This tech can end QR code scams, if only Google and Apple pitch in - Related to video,, google, pitch, adobe, tech

Adobe expands generative AI with Firefly video, launching today

The big picture: One of the most impressive applications of generative AI is its ability to create videos from nothing more than a simple text description. Type a few words into one of the many different video generation tools now available – including Adobe's Firefly model – and out pops what can be amazingly lifelike clips. It's a great example of how powerful this technology has become, as well as how quickly it's advancing.

At the same time, many generative video tools also highlight questions and challenges around content ownership and copyright. Some of these have become a key part of larger discussions on the development and evolution of AI-powered tools.

We've already started to see this play out with text generation tools that were trained on material scraped from across the internet – much of it original commercial content. There are serious questions about whether and how content creators should be compensated for their work when it's incorporated into a large language model.

Given the enormous amount of effort (and cost) that goes into creating videos, the voices of concern are bound to grow even louder as generative video usage becomes more widespread.

In the graphics world, Adobe recognized these issues early on and made copyright protection a core part of its initial Firefly image generation tools. The enterprise chose to use only content it had licensed and offered compensation to creators when integrating it into the model training process. Of course, it helped that Adobe had an enormous trove of content and direct connections to creators via its long-running Adobe Stock business, which offers millions of still images and videos for sale.

Nevertheless, Adobe chose to follow these principles in leveraging that data and built a set of generative content tools that not only met general rules of fairness, but also provided a guarantee of commercial safety. In other words, anyone who used the Firefly tools was assured they would not face legal or financial challenges for using copyrighted content. Given that an crucial percentage of Adobe's clients are involved in creating commercial content, that has proven to be a significant advantage.

Not surprisingly, as the organization makes its latest Firefly video model publicly available today (in beta), it is following the same commercially safe principles and offering the same guarantees. In addition, Adobe is integrating support for Content Credentials with its AI-generated video, allowing people to reliably verify that it was created with AI – an increasingly critical capability in a world seemingly overrun with deepfakes.

Adobe is launching access to the new model today (it was first unveiled last fall) via both a new web application and through a "Generative Extend" feature in Adobe Premiere Pro. The enterprise is also debuting two new Firefly plans and previewing one more.

Firefly Standard is priced at $[website], offering 2,000 audio/video credits per month which allows clients to create up to 20 five-second 1080p resolution videos per month. Firefly Pro increases the limit to 7,000 credits and up to 70 five-second videos for $[website] Firefly Premium, arriving later this year for $[website], is designed for creative professionals who, , "expect to generate new video content on a daily basis."

Like other offerings, the Firefly video model supports both text-to-video and image-to-video generation, keyframes at the beginning and end of a clip, and the ability to translate and accurately lip-sync audio across 20 different languages.

A key differentiator for Adobe people will be the seamless integration with other apps across the Adobe suite. For example, people can easily create workflows that move from a still image in Photoshop or a vector illustration in Illustrator into the Firefly Video model and integrate the output straight into Premiere. Adobe has also added a new Scene-to-Image tool, which can be used to create 3D elements for video – whether in an animated or photorealistic style.

It's clear that Adobe is focusing on the kinds of tools and capabilities that regular individuals of its products will appreciate. While many people have been experimenting with other generative video tools for fun, Adobe appears to be focused on delivering practical capabilities that make video creation and editing easier.

The new Generative Extend feature in Premiere Pro is a great example of this. While it might only be needed to extend an existing scene by half a second or so, that can make a huge difference for professional editors trying to match existing music, audio, and video elements. Similarly, an early preview of the new Firefly web app user interface highlights key creative choices for aspects like camera angles and movement, helping the model generate more engaging and cinematic outputs.

While it's fair to say that Adobe is playing a bit of catch-up in the rapidly evolving field of generative AI video – and adding 4K support, which Adobe says will be coming later this year – it's also clear that the organization is applying its own unique approach to the challenge. For the creative professionals who rely on Adobe for their work, that's an essential step.

Bob O'Donnell is the founder and chief analyst of TECHnalysis Research, LLC a technology consulting firm that provides strategic consulting and market research services to the technology industry and professional financial community. You can follow him on Twitter @bobodtech.

User preference to super resolution technologies such as NVIDIA DLSS, AMD FSR, and Intel XeSS, beat playing games without them, at native resolution, ......

The Renault Filante concept car is aiming for electric efficiency records.

Single-seater commits all controls to steering yoke.

Congstar überarbeitet das Postpaid-Angebot der Allnet Flats mit mehr inkludiertem Datenvolumen und wahlweise höherer Geschwindigkeit im 5G-Netz. Die P......

This tech can end QR code scams, if only Google and Apple pitch in

Table of Contents Table of Contents What is the solution? What’s the technology pipeline? Why does this approach matter?

The most successful digital scam is one that is tied to convenience. QR codes, which are used for everything from sharing contacts to making payments, are an ideal vector. In India, which runs the world’s largest digital payment system, QR code scams have become a regular nuisance.

I regularly hear from retail shop owners and cab drivers about how they were duped using a fake QR code or app, and similar is the tale of online shoppers. Parking lot QR scams are also rampant in the US and UK, but stealing a few dollars is not the only risk.

