In today’s digital landscape, effective information management is the cornerstone of any successful business. Central to this is a well-crafted records management strategy. Documents- vital to daily operations, decision-making, and regulatory compliance, represent more than papers stored in a dusty archive room. Ignoring this fundamental aspect of business can lead to operational inefficiencies, legal breaches, and significant reputational damage. On the other hand, a well-executed records management strategy can streamline operations, fortify legal standing, and enhance customer trust. It’s a strategic lever, pulling businesses towards success and resilience. This article aims to shed light on the critical nature of document management and provide a roadmap for developing a strategy that truly works for your business. Get ready to discover valuable insights enabling your business to operate more efficiently, confidently, and more agile than ever. Defining Records Management And Its Significance Records management is about maintaining orderly control over an organization’s files, from their creation to their disposal. It encompasses activities such as classifying, storing, preserving, and retrieving various types of documents, internal (like employee files or financial statements) and external (such as customer data or regulatory filings). In an increasingly digital world, managing these physical or digital documents is more critical than ever. Records serve as a resource for decision-making and legal reporting and provide historical business insights. The exponential growth in digital data necessitates adopting technology like records management software. Such tools simplify the file’s life cycle and ensure regulatory abidance, all within the context of a comprehensive records management strategy. Understanding Legal Mandates And Industry Guidelines For Records Management Navigating the terrain of document management also involves understanding the legal requirements and industry standards that govern it. Laws and regulations dictate how organizations manage, preserve, and dispose of their records. However, the legalities governing file management can differ significantly across industries, countries, and types of records. These legal frameworks and industry-established best practices guide businesses on how to create, capture, and manage their information effectively. By strictly adhering to legal requirements and industry standards, companies can ensure compliance, boost operational efficiency, and reduce risks. Such commitment underscores the value of a well-informed approach to document management, emphasizing the importance of a thorough understanding of the established guidelines. Steps To Develop A Records Management Strategy Developing a robust strategy requires a systematic approach. Here are the key steps: 1. Identify Your Record Types Each organization manages a diverse array of file types, which form the bedrock of its operations. This broad spectrum can include internal documents like team member data, legal documents such as contracts and agreements, and external data like customer information. The format of these files can range from traditional physical forms to their digital counterparts. Identifying and understanding the types of documents your business manages, from HR paperwork to complex legal documentation, is the launching pad for devising an effective records management strategy. This comprehensive perspective forms the basis for subsequent strategic steps. 2. Define Your Objectives And Goals Defining the objectives and goals of your records management strategy is a crucial starting point. These goals can cover various areas, such as enhancing efficiency, ensuring regulatory compliance, improving data security, or facilitating easy document retrieval. Each plan must adhere to the Specific, Measurable, Achievable, Relevant, and Time-bound (SMART) criteria. For example, you might set a goal: “Reduce customer record retrieval time by 30% by the end of Q4 to improve client satisfaction.” This clearly defined goal will serve as the guiding light for your records management strategy, driving purposeful action and measurable outcomes. 3. Analyze Your Current Situation It’s crucial to evaluate your current records management practices. This step involves a comprehensive inventory of your records, identification of system gaps, and a Strengths, Weaknesses, Opportunities, Threats (SWOT) analysis. For example, your current system is robust in preserving records (strength) but short in quick retrieval (weakness), presenting an opportunity for improvement. The outcomes of this evaluation will guide your strategy’s direction. 4. Develop Procedures For Record Creation, Storage And Retention Creating robust file creation, storage, and retention procedures is crucial to a comprehensive records management strategy. These procedures address multiple aspects, from standardizing document creation to ensuring secure storage and setting retention periods in line with legal and business requirements. This systematic approach fosters consistency and security across the board, ensuring regulatory adherence and strengthening the file management process. 5. Implement Security Measures And Access Controls Implementing stringent security measures and access controls is essential in safeguarding sensitive data. These measures apply to both physical and digital realms. For instance, digital documents containing sensitive information could be encrypted and stored in a secure server with access granted only to specific individuals based on their roles and responsibilities. Granting access solely to authorized personnel maintains the integrity and confidentiality of the data. These security measures protect valuable information and emphasize your organization’s commitment to responsible data management. 6. Plan for Disaster Recovery And Business Continuity Integrating disaster recovery and business continuity planning into a records management strategy is crucial to proactive business administration. The process involves devising strategies to enable swift recovery and business continuity even during unforeseen disasters, such as a massive data breach or natural calamity. With such a plan in place, businesses can bounce back quickly, minimizing downtime and ensuring a smoother transition to normal operations. For instance, a robust plan may incorporate routine backups of digital documents to a secure, off-site location or cloud storage. This strategy ensures the data is retrievable, enabling the rapid resumption of operations post-disaster. 7. Training And Change Management Introducing a new records management strategy inevitably triggers change within an organization. Comprehensive training and adept change management are essential to navigate this transformation successfully. The process involves equipping employees with the necessary knowledge and skills to adapt to new procedures effectively. This robust training approach ensures a smooth transition, fostering seamless integration of the new strategy into daily operations. For example, organizing workshops or training sessions that illustrate the nuances of the new system can mitigate resistance and

