/2023

How a tiny Pacific Island became the global capital of cybercrime
▻https://www.technologyreview.com/2023/11/02/1082798/tiny-pacific-island-global-capital-cybercrime

2.11.2023 by Jacob Juda - Despite having a population of just 1,400, until recently, Tokelau’s .tk domain had more users than any other country. Here’s why.

Tokelau, a necklace of three isolated atolls strung out across the Pacific, is so remote that it was the last place on Earth to be connected to the telephone—only in 1997.

Just three years later, the islands received a fax with an unlikely business proposal that would change everything.
Advertisement

It was from an early internet entrepreneur from Amsterdam, named Joost Zuurbier. He wanted to manage Tokelau’s country-code top-level domain, or ccTLD—the short string of characters that is tacked onto the end of a URL.

Up until that moment, Tokelau, formally a territory of New Zealand, didn’t even know it had been assigned a ccTLD. “We discovered the .tk,” remembered Aukusitino Vitale, who at the time was general manager of Teletok, Tokelau’s sole telecom operator.

Zuurbier said “that he would pay Tokelau a certain amount of money and that Tokelau would allow the domain for his use,” remembers Vitale. It was all a bit of a surprise—but striking a deal with Zuurbier felt like a win-win for Tokelau, which lacked the resources to run its own domain. In the model pioneered by Zuurbier and his company, now named Freenom, users could register a free domain name for a year, in exchange for having advertisements hosted on their websites. If they wanted to get rid of ads, or to keep their website active in the long term, they could pay a fee.

In the succeeding years, tiny Tokelau became an unlikely internet giant—but not in the way it may have hoped. Until recently, its .tk domain had more users than any other country’s: a staggering 25 million. But there has been and still is only one website actually from Tokelau that is registered with the domain: the page for Teletok. Nearly all the others that have used .tk have been spammers, phishers, and cybercriminals.

Everyone online has come across a .tk––even if they didn’t realize it. Because .tk addresses were offered for free, unlike most others, Tokelau quickly became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could be weaponized against internet users. Scammers began using .tk websites to do everything from harvesting passwords and payment information to displaying pop-up ads or delivering malware.
a proliferation of .Tk emails with faces crying exclamation point tears

Many experts say that this was inevitable. “The model of giving out free domains just doesn’t work,” says John Levine, a leading expert on cybercrime. “Criminals will take the free ones, throw it away, and take more free ones.”

Tokelau, which for years was at best only vaguely aware of what was going on with .tk, has ended up tarnished. In tech-savvy circles, many painted Tokelauans with the same brush as their domain’s users or suggested that they were earning handsomely from the .tk disaster. It is hard to quantify the long-term damage to Tokelau, but reputations have an outsize effect for tiny island nations, where even a few thousand dollars’ worth of investment can go far. Now the territory is desperately trying to shake its reputation as the global capital of spam and to finally clean up .tk. Its international standing, and even its sovereignty, may depend on it.
Meeting modernity

To understand how we got here, you have to go back to the chaotic early years of the internet. In the late ’90s, Tokelau became the second-smallest place to be assigned a domain by the Internet Corporation for Assigned Names and Numbers, or ICANN, a group tasked with maintaining the global internet.

These domains are the address books that make the internet navigable to its users. While you can create a website without registering a domain name for it, it would be like building a house without an easily findable postal address. Many domains are familiar. The UK has .uk, France .fr, and New Zealand .nz. There are also domains that are not tied to specific countries, such as .com and .net.

Most countries’ domains are run by low-profile foundations, government agencies, or domestic telecom companies, which usually charge a few dollars to register a domain name. They usually also require some information about who is registering and keep tabs to prevent abuse.

But Tokelau, with just 1,400 inhabitants, had a problem: it simply didn’t have the money or know-how to run its own domain, explains Tealofi Enosa, who was the head of Teletok for a decade before stepping down in July 2023. “It would not be easy for Tokelau to try and manage or build the local infrastructure,” Enosa says. “The best arrangement is for someone else from outside to manage it, trade it, and bring in money from it.”

This is precisely what Zuurbier, the businessman from Amsterdam, wanted to do.