It’s the theft of sensitive data, including financial details, that has even put banking giants on alert. “If you scanned the QR code and entered your credentials, like your username and password, into a website, change your password right away,” the US Federal Trade Commission expressed in an alert note barely a couple of weeks ago.

The Swiss national security agency has also issued a warning about bad actors sending physical QR codes via mail to the doorsteps to steal passwords, a heist that is commonly known as quishing, short for QR phishing. Of course, we can’t nuke the QR tech stack over such risks, except for raising awareness, but we finally might have a solution from the experts at the University of Rochester.

The technology in question is a self-authenticating dual-modulated QR (SDMQR) code. It stops the potential for scams before customers are even taken to a fake website or fraudulent web repository, by flagging the risk as soon as the code is scanned. But before we get into the technical details, let me break down the biggest advantages of this secure path to QR code technology:

It is self-authenticating, which means the QR code already has the verified digital signature of the entity behind it, which is verified every time you scan it on your phone. Aside from taking customers to websites, they can also be used for payments and encoding secure information, among other related scenarios. The QR code verification happens on-device. You don’t need an internet connection to check if it’s legitimate or fraudulent. It does not require any specialized app or software upgrade for existing QR code scanning apps. The system does not create any unwanted operational delay or latency. These secure QR codes can be customized to fit the design requirements, without hampering their safeguards. It doesn’t need a high-resolution smartphone camera to work. The one in your pocket will do just fine at scanning SDMQR codes. These QR codes can also have colors, so brands can get them customized for advanced identity recognition. Existing machines that read QR codes can also read SDMQR codes, with a warning system in tow.

The best part about this approach is that an average user won’t have to go through any technical hoops to protect their interest. For companies that rely on QR codes and want to protect their business, they simply have to register their official website’s URL and embed their signature in the code.

SDQMR codes look different than traditional QR codes. Instead of the mainstream pixel-style block imprint, they make use of ellipses. The team behind the tech stack has filed a patent and has already secured a National Science Foundation I-Corps grant to explore the replacement of traditional bar codes with SDMQR codes.

Going a step further, the team is also exploring whether using colors can make these codes more versatile. With versatility, they mean using the same QR code to guide people in up to three different directions, or web destinations.

“SDMQR codes offer proactive front-end protection against quishing before the link is even accessed,” says the research paper & Privacy Journal. As mentioned above, we are simply talking about a retrofit, and not a framework that would turn the whole QR ecosystem upside down.

The whole process relies on two components. A primary message (such as the URL of a business) and a corresponding cryptographic signature of that message. This cryptographic signature is generated and owned by a business in possession of a digital private key. A DMQR encoder embeds the primary and secondary messages into the SDMQR code.

If you look at the code, you will notice elliptical patterns in black and white. As per the researchers, the variation patterns hide the primary message, while the orientation data carries the secondary message.

Once the code is scanned on a phone, a DMQR decoder breaks down the primary and secondary messages for verification. At this stage, the public key of the business (which created the code) performs algorithmic verification to check whether the cryptographic secondary message matches the contents of the unencrypted primary message.

Think of it as a two-stage secret handshake between spy agents.

The biggest challenge is not the tech stack, but creating a centralized system where all businesses can come together and perform the necessary registration to create unique SDMQR codes. The idea is to create a public key for these legitimate entities, which is also the only thing an SDMQR code reader requires.

This is where makers of smartphone operating systems — aka Google and Apple — can help create a safer future. Their participation as central signatories would mean a smartphone or tablet would only require their two public keys for quickly authenticating SDMQR codes.

Since they offer built-in QR code scanning frameworks for iOS and Android, using them as central signatories is the best way forward. On a technical level, their participation would dramatically ease the verification process as SDMQR code readers would only need to store just two public keys and get the job done.

A healthy few technical proposals have appeared in the past few years to fix the problem of QR code scams, but they all arrived with their fair share of limitations. The SDMQR system solves a few key fundamental hurdles to ease the adoption without any technical hassles.

It takes a transparent approach to self-authentication and doesn’t require any software improvement to the QR code reader apps installed on a person’s phone. They will work just fine with regular QR and the more secure SDMQR codes.

Otherwise, tasking developers or OS-makers to deploy an ecosystem-wide synchronized revision would not only be a massive challenge, but also take its own sweet time. Further enhancing the convenience for adopters is the single central signatory system, which requires only one key for verification. And the best part is that smartphone consumers won’t even require an internet connection for the verification protocols to jump into action.

Previous efforts to build secure QR code systems put their faith in cryptographic keys for QR code generators in order to authenticate the identity. A few other ideas involved individual public-private key pairs, which means a user’s mobile device was expected to carry (or have locally saved) the public keys for all the parties that signed up for creating secure codes for authentication and identity verification.

“Using our proposed protocol, mobile devices can determine whether the information is deemed authentic by the signatory, immediately on the mobile device itself,” says the team in the research paper.

Another advantage is that the inherent dual-modulating tech can also be applied to bar codes, which means even codes that are used for airline boarding passes and courier pcackage can take advantage of the framework.