OnePlus is all set to launch its first foldable smartphone next month. Rumours suggest that the company may launch the smartphone on August 29 at a physical launch event in New York. Now, OnePlus has revealed the name of its first foldable smartphone. OnePlus took to Twitter to reveal the name of its foldable smartphone. The company tweeted, “We OPEN when other FOLD”. This confirms that the upcoming foldable smartphone from OnePlus will be called ‘OnePlus Open‘. Recently, an online leak revealed that the upcoming foldable smartphone will replicate the design of last year’s launched Oppo Find N2 smartphone. Furthermore, it was mentioned that the foldable smartphone could potentially feature a periscope camera equipped with 3x optical zoom. The leak also disclosed that OnePlus’s foldable phone might be available in two colour variants, namely black and green. OnePlus Open likely specsThe device is likely to house a triple rear camera setup, and there’s speculation that it might include a periscope lens to significantly enhance zoom capabilities. To further enhance user convenience, leaks suggest the presence of a side-mounted fingerprint sensor for quick unlocking. The smartphone’s display is rumoured to adopt a modern punch-hole camera design, promising an immersive viewing experience.Under the hood, the OnePlus Open is expected to be powered by an octa-core Qualcomm Snapdragon 8 Gen 2 chipset, ensuring robust performance. On the software front, it is anticipated to run on the Android 13 operating system with OnePlus’s customized OxygenOS Fold interface, offering a seamless and efficient user experience.

Meta’s license for Llama 2 also requires companies with more than 700 million monthly active users to establish a separate license agreement with Meta. It is not clear why, but the clause creates a barrier to other tech giants building on the system. The model also comes with an acceptable use policy, which prohibits generating malicious code, promoting violence, or enabling criminal activity, abuse, or harassment. Meta did not respond to a question about what actions it might take if Llama 2 was used in breach of that policy. Jon Turow, an investor at Madrona Ventures in Seattle, says Meta’s pivot from trying to restrict distribution of the first Llama model to open-sourcing the second could enable a new wave of creativity using large language models. “Developers and entrepreneurs are very resourceful, and they are going to find out what they can squeeze out of Llama 2,” he says. Turow likens Meta’s choice to release Llama 2 this month to Google introducing the Android mobile operating system in 2007 to rival Apple’s iOS. By giving away a cheap but powerful alternative, Meta can become a counterbalance to proprietary systems like the kind developed by OpenAI, sparking innovation that could feed back ideas that help improve Meta products and services. Llama 2 is the first openly released model on par with ChatGPT, says Nathan Lambert, an AI researcher at Hugging Face, a startup that releases open source machine-learning software, including generative models. He doesn’t consider the project truly open source, because of Meta’s limited disclosures about its development, but he is astonished by the number of Llama 2 variations he sees in his social media feed. One example is the latest version of WizardLM, an AI system, similar to ChatGPT, designed to follow complex instructions. Eight out of 10 models trending currently on Hugging Face, a number of which are made to generate conversational text, are variations of Llama 2. “I think there’s a case to be made that Llama 2 is the biggest event of the year in AI,” Lambert says. He says proprietary models have the advantage today, but he believes that later versions of Llama will catch up and, before long, will be able to perform most tasks that people turn to ChatGPT for today. Lambert also says the Llama 2 release leaves a number of questions unanswered, in part due to the lack of documentation of training data. And it will still remain the case that only major players like Meta, Google, Microsoft, and OpenAI will have the computing resources and staff needed to make leading large language models. But he is hopeful that, despite the the success of OpenAI’s proprietary approach, language models are shifting into an era of transparency. A voluntary agreement  between the White House and seven major AI companies calls for tests of things like potential for discrimination or impact to society or national security before deployment.  It’s a trend that could be challenged by growing questions about legal liability for AI systems and increasing regulatory pressure from politicians, who fear that malicious actors will start using open source models. Like Demis Hassabis, the AI researcher now leading Google’s AI development, Turow disagrees with the assertion made by the leaked Google memo that it and other major AI companies are threatened by open source AI. He thinks data, talent, and access to computing power will continue to protect the biggest tech companies—but not make them invincible. He’s now watching to see what startups and researchers do with Llama 2, expecting to see them rapidly improve it, as happened with the first iteration of Meta’s model. He says that should create new possibilities for both startups and the broader field of AI. “We’re seeing open source continually get better and better, so there may be surprises that upset the early leaders,” Turow says. “I don’t know what will happen.”