Zuurbier had come across Tokelau while chasing the internet’s next big idea. He was convinced that just as people had adopted free email addresses by the millions, the natural next step was for them to have their own free websites. Zuurbier intended to put advertisements on those sites, which could be removed for a small fee. All he needed to turn this billion-dollar idea into reality was a place with a ccTLD that had not yet found a registrar.

Tokelau—the last corner of the British Empire to be informed about the outbreak of World War I, where regular shortwave radio wasn’t available until the ’70s and most people were yet to even see a website—was the perfect partner.

Representatives from Tokelau and Zuurbier met in Hawaii in 2001 and put pen to paper on a deal. Quickly, .tk domain names began to pop up as people took advantage of the opportunity to create websites for free. He still had to convince ICANN, which oversees the domain name system, that Tokelau couldn’t host its own servers—one of the criteria for ccTLDs. But Tokelau—which switched off its power at midnight—would still need a reliable internet connection to keep in touch. In 2003 Zuurbier took a grueling 36-hour boat ride from Samoa to Tokelau to install internet routers that he had bought for $50 on eBay.

Gone was the unreliable dial-up. Tokelau had met modernity. “He provided all the equipment, got all the three atolls connected up, and then he also provided some funding which I used to share with the community,” says Vitale, who established internet cafés that could be used for free by anybody from Tokelau’s four hamlets.

For the first time, thousands of Tokelauans in New Zealand were able to easily connect with home. “What was important for Tokelau was that we were getting some money that could help the villages,” says Vitale. Many of the initial sign-ups on .tk were completely innocuous individuals wanting to blog about thoughts and holidays, as well as gaming communities and small businesses.

In an attempt to protect its forests and famous wildlife, Virunga has become the first national park to run a Bitcoin mine. But some are wondering what the hell crypto has to do with conservation.

Zuurbier sent Teletok regular reports about .tk’s growth, and they indicated that the free-domain model was working better than anybody expected. Tiny Tokelau, which was being paid a small cut of the profits Zuurbier was making, was going global.

“We were hearing how successful .tk was. We were bigger than China,” says Vitale. “We were surprised, but we didn’t know what it meant for Tokelau. What was more meaningful at the time was that we were getting money to help the villages. We didn’t know about the other side of it then.”

As the decade wore on, however, it looked to Vitale as if things were beginning to blow off course. “We went in blind,” he says. “We didn’t know how popular it would be.”
Things fall apart

It took until the late 2000s for Vitale to realize that something had gone badly wrong. After problems first arose, Zuurbier invited ministers and advisors from Tokelau to the Netherlands, paid for their flights, and explained the business’s nuts and bolts in an effort to reassure them. They went to watch Samoa play at the Rugby World Cup in France.

“He [Zuurbier] appeared to be a really nice person,” Vitale remembers. “There was all this nice stuff that felt homely, warm fuzzies.” .Tk had hit the milestone of 1 million domain users.

But soon after this trip, he says, Zuurbier started falling behind on scheduled payments to Tokelau worth hundreds of thousands of dollars. (MIT Technology Review requested an interview with Zuurbier. He initially accepted but subsequently did not answer the phone or respond to messages.)

Meanwhile, Vitale had begun receiving complaints from concerned members of the “internet community.” He and his peers started to become aware that criminals and other questionable figures had cottoned onto the benefits that registering free domains could bring—providing an almost unlimited supply of websites that could be registered with virtual anonymity.

“It was obvious from the start that this was not going to turn out well,” says Levine, coauthor of The Internet for Dummies. “The only people who want those domains are crooks.”

Levine says that .tk had started attracting unsavory characters almost immediately. “The cost of the domain name is tiny compared to everything else that you need to do [to set up a website], so unless you’re doing something weird that actually needs lots of domains—which usually means criminals—then the actual value in free domains is insignificant,” he says.

What started as techies complaining to Vitale about spamming, malware, and phishing on .tk domains soon turned into more worrisome complaints from the New Zealand administrator tasked with overseeing Tokelau, asking him whether he was aware of who .tk’s users were. Allegations surfaced that .tk websites were being used for pornography. Researchers had found jihadists and the Ku Klux Klan registering .tk websites to promote extremism. Chinese state-backed hackers had been found using .tk websites for espionage campaigns.