The biggest beneficiary of SDMQR codes would be banking institutions. Researchers argue that their deployment in parking payment systems can reliably protect individuals from being targeted by QR-based phishing attacks as well as financial losses.

The latter aspect also applies to all scenarios where people often run into QR codes plastered in public places. That includes Wi-Fi access, opening a restaurant’s menu, and relaying a business location, among others. Wi-Fi jacking is a well-known threat that quickly spirals into utter chaos for an average user, so any solution to plug that vulnerability should find mass adoption.

The ball is now in Google and Apple’s backyard. They already provide the OS-level software sauce for decoding QR and bar codes. All they need to do is vet and implement support for the new SDMQR framework, and guard the interests of smartphone individuals across the world.

Table of Contents Table of Contents Swave’s HXR display What’s a holographic display? Swave HXR in AR glasses Swave HXR in 2026? Alternatives for 2025......

Erstmals gibt es Gerüchte, dass AMD eine Variante der Radeon RX 9070 XT plant, die mit 32 GB einen doppelt so großen Videospeicher besitzt. Diese Vers......

Editor's take: It's amazing how we practically can't avoid ads anywhere we go. The entire streaming industry was built upon people tired of being goug......

NIS2: the GDPR of cybersecurity

Just 30% of EU member states have nationally implemented The Network and Information Security Directive (NIS2). While this is not unusual given that attention is divided among NIS2, the Digital Operations Resilience Act (DORA), and the European Cyber Resilience Act (CRA), target deadlines are being missed. This puts businesses on the back foot and risks falling even further behind the adoption curve.

Although businesses in the UK are not obligated to comply with these regulations, those with EU-based clients or those that make up part of EU supply chains will come under its thumb.

Mitun Zavery Social Links Navigation Vice President of Solution Architecture at Sonatype.

The driver for this legislation is clear. Recent high-profile cyber incidents have caused major disruption — like the cyberattack on the NHS, the CrowdStrike outage, and the SolarWinds fiasco. As society increases its dependency on software, software developers increasingly rely on open source to ship new products quickly. Open source makes up 90% of modern software, with consumption reaching a staggering [website] trillion downloads in 2024. Cyber resilience must improve commensurately to meet software consumption.

NIS2 introduces stringent cybersecurity reporting standards across banking, manufacturing, and public administration. UK businesses working with EU partners are already being asked to meet these standards and contracts are being rewritten to demand adherence to NIS2 standards to protect shared systems and data. Remember that the rising tide lifts all boats.

Under the NIS2 directive, companies have 24 hours to research major cybersecurity incidents, with updates due within 72 hours and a final research needed in 30 days. They must also implement and document policies, from vulnerability monitoring to information security training, which exceeds previous requirements.

Software supply chain security has become a major target for bad actors, with open source malware, or malicious packages living in open source repositories, surging 156% in 2024. Bad actors often target third-party vendors as a gateway into larger organizations, proverbially killing several birds with one stone. Recent high-profile incidents show that their methods are becoming more sophisticated.

One such example is the April 2024 attack on the open source XZ Utils compression tool, where a bad actor posed as a legitimate contributor for two years, embedding malicious code that, if undiscovered, could have caused widespread global disruption.

NIS2 has been introduced specifically to combat these occurrences by imparting personal responsibility for cybersecurity to businesses themselves. Rather than being able to skirt accountability by blaming incidents on suppliers, companies are now personally liable for their cybersecurity. This development is sorely needed, as the rate of software consumption dwarfs the rate at which components are observed and tracked, and that gap is only widening. In the past 12 months, only 60,000 Software Bills of Materials (SBOMs) were .9 million new open source components released. This gulf is a ticking time bomb, with businesses facing no-fault liability and harsh financial penalties.

When we think of software, we think of it as one system. The reality is that all software is an interdependent mesh of open and closed source components, and one weak link can be disastrous. On average, each application contains 180 components, with repeated updates, patches, and multiple versions. It's impossible to track every single change manually. Automation and proper tooling are needed to keep up with the pace of consumption that modern software development demands.

If just one component is compromised, the ripple effect can be devastating. This is precisely why regulations are coming thick and fast to identify and remedy the weakest links in software supply chains.

UK businesses, while not directly under NIS2, should be mindful of its implications. Even though the EU is the first to draw a line in the sand on this issue, it will not be the last. Businesses stand to benefit by being proactive rather than reactive. Preparing for the upcoming CRA Bill helps companies stay competitive amid the changing legislative landscape.

The risk of being the weakest link far outweighs the compliance challenges, as protecting partners from costly cybersecurity incidents, compliance failures, and reputational damage safeguards a corporation's long-term resilience and, ultimately, its bottom line.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: [website].

Serving tech enthusiasts for over 25 years.TechSpot means tech analysis and advice you can trust.

Death from above: A new study warns that the risk of......

US-Vizepräsident JD Vance erklärte beim Paris AI Summit, dass die leistungsstärksten AI-Chips in Zukunft in den USA gefertigt werden sollen. Daraufhin......

Researchers find a faster way to etch deep holes for 3D NAND.

Plasma-based cryo-etching technique doubles etch speed, improving efficiency.