Gideon Lichfield: OK, but let me play the synthetic biology devil’s advocate for a second. Lauren Goode: OK, OK. Gideon Lichfield: When you have kids, you are throwing the genetic dice, you are mixing your DNA and that of your partners, and— Lauren Goode: Oh, is that how you have kids? [laughter] Should we get into the birds and the bees here? You’re my boss. Would you like to explain the birds and the bees to me? How does this work exactly? [laughter] Gideon Lichfield: Are you being sassy? [Laughter] Lauren Goode: We should also probably let the audience know that we both happen to be child-free people. Gideon Lichfield: That is true. Lauren Goode: So please do not come for us with the pitchforks if we talk about what it must be like to have children. OK, so yes, so you are rolling the— Gideon Lichfield: But let’s get back to it. Lauren Goode: You’re rolling the genetic dice, correct. Like, a lot of things could go wrong, and particularly if you have children when you are at advanced age for reproducing. Gideon Lichfield: And if you know exactly what DNA is going into your offspring, you’re taking less of a gamble. Is it narcissistic? Sure, or certainly—let’s put it this way—a lot of very narcissistic people will probably want to have kids that way, and maybe a lot of those offspring will not be such boons to humanity. And frankly, for that matter, Andrew doesn’t know that the genetic copy of himself that’s born in 200 years will be a nice well-meaning scientifically minded person who’s trying to cure humanity’s ills. They might be a monster. Lauren Goode: Right, and I don’t wanna conflate having children with cloning. I think the cloning thing is really what’s stuck in my brain right now. Although he did say, you asked him about children and he said, well, they’re not mutually exclusive. He would like to have had 10 children but also he would like the idea of a clone in the future. Gideon Lichfield: Right. So, again, to play devil’s advocate, if you are willing to say that it’s OK to have kids, then what is wrong with having clones? It feels weird and icky and it’s narcissistic and all those things, and yet I think when you pull it apart, I find it hard to make an argument against it. Lauren Goode: OK, interesting. Would you clone yourself? Gideon Lichfield: That’s an interesting question. I’ve never had a strong desire to have kids, and I feel like, for the same reason, I should not have a strong desire to have a clone. In other words, the argument I’m making is that I think these are basically the same thing. You are causing another human being to be born, and you have a certain responsibility to that human being, I think, if you do that. If I were to set up a clone with a fund 200 years from now, maybe the biggest ethical argument against that is I have no idea what the world is gonna be like 200 years from now. And the present me transported 200 years into the future might look at that world and say, “Hell no. I don’t want any child born into this world, at least I don’t want to have the responsibility for bringing a child into this world.” Then there’s a whole other problem which is, the way we bring up children right now is they are born into a family, and so they have a structure around them, and they have relatives, and they have all of that. And if you simply seed a test tube baby to be born 200 years from now, they may have all the money in the world, but if they don’t have a family around them, what does that mean for their upbringing? Of course, maybe the world of 200 years from now will have solved that problem too.