“Satanic stuff” is how Vitale describes it: “There were some activities that were not really aligned with our culture and our Christianity, so that didn’t work very well for Tokelau.” With Zuurbier not replying to worried emails, Vitale moved to unplug him. He opened negotiations with Internet NZ, the registry that runs New Zealand’s squeaky-clean domain, about how Tokelau might be able to wiggle out of its arrangement. He didn’t manage to get an answer before he moved on from Teletok.

His successor, Enosa, tried to set the relationship on a new footing and signed new deals with Zuurbier on the understanding that he would clean up .tk. However, that never happened. One of Enosa’s final acts as general manager at Teletok, in the summer of 2023, was to reopen negotiations with Internet NZ about how Tokelau might be able to extricate itself from the deal once and for all.

Meanwhile, most of Tokelau’s residents weren’t even aware of what was happening. Elena Pasilio, a journalist, saw firsthand how much this was hurting her home. When she was studying in New Zealand a few years ago, people—knowing that she was Tokelauan—started to tag her on social media posts complaining about .tk.

At first, she felt confused; it took time before she even realized that .tk meant Tokelau. “I was really surprised by how many users it had, but then I realized that a lot of people were using .tk to make dodgy websites, and then I felt embarrassed. I was embarrassed because it had our name on it,” Pasilio explains. “It has got our name tangled up there with crimes that people here would not even begin to understand.”

There is a sense from both Vitale and Enosa that Zuurbier cared little as Tokelau’s reputation was dragged through the mud. “I would argue with Joost,” Enosa says, adding that he would remind him he was the custodian for a legal asset that belonged to Tokelau alone. According to Enosa, he would shoot back: “I built this infrastructure from my own pocket. I spent millions of dollars building it. Do you think that was easy? Do you think that Tokelau can build this kind of infrastructure itself?”
Advertisement

“I said: ‘Okay. Understood,’” Enosa recalls. “I understood how a white man looks at it. You know? This is how white men look at things. I understand that.”
Digital colonialism

What has happened to Tokelau is not unique. The domains of small islands across the Pacific are cited in numerous stories either celebrating dumb luck or complaining of massive abuse.

Tuvalu has managed to turn .tv into approximately 10% of its annual GDP. Micronesia’s .fm has been pushed heavily at radio stations and podcasters. Tonga’s .to has been favored by torrent and illegal streaming websites. Anguilla, in the Caribbean, is heavily marketing its .ai at technology startups.

But these success stories seem to be the exception. In 2016, the Anti-Phishing Working Group found that alongside .tk and .com, the Australian Cocos Islands (.cc) and Palau (.pw) together represented 75% of all malicious domain registrations. They had been flooded by phishers attacking Chinese financial institutions. The Cocos Islands made headlines in Australia when websites allegedly hosting child sexual abuse images were recently found on its domain.

Those domains whose names—by linguistic luck—seemed to mean something tended to attract better managers. Sharks seem to have circled around those that did not, or had a market that was less clear.

While the abuse of Pacific Islands’ domains has waxed and waned over the years, the islands’ tiny size means that even small associations with crime can have damaging consequences.

“There is a problem in Polynesia,” says Pär Brumark, a Swede who represents the Pacific island of Niue abroad. “You had these internet cowboys running around taking domains everywhere.”

Niue lost control over the domain .nu after it was “stolen” by an American in the late 1990s, Brumark says. Its management was given to the Swedish Internet Foundation—which manages Sweden’s native .se—in a “shady deal” in 2013, he claims. .Nu has been wildly popular in Sweden, as it translates directly to “now.” Niue, which is also linked to New Zealand, is now fighting a David-versus-Goliath battle in the Swedish courts. It is seeking as much as $20 million in lost revenue—almost one year’s worth of Niue’s annual GDP.
Advertisement

“Digital colonialism,” claims Brumark. “They exploit resources from another country without giving anything back. They have never spoken to the government. They have no permissions. They exploit. Colonialism to me is if you take resources from a country that you do not have the permission to take.”

But now there may finally be some accountability—at least in the case of Zuurbier.

