can be no question as to the wilfulness of OpenAI’s conduct, nor any excuse for its non-compliance. According to Mr. Monaco, OpenAI thought about complying with the Court’s Preservation Order, but then decided not to,” NYT alleged.

"Serious sanctions" necessary

News organizations claim that they do not request sanctions against OpenAI “lightly” but that the “severity” of OpenAI’s alleged misconduct requires sanctions to punish the AI firm and deter any other AI firms from following a similar playbook.

Requesting “severe” sanctions, news plaintiffs want the court to prohibit OpenAI from using the 20 million sample that it fought so hard for. They have further asked the court to find that withheld output logs included “substantial” “regurgitation of News Plaintiffs’ copyrighted material” and to block OpenAI from arguing otherwise. Finally, the jury would be instructed that OpenAI deleted billions of logs, which would play into news plaintiffs’ narrative that OpenAI has been moving in shady ways to obscure alleged substitution in the market since the case began.

“Lesser sanctions would not be effective,” news plaintiffs warned. In fact,“serious sanctions are especially appropriate," they said, because OpenAI’s misconduct “was knowing and intentional.”

If the court agrees that OpenAI’s misconduct was “egregious,” OpenAI’s attempt to constrict news organizations’ access to logs could end up being a fatal misstep in this intently watched copyright fight.

Whether training on copyrighted content is fair use will likely depend on whether news organizations can establish market harms, and OpenAI’s defense could be substantially set back if its massively redacted sample is rejected and if that makes it harder to argue substantial infringement did not occur.

Read full article

Comments



Read the whole story
Share this story
Delete

Parents' Phone Addiction Affects Bond With Kids, New Study Finds

1 Share
An anonymous reader quotes a report from Bloomberg: Parents' attachment to screens and smartphones can have negative, long-lasting developmental and psychological effects on their children, according to new research. Caregivers who mismanage their devices can both exacerbate "insecure attachment" and make healthy relationships more anxious and avoidant for children, according to the findings, which were published last month in Frontiers in Psychology, a peer-reviewed journal. The study, which surveyed 600 minors in the US from 12 to 17 years old, found that kids reported feeling marginalized or neglected by parents glued to their screens. "A child with insecure attachment may lack confidence or display a lower sense of self; demonstrate difficulty with interpersonal relationships and intimacy; and possess an unwillingness to take risks necessary to achieve success," reports Bloomberg, citing one of the study's researchers. This type of behavior has become normalized: 2024 Pew data found that nearly half of U.S. teens say their parents are at least sometimes distracted by phones during interactions. "When parents were asked about their own behavior, far fewer said this was an issue," the report adds. "Still, earlier Pew data from 2020 found most parents feel their phones can interfere with quality family time, with 68% reporting being 'at least sometimes' distracted by them.

Read more of this story at Slashdot.

Read the whole story
Share this story
Delete

US Food and Drug Administration Rejects Petition To Set PFAS Limits In Food

1 Share
An anonymous reader quotes a report from The Guardian: The US Food and Drug Administration has rejected a legal petition demanding it set limits on toxic Pfas "forever chemicals" in food, marking another setback for public health advocates' push to limit exposures to the dangerous compounds. The agency is refusing to set limits despite a growing body of science and the Environmental Protection Agency (EPA) finding food is the biggest source of Pfas exposure. Testing has found the levels of Pfas in single servings of some contaminated foods to be equivalent to drinking many glasses of contaminated water. While regulators have focused on reining in Pfas in water, the chemicals are widely used throughout the food system, and there was hope that the agency under Robert F Kennedy Jr would take the threat more seriously. Kennedy leads the "make America healthy again" (Maha) movement, of which eliminating toxic chemicals from food is a cornerstone. [...] The November 2023 petition called on the FDA to check for up to 30 Pfas compounds in a range of produce, fish, eggs, milk and bread. The agency did not respond within the six-month timeframe required by law, but TEJTF scaled back its petition in 2025 to ask the agency to set advisory thresholds for PFOA and Pfos, two of the most common and dangerous Pfas compounds, in seafood and milk. Recent FDA testing found 70% of seafood samples contain the chemicals, while independent milk testing found it in 12% of 50 samples, including extremely high levels in Whole Foods and Kirkland Signature brands. The FDA rejected the revised petition, stating it plans to take action on setting standards for Pfas, and there is "insufficient evidence to support [TEJTF's] request." The agency said it plans to set less non-binding "action levels" that do not require contaminated food to be removed from shelves. "Tolerance levels," or limits, make it illegal to sell food contaminated beyond a set threshold.

Read more of this story at Slashdot.

Read the whole story
Share this story
Delete

Judge approves $1.5 million SEC-Musk settlement over Twitter investment

1 Share
The opinion says whether it's fair is 'for our citizenry to decide at the ballot box.'

Read the whole story
Share this story
Delete
Next Page of Stories