The finest commercial patio furniture for restaurants combines durability, reliability, and quality. Frequently, people make the mistake of buying outdoor furniture just for decorative purposes. While having stylish outdoor furniture sets for your home or place of business is excellent, the main priority should be making sure they are durable. Please continue reading for more information on the materials we suggest utilizing for outdoor restaurant furniture. How Come Material is so Important? When choosing outdoor furniture for your restaurant, material selection is crucial. Whether pouring rain outside or scorching hot inside, the furniture you pick must endure all conditions. Whether you need to supply a vast beer garden or just a foldaway bistro set for a small patio area, choosing a suitable material for the weather is essential. The type of material you use is less important if your furniture will be stored. However, only buy lightweight furniture if you know it will constantly be outside. Popular Outdoor Use Material Metal, stainless steel, wood, and aluminum are the finest options for outdoor furniture. If you know what you want, it’s easy to find the table you wish in various materials: aluminum dining furniture or wooden booth seats. Although it has been said that wood is often thought to be the most extraordinary material for outdoor use, this depends on the climate to which your furniture will be subjected. We’ve included an extensive examination of each material’s resistance to exposure to the elements and the critical information about it. Keep reading if you’ve decided about the furnishings for your outside space. Wood Due Wood is the most frequently utilized outdoors due to its inherent beauty, superior strength, and long lifetime. Beer gardens usually include wooden furniture because bar owners want to fill large spaces with affordable, stylish furnishings. Wooden furniture is an excellent choice if you need to live in wet conditions because it is typically covered in waterproof resin. Wooden furniture can survive intense hurricanes because of its weight and sturdy table base. Steel Stainless steel is frequently utilized outside of cafes and restaurants. Steel furniture may be improved by adding soft fabric accents and seat coverings. Thankfully, steel has a chromium oxide covering that shields it from rust and corrosion, keeping it from deteriorating after heavy rain. Tables and chairs may be stacked, and stainless steel furniture is functional, versatile, and easy to store. Another benefit is how easy it is to clean furniture made of stainless steel. Metal Metal was one of the earliest materials used for outdoor furniture. The strength of the metal is excellent for people who want to be sure that their furniture will stay in place. It is possible to customize and change things with metal furniture by coating or spraying it, and it will still look amazing. For instance, stainless steel cannot be used for this. Metal furniture’s major flaw is that it rusts more quickly than other materials, making it the least desirable choice for houses in humid areas. Aluminum If appropriately manufactured, aluminum furniture shouldn’t rust. Since they are lightweight and movable, aluminum chairs, tables, and bar stools are famous for business outdoor furniture. This makes them perfect if you frequently rearrange your outside area. We suggest utilizing aluminum in colder areas and avoiding lengthy exposure to sunlight because it is a recognized heat conductor compared to other materials.

A new cryptocurrency-based malware campaign is reportedly targeting PC users. According to a report by Bleeping Computer, the malware was discovered by security researcher iamdeadlyz. Hackers are using this campaign to distribute malware to both Windows and macOS users in the form of fake blockchain games. These fake games have names like Brawl Earth, WildWorld, Dawnland, Destruction, Evolion, Pearl, Olymp of Reptiles, and SaintLegend.The report also mentions that the newMac malware named “Realst” is being used to target Apple computers. Some of the latest variants of the malware also include support for the upcoming macOS 14 Sonoma which is still in beta. As per the report, cybercriminals are promoting these games on social media. Hackers are using direct messages to share access codes which are needed to download these fake game clients from associated websites. Why hackers are using access codes for these gamesAccess codes are helping cyber attackers to check the users that they want to target and prevent security researchers from detecting their malicious intentions. These game installers then infect targeted devices with information-stealing malware. For Windows, hackers are using the RedLine Stealer malware while Realst is for macOS users. Another security researcher named SentinelOne analysed 59 Mach-O samples of the Realst malware that were already discovered. The analysis focused on the macOS versions of each sample and several ds How this malware campaign is affecting macOS usersWhenever users try to download a fake game from the cybercriminal’s site, they are being offered either Windows or macOS malware, depending on their OS. The Realst info-stealing malware targets Mac devices as PKG installers or DMG disk files. These files don’t include any real games or other decoy software, they just contain malicious Mach-O files. One of the files is a cross-platform Firefox-based data stealer while the other one is an open-source macOS keychain database password, keys, and certificates extractor. The researcher also found that some samples are codesigned using valid (now revoked) Apple Developer IDs or ad-hoc signatures, to bypass detection from security tools.What Mac users should do to protect themselves from this malware campaignThe report has also advised macOS users to be cautious with blockchain games. Hackers are distributing Realst using Discord channels and “verified” Twitter accounts to make them look legitimate. Moreover, it is important to note that these games specifically target cryptocurrency users. The main goal of these games is to steal crypto wallets and the funds within them, which can cost investors a lot.

