On Thursday, OpenAI announced the addition of shopping features to ChatGPT Search. The new feature allows users to search for products and purchase them through merchant websites after being redirected from the ChatGPT interface. Product placement is not sponsored, and the update affects all users, regardless of whether they've signed in to an account.
Adam Fry, ChatGPT search product lead at OpenAI, showed Ars Technica's sister site Wired how the new shopping system works during a demonstration. Users researching products like espresso machines or office chairs receive recommendations based on their stated preferences, stored memories, and product reviews from around the web.
According to Wired, the shopping experience in ChatGPT resembles Google Shopping. When users click on a product image, the interface displays multiple retailers like Amazon and Walmart on the right side of the screen, with buttons to complete purchases. OpenAI is currently experimenting with categories that include electronics, fashion, home goods, and beauty products.
Backblaze is dismissing allegations from a short seller that it engaged in “sham accounting” that could put the cloud storage and backup solution provider and its customers' backups in jeopardy.
On April 24, Morpheus Research posted a lengthy report accusing the San Mateo, California-based firm of practicing “sham accounting and brazen insider dumping.” The claims largely stem from a pair of lawsuits filed against Backblaze by former employees Huey Hall [PDF] and James Kisner [PDF] in October. Per LinkedIn profiles, Hall was Backblaze’s head of finance from March 2020 to February 2024, and Kisner was Backblaze’s VP of investor relations and financial planning from May 2021 to November 2023.
As Morpheus wrote, the lawsuits accuse Backblaze’s founders of participating in “an aggressive trading plan to sell 10,000 shares a day, along with other potential sales from early employee holders, against ‘all external capital markets advice.’” The plan allegedly started in April 2022, after the IPO lockup period expired and despite advisor warnings, including one from a capital markets consultant that such a trading plan likely breached Backblaze’s fiduciary duties.
Not many people celebrate their birthday by burning a fiery arc through the atmosphere, pulling 4.4gs in freefall back to planet Earth, thudding into the ground, and emptying their stomach on the steppes of Kazakhstan.
No one has ever done it on their 70th birthday.
Perhaps this is appropriate because NASA astronaut Don Pettit is a singular individual. His birthday is April 20, and when the Soyuz spacecraft carrying him landed at dawn in Kazakhstan, the calendar had turned over to that date. John Glenn, then 77, was older when he went to space. But no one as old as Pettit had spent as long as he had in orbit, 220 days, on a mission.
About a decade ago, Apple and Google started updating iOS and Android, respectively, to make them less susceptible to “juice jacking,” a form of attack that could surreptitiously steal data or execute malicious code when users plug their phones into special-purpose charging hardware. Now, researchers are revealing that, for years, the mitigations have suffered from a fundamental defect that has made them trivial to bypass.
“Juice jacking” was coined in a 2011 article on KrebsOnSecurity detailing an attack demonstrated at a Defcon security conference at the time. Juice jacking works by equipping a charger with hidden hardware that can access files and other internal resources of phones, in much the same way that a computer can when a user connects it to the phone.
An attacker would then make the chargers available in airports, shopping malls, or other public venues for use by people looking to recharge depleted batteries. While the charger was ostensibly only providing electricity to the phone, it was also secretly downloading files or running malicious code on the device behind the scenes. Starting in 2012, both Apple and Google tried to mitigate the threat by requiring users to click a confirmation button on their phones before a computer—or a computer masquerading as a charger—could access files or execute code on the phone.
Several tabletop game companies are teaming up to sue Trump over his tariffs.
mrs/Getty Images
Board game companies are suing Trump because they say tariffs are affecting their profits.
Stonemaier Games said in the lawsuit it expects to pay "millions" due to tariffs.
Trump says the tariffs are meant to boost US jobs, but the cost is often passed on to the consumer.
A group of tabletop game companies is suing President Donald Trump because it says his tariffs are reducing their profits to the real-world value of Monopoly money.
Stonemaier Games, which makes the popular board games "Wingspan," "Rolling Realms," and "Vantage," announced its involvement in the lawsuit this week. The company said the lawsuit would "challenge the unchecked authority" of Trump and his tariffs.
"We will not stand idly by while our livelihoods—and the livelihoods of thousands of small business owners and contractors in the US, along with the customers whose pursuit of happiness we hold dear—are treated like pawns in a political game," the company said.
Lawyers for Stonemaier, which is based in St. Louis, said in a legal complaint that the company estimates it will pay "millions in tariffs" because it manufactures all of its games in a Chinese factory owned by Panda Game Manufacturing, which is based in Canada. Stonemaier has printed its games in China for more than 13 years, the lawsuit says.
At least nine other companies joined Stonemaier in the lawsuit, saying Trump's tariffs will cause substantial harm to their business. XYZ Game Labs, Rookie Mage, Spielcraft, and TinkerHouse Games are all board game companies that are joining the lawsuit.