In December 2022, courts in the Netherlands found in favor of an investor suing Freenom, the company that managed .tk and four other domains—those of Gabon, Equatorial Guinea, the Central African Republic, and Mali—that were subsequently added to the model it pioneered. The courts found that Freenom had fallen foul of various reporting rules and appointed a supervisory director.
Related Story
crypto city planner concept
Crypto millionaires are pouring money into Central America to build their own cities

A new class of crypto investors have bold plans to rebuild society from scratch. But their pet projects risk repeating the region’s long history of corporate colonialism.

And in March of this year, Meta, which owns Facebook, Instagram, and WhatsApp, also sued Freenom for damages, claiming that sites hosted on .tk and the four African domains were engaging in cybersquatting, phishing, and trademark infringement. Meta provided examples of websites that appeared to be registered at .tk with the express purpose of deceiving users, such as faceb00k.tk, whatsaap.tk, Instaqram.tk.

In an interview with the Dutch newspaper NRC, Zuurbier denied Meta’s allegations about the “proliferation of cybercrime.” But the Cybercrime Information Center recently reported that “in past years Freenom domains were used for 14% of all phishing attacks worldwide, and Freenom was responsible for 60% of the phishing domains reported in all the ccTLDs in November 2022.” Zuurbier says that Freenom distributed to over 90 trusted organizations, including Meta, an API that allowed them to take down offending sites and that Meta itself failed to continue using it. But many in the tech industry resent what they see as Freenom shifting the cost of policing its domains onto others.

As of January 2023, it is no longer possible to register a .tk domain. All four African countries—many thousands of times larger than Tokelau—have broken ties with Freenom. Tokelau, which did not seem aware that there were other countries in the same boat, is still trying to figure out what to do next.

It now looks as if Freenom is essentially finished as a company. But Enosa doesn’t believe that’ll stop Zuurbier from pursuing more shady schemes. “Joost always wins,” he says.
Shifting tactics

Without access to the unlimited pool of free domain names that were available through .tk and the four other Freenom ccTLDs, many cybercrime groups that relied on them are being forced to adapt. Certain scattergun approaches to spamming and phishing are likely to go out of fashion. “Spammers are fairly rational,” explains Levine, the spam expert. “If the spam is cheap and the domains are free, they can afford to send out a lot of spam even though the likelihood of response is lower. If they actually have to pay for the domains, then they are likely to make it a lot more targeted.”
Advertisement

“Bad things online require a domain name at some point,” says Carel Bitter, head of data at the Spamhaus Project, which tracks malicious activities online. “You need people to go somewhere to fill in their account details. If you can’t get domains for free, you will have to get them somewhere else.” Analysts have noted upticks in malicious use of cheap “new” generic TLDs such as .xyz, .top, and .live, whose reputations have been wrecked by dodgy dealers.

While other domains may only cost $1, a drop in the ocean for the largest gangs, the fact that they now need to be purchased may limit the damage, says Bitter: “Any cybercrime business that relies on domain names will have some sort of natural limit that determines how much they can spend on domain names.” Others, though, may seek to compromise existing websites with low security.

It is likely that “basement” operations—so-called “ankle-biters”—will feel the biggest pinch. “What is possible is that the guys that are just doing it as a dabble won’t want to put the money up, but the professionals are not going away,” says Dave Piscitello, director of research activity at the Cybercrime Information Center. “They will go elsewhere. If you are staging a revolution and the cost of a Kalashnikov goes from $150 to $250, you aren’t going to say ‘Forget it.’ It is the business.”
An existential issue

The media sometimes reports that Tokelau makes millions from the use of .tk. Zuurbier himself claims on his LinkedIn that his relationship with Tokelau adds over 10% to the atolls’ GDP.

“Bullshit,” says Enosa when asked. “That’s a lie.”

Enosa claims that .tk provided a “very small” proportion of Teletok’s income: “It doesn’t give us good money. .Tk was nothing to my revenue.”

While the arrival of the internet on Tokelau promised to zip information across the Pacific instantaneously, the islands have remained isolated. Even while I was reporting this story, it took weeks to get in touch with Pasilio and other sources there. Interviews were repeatedly delayed because of the price of data packages. Internet in Tokelau is among the most expensive in the world, and NZ$100 (US$60) worth of data can sometimes last only 24 hours at a time. Phone calls to Tokelau from Europe did not connect.