Second, it could instruct any federal agency procuring an AI system that has the potential to “meaningfully impact [our] rights, opportunities, or access to critical resources or services” to require that the system comply with these practices and that vendors provide evidence of this compliance. This recognizes the federal government’s power as a customer to shape business practices. After all, it is the biggest employer in the country and could use its buying power to dictate best practices for the algorithms that are used to, for instance, screen and select candidates for jobs. Third, the executive order could demand that anyone taking federal dollars (including state and local entities) ensure that the AI systems they use comply with these practices. This recognizes the important role of federal investment in states and localities. For example, AI has been implicated in many components of the criminal justice system, including predictive policing, surveillance, pre-trial incarceration, sentencing, and parole. Although most law enforcement practices are local, the Department of Justice offers federal grants to state and local law enforcement and could attach conditions to these funds stipulating how to use the technology. Finally, this executive order could direct agencies with regulatory authority to update and expand their rulemaking to processes within their jurisdiction that include AI. Some initial efforts to regulate entities using AI with medical devices, hiring algorithms, and credit scoring are already underway, and these initiatives could be further expanded. Worker surveillance and property valuation systems are just two examples of areas that would benefit from this kind of regulatory action. Of course, the testing and monitoring regime for AI systems that I’ve outlined here is likely to provoke a range of concerns. Some may argue, for example, that other countries will overtake us if we slow down to implement such guardrails. But other countries are busy passing their own laws that place extensive restrictions on AI systems, and any American businesses seeking to operate in these countries will have to comply with their rules. The EU is about to pass an expansive AI Act that includes many of the provisions I described above, and even China is placing limits on commercially deployed AI systems that go far beyond what we are currently willing to consider. Others may express concern that this expansive set of requirements might be hard for a small business to comply with. This could be addressed by linking the requirements to the degree of impact: A piece of software that can affect the livelihoods of millions should be thoroughly vetted, regardless of how big or how small the developer is. An AI system that individuals use for recreational purposes shouldn’t be subject to the same strictures and restrictions. There are also likely to be concerns about whether these requirements are practical. Here again, it’s important not to underestimate the federal government’s power as a market maker. An executive order that calls for testing and validation frameworks will provide incentives for businesses that want to translate best practices into viable commercial testing regimes. The responsible AI sector is already filling with firms that provide algorithmic auditing and evaluation services, industry consortia that issue detailed guidelines vendors are expected to comply with, and large consulting firms that offer guidance to their clients. And nonprofit, independent entities like Data and Society (disclaimer: I sit on their board) have set up entire labs to develop tools that assess how AI systems will affect different populations. We’ve done the research, we’ve built the systems, and we’ve identified the harms. There are established ways to make sure that the technology we build and deploy can benefit all of us while reducing harms for those who are already buffeted by a deeply unequal society. The time for studying is over—now the White House needs to issue an executive order and take action. WIRED Opinion publishes articles by outside contributors representing a wide range of viewpoints. Read more opinions here. Submit an op-ed at ideas@wired.com.