Spielcraft, an independent Nebraska-based board game maker, paid $4,335 in tariff fees in April, the lawsuit says.
Other small businesses also joined the suit. Clothing company Princes Awesome, which makes inclusive clothing for children and adults, paid $1,041 for dresses imported from China in March, according to the lawsuit.
"Princess Awesome has also ordered additional products from Peru, Bangladesh, and India that they anticipate will arrive in the United States in the coming weeks and are continuing to place new orders for imports," the complaint says.
Trump and his treasury secretary, Scott Bessent, have said that the tariffs are part of a strategy to increase manufacturing jobs in the United States. But that could take a while. In the meantime, tariffs can raise prices and reduce the dollar's purchasing power, leaving consumers with less money to spend.
Experts told Business Insider that supply chain disruptions caused by the tariffs could cause prices to spike and the availability of goods to decrease in as early as a few weeks.
Pacific Legal Foundation, which is representing the companies in the lawsuit, said in a statement that Trump's tariffs are unconstitutional and that only Congress should have the power to levy tariffs.
"The Constitution gives Congress—not the president—the power to impose tariffs because policies affecting an entire nation should come from the body most representative of the entire nation," the statement says. "And Congress cannot delegate that core legislative power to the president."
There's a curious contradiction at the heart of today's most capable AI models that purport to "reason": They can solve routine math problems with accuracy, yet when faced with formulating deeper mathematical proofs found in competition-level challenges, they often fail.
That's the finding of eye-opening preprint research into simulated reasoning (SR) models, initially listed in March and updated in April, that mostly fell under the news radar. The research serves as an instructive case study on the mathematical limitations of SR models, despite sometimes grandiose marketing claims from AI vendors.
What sets simulated reasoning models apart from traditional large language models (LLMs) is that they have been trained to output a step-by-step "thinking" process (often called "chain-of-thought") to solve problems. Note that "simulated" in this case doesn't mean that the models do not reason at all but rather that they do not necessarily reason using the same techniques as humans. That distinction is important because human reasoning itself is difficult to define.
The FBI is offering $10 million for information about the China-state hacking group tracked as Salt Typhoon and its intrusion last year into sensitive networks belonging to multiple US telecommunications companies.
Salt Typhoon is one of a half-dozen or more hacking groups that work on behalf of the People’s Republic of China. Intelligence agencies and private security companies have concluded the group has been behind a string of espionage attacks designed to collect vital information, in part for use in any military conflicts that may arise in the future.
A broad and significant cyber campaign
The agency on Thursday published a statement offering up to $10 million, relocation assistance, and other compensation for information about Salt Typhoon. The announcement specifically sought information about the specific members of Salt Typhoon and the group's compromise of multiple US telecommunications companies last year.
Ironically, our present AI age has shone a bright spotlight on the immense value of human creativity as breakthroughs in technology threaten to undermine it. As tech giants rush to build newer AI models, their web crawlers vacuum up creative content, and those same models spew floods of synthetic media, risking drowning out the human creative spark in an ocean of pablum.
Given this trajectory, AI-generated content may soon exceed the entire corpus of historical human creative works, making the preservation of the human creative ecosystem not just an ethical concern but an urgent imperative. The alternative is nothing less than a gradual homogenization of our cultural landscape, where machine learning flattens the richness of human expression into a mediocre statistical average.
A limited resource
By ingesting billions of creations, chatbots learn to talk, and image synthesizers learn to draw. Along the way, the AI companies behind them treat our shared culture like an inexhaustible resource to be strip-mined, with little thought for the consequences.
Donald Trump will attend a dinner with the largest holders of his own-brand crypto coin, sending its price through the roof. But the real profits have already been made just out of view.
DoorDash filed the motion alongside a press release on Friday.
"It's disappointing behavior from a company once known for competing on the merits of its products and innovation," DoorDash, which tops the online food delivery market in the United States, wrote in the release.
Uber filed a complaint against DoorDash in February, accusing the company of anti-competitive business practices that inflated prices for restaurants and customers. The complaint said DoorDash "devised and is engaged in an unlawful scheme to stifle competition with Uber Eats, its closest rival."
Uber accused DoorDash in the complaint of leveraging restaurants' dependence on its app to secure near-exclusive or exclusive use.
"Restaurants simply cannot afford to stand up to DoorDash, and find themselves powerless to choose the service or services that are best for their businesses in the market for first-party delivery," Uber's complaint said.
DoorDash denied the accusations made in Uber's lawsuit in a motion on Friday.
Emily Dulla/Getty Images for DoorDash
Earnest Analytics reported in February that DoorDash dominated the food delivery market with a 60.7% share. Uber Eats followed at 26.1% and Grubhub at 6.3%.
DoorDash denied Uber's accusations in the motion on Friday.