“I feel sorry for our Tokelau,” Pasilio says. “We have been taken advantage of. I think people would be shocked if they knew what had been going on with .Tk.”
Advertisement

Even many Tokelau elders had not fully understood the problem, at least until recently.

There are other, arguably more existential problems the islands need to deal with, including climate change, emigration, and the atolls’ future relationship with New Zealand. “Our islands are already shrinking as it is, with the sea levels rising,” says Pasilio. She says her father tells her about reefs and sand banks that have sunk beneath the Pacific. “They would rather worry about things that they can see physically and that they know more about, rather than fighting back on this .Tk thing,” she says.

But the issue of the abused .tk domain was recently raised in the General Fono, or Parliament, indicating that the issue had finally broken out of its technical niche and into the wider public.

Those existential issues facing the islands are not wholly unrelated to .tk. Questions over the future of the domain have arisen at the same time that a debate over Tokelau’s political future has been revived.

Tokelau is classified by the United Nations as a “non-self-governing territory” under the oversight of the Special Committee on Decolonization. In 2006 and 2007, referenda on whether Tokelau would enter “free association” with New Zealand—a possible stepping stone toward eventual independence—was approved, but not enough of Tokelau’s population voted to meet the turnout threshold. In May 2022, it was decided that another referendum on Tokelau’s future would be held ahead of the centenary of New Zealand rule in 2025.

Repairing Tokelau’s devastated international reputation by cleaning up .tk will be a necessity if the atolls are to make any serious bid for sovereignty. Vitale is now the general manager of Tokelau’s government and wants to see its internet domain make a triumphant return to make it clear that the islands are turning a new page.

“We are building nationhood here,” he explains. “We are on a pathway toward self-determination. We want to use the .tk as a catalyst to promote our nationhood and be proud of it—our domain name and our identity among the internet community.”

All of Tokelau’s email and website addresses are currently hosted on New Zealand’s .nz. “What does that mean to people? It means that we are in New Zealand,” says Vitale with a sigh. “We should be selling ourselves as being in Tokelau, because .tk is the domain—the identity—for Tokelau.”

“When you have people coming to knock on your door with attractive packages,” he adds, “you see it as an opportunity you hook onto—not realizing what the consequences will be further down the road.”

Correction: This story has been updated post-publication as the previous version incorrectly stated that Antigua was the Carribean island with the .ai domain. It is in fact Anguilla. Our apologies.

#Tokelau #Pays-Bas #Nouvelle-Zélande #internet

Inside the quest to engineer climate-saving “super trees” | MIT Technology Review
▻https://www.technologyreview.com/2023/06/08/1074287/inside-the-quest-to-engineer-climate-saving-super-trees

https://wp.technologyreview.com/wp-content/uploads/2023/05/nature101-hires-2404.jpeg?resize=1200,600

On ne sait pas comment ça fonctionne... mais on va quand même planter des arbre génétiquement modifiés au bord de forêts !
L’hubris scientifique ou la hype technologique... en tout cas un bon marché à court terme, la société gèrera les problèmes à long terme s’ils adviennent.
Et pendant ce temps là on continue à déboiser, à mal gérer les forêts et à détruire le cycle de l’eau.

At Living Carbon, Mellor is trying to design trees that grow faster and grab more carbon than their natural peers, as well as trees that resist rot, keeping that carbon out of the atmosphere. In February, less than four years after he co-founded it, the company made headlines by planting its first “photosynthesis-enhanced” poplar trees in a strip of bottomland forests in Georgia.

This is a breakthrough, clearly: it’s the first forest in the United States that contains genetically engineered trees. But there’s still much we don’t know. How will these trees affect the rest of the forest? How far will their genes spread? And how good are they, really, at pulling more carbon from the atmosphere?

Living Carbon has already sold carbon credits for its new forest to individual consumers interested in paying to offset some of their own greenhouse gas emissions. They’re working with larger companies, to which they plan to deliver credits in the coming years. But academics who study forest health and tree photosynthesis question whether the trees will be able to absorb as much carbon as advertised.