Networking with industry leaders is an invaluable strategy for professional growth and expanding your influence within your field. Meeting industry leaders open up a world full of new opportunities. You can build your brand reputation, learn new things, and obtain emotional support through networking. We’ve listed four effective collaborative approaches below to help you network with leaders in your industry. 1. Attend Key Industry Events Conferences, events, seminars, and unique award shows are excellent ways of building external connections. Various professional groups or associations arrange events or meetups to encourage networking among their members. Trade shows and conferences are also great for meeting new people in your industry. Always keep your eyes open for such professional events. And when you’re attending such events, don’t hesitate to speak up. Opening yourself up to others also unlocks networking opportunities. It establishes yourself as valuable, encouraging people to engage with you. Regularly attend networking events and meetups to expand your professional network, connect with industry leaders across various fields, and foster meaningful connections through engaging conversations and follow-ups. 2. Engage in Online Platforms Engaging in online platforms, particularly social media platforms like LinkedIn, can provide significant advantages for collaborating and expanding influence with industry leaders. These platforms allow individuals to network with professionals, gather valuable information, and promote their businesses effectively. Here are some key benefits of engaging in online platforms: Extensive Networking Opportunities: Connect with industry leaders and build a professional network by adding professionals you know on LinkedIn. Background Research and Preparation: Gain insights into industry leaders’ expertise through their profiles and posts, helping you make a strong first impression. Talent Recruitment: Use LinkedIn to find top talent and access a diverse pool of professionals. Marketing and Promotion: Utilize LinkedIn’s networking and marketing tools to amplify your business reach and establish thought leadership. 3. Start Sharing Knowledge Networking should not be a one-sided endeavor. Offer mutual value and support to industry leaders by actively seeking opportunities for collaboration and knowledge-sharing. Consider organizing joint projects, webinars, or workshops where both parties can contribute their expertise. Become a recognized industry authority by actively contributing to industry publications, blogs, and thought leadership platforms, boosting your visibility and attracting industry leaders. You can also seek mentorship and guidance from established industry leaders. It’s a unique opportunity to build valuable connections with experienced professionals. 4. Engage with Businesses Engaging with businesses is crucial for networking and expanding your professional connections. You can establish valuable relationships with business leaders by actively participating in industry-specific associations, events, and initiatives. Additionally, trade shows allow you to showcase your business and engage with potential partners. Here are some key strategies for engaging with businesses.: Join industry-specific associations and organizations to access a professional network, gain industry insights, and attend events. Participate in committees and volunteering initiatives to contribute to the industry, collaborate with professionals, and gain visibility. Collect business information such as cards or social media handles for future contact and easy reference. Attend trade shows as a vendor to engage with industry professionals, showcase your offerings, and enhance brand visibility. Prioritize relationship building over self-promotion by showing genuine interest in others’ businesses and goals. Identify key physical and online networking locations frequented by industry professionals. Engage in collaborative projects to showcase skills, dedication, and effective teamwork, attracting industry leaders. Remember, networking is a long-term investment that requires effort, sincerity, and a willingness to contribute to the success of others. Embrace these collaborative approaches, and watch your network flourish while your professional influence expands.

When Meta debuted its new Threads feature earlier this month, it was quickly dubbed “the Twitter killer.” Elon Musk, the owner of X (formerly Twitter), even threatened to sue Meta for what he called a “copycat” product. Launched off the back of Instagram, also owned by Meta, Threads looks very similar to X. It’s scrollable, text-based, and character-limited. But why, when X has been notoriously unprofitable, would Meta—which brought us the infamous “pivot to video” and has had its sights set on competing with TikTok—want to take on the platform? The answer may have to do with artificial intelligence. Recent months have seen a veritable AI arms race, with tools like ChatGPT, Midjourney, Stable Diffusion, Copilot, Dall-E, and Google’s Bard all jockeying for users. As more companies invest in generative AI, they need lots of data to train their models. And that data needs to be generated by actual humans in order for the generative AI to appear, well, human. Platforms like Reddit and X are gold mines because they host millions of examples of user-generated content. Both companies have also historically made their data readily available, a boon for third-party developers and researchers. In 2020 alone, data from X contributed to more than 17,000 research papers. Models like ChatGPT and Bard were also trained on data from these platforms. But this has sparked bigger questions about how much user-generated data is worth, and what it should cost to access. Now, that data may not be readily available for long, just as every company, including Meta, is rushing to develop their own models. Earlier this year, Musk announced that X would begin charging $42,000 a month for its API, pricing out nearly everyone that used it, particularly academics and researchers, for whom data from X was crucial for research into topics like disinformation. Later, the company said it would offer tiers of access priced at $125,000 and $210,000 per month. Not long thereafter, Reddit announced it would also start charging for its API. In an interview with The New York Times, Reddit CEO Reed Huffman acknowledged that the “Reddit corpus of data is really valuable” for training AI models but that the company didn’t feel the “need to give all of that value to some of the largest companies in the world for free.” In the past several months, Musk has continued to crack down on access to X’s data. In April, he tweeted that Microsoft had “illegally” used data from X to train its AI models (Microsoft is a partner with Meta and OpenAI, which created ChatGPT). A letter from X’s lawyer alleged that the company had exceeded the allowed use of the data it drew from the platform. Then, last month, Twitter announced it would restrict the ability to see the site’s content without first logging in, and that to see more that 600 tweets per day, users would need to pay for Twitter Blue. Musk called it a “temporary emergency measure” to prevent what he called “data pillaging.” (XCorp, which owns X, filed a lawsuit shortly after against four unnamed defendants, seeking $1 million in damages for data scraping). As Musk has limited access to the platform, he has also launched his new xAI startup, which will be trained on data from X. What does all this have to do with Threads? Meta, which gambled its future—and its name—on the metaverse, has fallen behind in its investment in AI. But last week, the company announced it would be making its large language model, Llama 2, open source, free for researchers and businesses alike (this also means, however, it won’t have some of the safeguards of ChatGPT, namely the ability to revoke access from users who violate the terms of use to generate, say, disinformation). Threads could bolster its efforts to get back in the AI game, just when X is no longer an option for companies seeking to harvest data.