Among its arguments, DoorDash said Uber is trying to "shoehorn its competition claims" by using a statute that typically applies to "disputes regarding employee non-compete provisions."
"Uber's lawsuit should be seen for what it is: sour grapes from a competitor that has been told by merchants, time and again, that they prefer working with DoorDash," the company's motion said. That's not the basis for a lawsuit — it's just fair competition. The Court should sustain DoorDash's demurrer."
Uber told Business Insider in a statement that it won't back down.
"It seems like the team at DoorDash is having a hard time understanding the content of our complaint. When restaurants are forced to choose between unfair terms or retaliation, that's not competition — it's coercion. Uber will continue to stand up for merchants and for a level playing field. We look forward to presenting the facts in court," an Uber spokesperson said.
A lawyer for DoorDash told BI, "Uber appears to be upset that they're losing in the marketplace because DoorDash has better and more innovative products, but that isn't a legitimate basis for a lawsuit."
"Uber's legal claims are meritless and should be dismissed," the lawyer said.
DoorDash isn't Uber's only legal battle this year. In April, the Federal Trade Commission sued Uber, saying the company added users to its Uber One subscription program without their consent.
The FTC said in a press release that the company "failed to deliver promised savings" and made it tough for users to cancel the service.
Uber CEO Dara Khosrowshahi told Semafor on Friday that the FTC's lawsuit was a "head-scratcher."
"We make it incredibly easy to sign up for Uber One, the value is enormous, the renewal rates are over 90%. It's a great product," Khosrowshahi said. "We allow you to cancel. We allow you to pause. That one was a head-scratcher for me."
Enterprise search centralizes access to a company's data, making information from multiple platforms searchable through one hub.
Photo courtesy of Super.com
Super.com had its internal information scattered across several workspace platforms.
The company built an artificial intelligence search tool to make a tool hub.
This article is part of "Build IT: Connectivity," a series about tech powering better business.
The tools meant to streamline work can leave businesses stuck in a maze of messages, documents, and dashboards.
Super.com, a travel and finance platform on which customers can book hotels and earn cash and rewards, depends on various workspace platforms, including Slack, Confluence, and GitLab, to keep the business humming.
Hussein Fazal, Super.com's CEO, told Business Insider that juggling systems often slowed down day-to-day tasks. Documents, datasets, and message exchanges were scattered across platforms, which made it difficult for teams to access what they needed when they needed it.
During the COVID-19 pandemic, the company decided to permanently switch to remote work, which Fazal said added an extra challenge to information retrieval.
As a result, Super.com needed a central system to access information from all of its platforms.
"It's hard to just pick up information, and it can sometimes even be hard to get information," he said.
Super.com decided to build a hub that its employees could access from home. In 2022, the company teamed up with Glean, an AI startup in Palo Alto, California, to create a search platform that pulls information from across Super.com's software programs.
Hussein Fazal is the chief executive officer at Super.com.
Courtesy of Super.com
A personalized search tool
Enterprise search is software that allows users to look for information across various platforms and databases. Glean's platform uses ranking algorithms and generative artificial intelligence to make it easier for users to find what they're looking for.
"Glean will find the right information and produce an answer in natural language, à la ChatGPT, but with the information in the context of your enterprise," Tamar Yehoshua, the president of product and technology at Glean, told BI.
She said that it's not as straightforward as putting all the information together into one big pot. Different employees have different access permissions, so each search needs to be customized for whoever is using it.
Super.com integrated the company's most-used apps and tools, such as Slack, Confluence, GitLab, and Google Drive, into one hub. "It's personalized," she said. "It will find the information that is more relevant to you, as opposed to me, if we're in different roles and in different teams."
Yehoshua said the setup process could be challenging since some companies struggle with managing who has access to which tools. This means that the software could give out confidential information to employees.
To fix this, Glean built a data-governance layer into the search platform, which ensures rigorous access permissions. Fazal said Super.com had never had an issue with Glean's search tool giving people information they shouldn't be allowed to see.
Yehoshua added that while everybody knows how to search Google, not everyone knows how to write a good AI prompt. Glean also launched a prompt library for Super.com, which she said helped educate people on how to use the tool.
Fazal said he uses the platform multiple times a day. He added that an internal company survey found the search platform has saved employees an average of 20 minutes a day, which adds up to more than 1,500 hours saved each month across the team. The employee survey also found a 20% reduction in onboarding time for new hires.
Next steps for AI agents
Since their first partnership, in 2022, Super.com and Glean have added features to the platform. A generative-AI tool embedded into the platform, for example, helps employees draft emails and prioritize tasks using real-time company data.
For instance, if an employee asks, "What are the 10 most important things I should be working on right now?" the AI assistant will use information from Slack and Google Docs to give a customized answer to that employee.