Even Steve Strauss, a prominent tree geneticist at Oregon State University who briefly served on Living Carbon’s scientific advisory board and is conducting field trials for the company, told me in the days before the first planting that the trees might not grow as well as natural poplars. “I’m kind of a little conflicted,” he said, “that they’re going ahead with this—all the public relations and the financing—on something that we don’t know if it works.”

“One of the things that concerns me is [Living Carbon is] just focusing on carbon acquisition,” says Marjorie Lundgren, a researcher at Lancaster University in the UK who has studied tree species with natural adaptations leading to increased photosynthetic efficiency. She notes that trees need more than just carbon and sunlight to grow; they need water and nitrogen, too. “The reason they have such a high growth rate is because in the lab, you can just super-baby them—you can give them lots of water and fertilizer and everything they need,” she says. “Unless you put resources in, which is time and money, and not great for the environment, either, then you’re not going to have those same outcomes.”

Living Carbon’s paper acknowledges as much, citing nitrogen as a potential challenge and noting that how the trees move carbon may become a limiting factor. The extra sugars produced through what the company calls “enhanced photosynthesis” must be transported to the right places, something trees haven’t typically evolved to do.

Et bien évidemment cela marche sur l’arnaque aux crédits carbone

Living Carbon funds its plantings—and makes its profits—by selling credits for the extra carbon the trees absorb. Currently, the company is offering “pre-purchases,” in which companies make a commitment to buy a future credit, paying a small portion of the fee up front to help Living Carbon survive long enough to deliver results.

New research shows that California’s climate policy created up to 39 million carbon credits that aren’t achieving real carbon savings. But companies can buy these forest offsets to justify polluting more anyway.

The company has found that these buyers are more interested in projects with ecosystem benefits, which is why the first project, in Georgia, has become an outlier. There has been a subsequent planting in Ohio; this and all currently planned plantings are not near sawmills or in active timber harvesting regions. Thus, the company does not expect those trees to be harvested.

Wherever they plant trees—whether atop an old minefield or in a timber-producing forest—Living Carbon will pay the landowner an annual per-acre fee and cover the cost of plant site preparation and planting. At the end of the contract, after 30 or 40 years, the landowner can do whatever they want with the trees. If the trees grow as well as is hoped, Living Carbon assumes that even on timber land, their size would mean they’d be turned into “long-duration wood products,” like lumber for construction, rather than shredded to make pulp or paper.

Until recently, Living Carbon was also selling small-scale credits to individual consumers. When we spoke in February, Mellor pointed me toward Patch, a software company with a carbon-credit sales platform. The Georgia project was marketed there as “biotech-enhanced reforestation.” The credits were offered as a monthly subscription, at a price of $40 per metric ton of carbon removed.

When I pressed Mellor for details about how the company calculated this price, given the lack of any solid data on the trees’ performance, he told me something the company had not acknowledged in any public-facing documentation: 95% of the saplings at the Georgia site were not photosynthesis-enhanced. The GE poplar trees were planted in randomized experimental plots, with controls for comparison, and contribute only a small amount to the site’s projected carbon savings. Despite the advertising, then, customers were really paying for a traditional reforestation project with a small experiment tucked inside.

#OGM #Arbres #Hubris #Mais_quelle_bande_de_cons

Making an image with generative AI uses as much energy as charging your phone | MIT Technology Review
▻https://www.technologyreview.com/2023/12/01/1084189/making-an-image-with-generative-ai-uses-as-much-energy-as-charging

https://wp.technologyreview.com/wp-content/uploads/2023/11/AI-energyimpact1b.jpg?resize=1200,600

This is the first time the carbon emissions caused by using an AI model for different tasks have been calculated.

(selon une #étude_récente qui pour une fois n’a pas l’air d’une #étude_à_la_con)

Deepfakes of Chinese influencers are livestreaming 24/7 | MIT Technology Review
▻https://www.technologyreview.com/2023/09/19/1079832/chinese-ecommerce-deepfakes-livestream-influencers-ai

https://wp.technologyreview.com/wp-content/uploads/2023/09/vlcsnap-2023-09-18-12h55m27s732.png?resize=1200,600

Scroll through the livestreaming videos at 4 a.m. on Taobao, China’s most popular e-commerce platform, and you’ll find it weirdly busy. While most people are fast asleep, there are still many diligent streamers presenting products to the cameras and offering discounts in the wee hours.