Over the past eight months, ChatGPT has impressed millions of people with its ability to generate realistic-looking text, writing everything from stories to code. But the chatbot, developed by OpenAI, is still relatively limited in what it can do. The large language model (LLM) takes “prompts” from users that it uses to generate ostensibly related text. These responses are created partly from data scraped from the internet in September 2021, and it doesn’t pull in new data from the web. Enter plug-ins, which add functionality but are available only to people who pay for access to GPT-4, the updated version of OpenAI’s model. Since OpenAI launched plug-ins for ChatGPT in March, developers have raced to create and publish plug-ins that allow the chatbot to do a lot more. Existing plug-ins let you search for flights and plan trips, and make it so ChatGPT can access and analyze text on websites, in documents, and on videos. Other plug-ins are more niche, promising you the ability to chat with the Tesla owner’s manual or search through British political speeches. There are currently more than 100 pages of plug-ins listed on ChatGPT’s plug-in store. But amid the explosion of these extensions, security researchers say there are some problems with the way that plug-ins operate, which can put people’s data at risk or potentially be abused by malicious hackers. Johann Rehberger, a red team director at Electronic Arts and security researcher, has been documenting issues with ChatGPT’s plug-ins in his spare time. The researcher has documented how ChatGPT plug-ins could be used to steal someone’s chat history, obtain personal information, and allow code to be remotely executed on someone’s machine. He has mostly been focusing on plug-ins that use OAuth, a web standard that allows you to share data across online accounts. Rehberger says he has been in touch privately with around a half-dozen plug-in developers to raise issues, and has contacted OpenAI a handful of times. “ChatGPT cannot trust the plug-in,” Rehberger says. “It fundamentally cannot trust what comes back from the plug-in because it could be anything.” A malicious website or document could, through the use of a plug-in, attempt to run a prompt injection attack against the large language model (LLM). Or it could insert malicious payloads, Rehberger says. “You’re potentially giving it the keys to the kingdom—access to your databases and other systems.” Steve Wilson, chief product officer at Contrast Security Data could also potentially be stolen through cross plug-in request forgery, the researcher says. A website could include a prompt injection that makes ChatGPT open another plug-in and perform extra actions, which he has shown through a proof of concept. Researchers call this “chaining,” where one plug-in calls another one to operate. “There are no real security boundaries” within ChatGPT plug-ins, Rehberger says. “It is not very well defined, what the security and trust, what the actual responsibilities [are] of each stakeholder.” Since they launched in March, ChatGPT’s plug-ins have been in beta—essentially an early experimental version. When using plug-ins on ChatGPT, the system warns that people should trust a plug-in before they use it, and that for the plug-in to work ChatGPT may need to send your conversation and other data to the plug-in. Niko Felix, a spokesperson for OpenAI, says the company is working to improve ChatGPT against “exploits” that can lead to its system being abused. It currently reviews plug-ins before they are included in its store. In a blog post in June, the company said it has seen research showing how “untrusted data from a tool’s output can instruct the model to perform unintended actions.” And that it encourages developers to make people click confirmation buttons before actions with “real-world impact,” such as sending an email, are done by ChatGPT.