Looking ahead, Fazal hopes to incorporate AI agents into the platform. He said the next step after prompting AI to generate a task list would be getting an AI agent to go do those things. For instance, the AI assistant might suggest arranging a meeting as an important task. The agent would then draft emails and book a meeting room to help complete that task.
"We're excited to test it out and implement that once it's ready," he said.
Photographer extraordinaire Don Pettit is about to return to Earth following a seven-month stay aboard the International Space Station (ISS). During his time in orbit some 250 miles above Earth, Pettit has been sharing breathtaking photos and videos of Earth and beyond, featuring everything from star trails and aurora to rocket launches and cityscapes. To […]
On Wednesday, OpenAI announced the release of two new models—o3 and o4-mini—that combine simulated reasoning capabilities with access to functions like web browsing and coding. These models mark the first time OpenAI's reasoning-focused models can use every ChatGPT tool simultaneously, including visual analysis and image generation.
OpenAI announced o3 in December, and until now, only less capable derivative models named "o3-mini" and "03-mini-high" have been available. However, the new models replace their predecessors—o1 and o3-mini.
OpenAI is rolling out access today for ChatGPT Plus, Pro, and Team users, with Enterprise and Edu customers gaining access next week. Free users can try o4-mini by selecting the "Think" option before submitting queries. OpenAI CEO Sam Altman tweeted that "we expect to release o3-pro to the pro tier in a few weeks."
In the AI world, a vulnerability called a "prompt injection" has haunted developers since chatbots went mainstream in 2022. Despite numerous attempts to solve this fundamental vulnerability—the digital equivalent of whispering secret instructions to override a system's intended behavior—no one has found a reliable solution. Until now, perhaps.
Google DeepMind has unveiled CaMeL (CApabilities for MachinE Learning), a new approach to stopping prompt-injection attacks that abandons the failed strategy of having AI models police themselves. Instead, CaMeL treats language models as fundamentally untrusted components within a secure software framework, creating clear boundaries between user commands and potentially malicious content.
The new paper grounds CaMeL's design in established software security principles like Control Flow Integrity (CFI), Access Control, and Information Flow Control (IFC), adapting decades of security engineering wisdom to the challenges of LLMs.
Security and privacy advocates are girding themselves for another uphill battle against Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store everything a user does every three seconds.
When Recall was first introduced in May 2024, security practitioners roundly castigated it for creating a gold mine for malicious insiders, criminals, or nation-state spies if they managed to gain even brief administrative access to a Windows device. Privacy advocates warned that Recall was ripe for abuse in intimate partner violence settings. They also noted that there was nothing stopping Recall from preserving sensitive disappearing content sent through privacy-protecting messengers such as Signal.
Enshittification at a new scale
Following months of backlash, Microsoft later suspended Recall. On Thursday, the company said it was reintroducing Recall. It currently is available only to insiders with access to the Windows 11 Build 26100.3902 preview version. Over time, the feature will be rolled out more broadly. Microsoft officials wrote:
Google is hosting dozens of extensions in its Chrome Web Store that perform suspicious actions on the more than 4 million devices that have installed them and that their developers have taken pains to carefully conceal.
The extensions, which so far number at least 35, use the same code patterns, connect to some of the same servers, and require the same list of sensitive systems permissions, including the ability to interact with web traffic on all URLs visited, access cookies, manage browser tabs, and execute scripts. In more detail, the permissions are:
Tabs: manage and interact with browser windows
Cookies: set and access stored browser cookies based on cookie or domain names (ex., "Authorization" or "all cookies for GitHub.com")
WebRequest: intercept and modify web requests the browser makes
Storage: ability to store small amounts of information persistently in the browser (these extensions store their command & control configuration here)
Scripting: the ability to inject new JavaScript into webpages and manipulate the DOM
Alarms: an internal messaging service to trigger events. The extension uses this to trigger events like a cron job, as it can allow for scheduling the heartbeat callbacks by the extension
:: This works in tandem with other permissions like webRequest, but allows for the extension to functionally interact with all browsing activity (completely unnecessary for an extension that should just look at your installed extensions)
These sorts of permissions give extensions the ability to do all sorts of potentially abusive things and, as such, should be judiciously granted only to trusted extensions that can’t perform core functions without them.
Remember when teachers demanded that you "show your work" in school? Some new types of AI models promise to do exactly that, but new research suggests that the "work" they show can sometimes be misleading or disconnected from the actual process used to reach the answer.
New research from Anthropic—creator of the ChatGPT-like Claude AI assistant—examines simulated reasoning (SR) models like DeepSeek's R1, and its own Claude series. In a research paper posted last week, Anthropic's Alignment Science team demonstrated that these SR models frequently fail to disclose when they've used external help or taken shortcuts, despite features designed to show their "reasoning" process.
(It's worth noting that OpenAI's o1 and o3 series SR models were excluded from this study.)
Login