But if you take a closer look, you may notice that many of these livestream influencers seem slightly robotic. The movement of their lips largely matches what they are saying, but there are always moments when it looks unnatural.

These streamers are not real: they are AI-generated clones of the real streamers. As technologies that create realistic avatars, voices, and movements get more sophisticated and affordable, the popularity of these deepfakes has exploded across China’s e-commerce streaming platforms.

Today, livestreaming is the dominant marketing channel for traditional and digital brands in China. Influencers on Taobao, Douyin, Kuaishou, or other platforms can broker massive deals in a few hours. The top names can sell more than a billion dollars’ worth of goods in one night and gain royalty status just like big movie stars. But at the same time, training livestream hosts, retaining them, and figuring out the technical details of broadcasting comes with a significant cost for smaller brands. It’s much cheaper to automate the job.

The technology has mostly been known for its problematic use in revenge porn, identity scams, and political misinformation. While there have been attempts to commercialize it in more innocuous ways, it has always remained a novelty. But now, Chinese AI companies have found a new use case that seems to be going quite well.

Back then, Silicon Intelligence needed 30 minutes of training videos to generate a digital clone that could speak and act like a human. The next year, it was 10 minutes, then three, and now only one minute of video is needed.

And as the tech has improved, the service has gotten cheaper too. Generating a basic AI clone now costs a customer about 8,000 RMB ($1,100). If the client wants to create a more complicated and capable streamer, the price can go up to several thousands of dollars. Other than the generation, that fee also covers a year of maintenance.

Once the avatar is generated, its mouth and body move in time with the scripted audio. While the scripts were once pre-written by humans, companies are now using large language models to generate them too.

Now, all the human workers have to do is input basic information such as the name and price of the product being sold, proofread the generated script, and watch the digital influencer go live. A more advanced version of the technology can spot live comments and find matching answers in its database to answer in real time, so it looks as if the AI streamer is actively communicating with the audience. It can even adjust its marketing strategy based on the number of viewers, Sima says.

These livestream AI clones are trained on the common scripts and gestures seen in e-commerce videos, says Huang Wei, the director of virtual influencer livestreaming business at the Chinese AI company Xiaoice. The company has a database of nearly a hundred pre-designed movements.

“For example, [when human streamers say] ‘Welcome to my livestream channel. Move your fingers and hit the follow button,’ they are definitely pointing their finger upward, because that’s where the ‘Follow’ button is on the screen of most mobile livestream apps,” says Huang. Similarly, when streamers introduce a new product, they point down—to the shopping cart, where viewers can find all products. Xiaoice’s AI streamers replicate all these common tricks. “We want to make sure the spoken language and the body language are matching. You don’t want it to be talking about the Follow button while it’s clapping its hands. That would look weird,” she says.

Spun off from Microsoft Software Technology Center Asia in 2020, Xiaoice has always been focused on creating more human-like AI, particularly avatars that are capable of showing emotions. “Traditional e-commerce sites just feel like a shelf of goods to most customers. It’s cold. In livestreaming, there is more emotional connection between the host and the viewers, and they can introduce the products better,” Huang says.

After piloting with a few clients last year, Xiaoice officially launched its service of generating under-$1,000 digital clones this year; like Silicon Intelligence, Xiaoice only needs human streamers to provide a one-minute video of themselves.

And like its competitors, Xiaoice clients can spend more to fine-tune the details. For example, Liu Jianhong, a Chinese sports announcer, made an exquisite clone of himself during the 2022 FIFA World Cup to read out the match results and other relevant news on Douyin.

A cheap replacement for human streamers

These generated streamers won’t be able to beat the star e-commerce influencers, Huang says, but they are good enough to replace mid-tier ones. Human creators, including those who used their videos to train their AI clones, are already feeling the squeeze from their digital rivals to some extent. It’s harder to get a job as an e-commerce livestream host this year, and the average salary for livestream hosts in China went down 20% compared to 2022, according to the analytics firm iiMedia Research.

But the potential for companies to complement human work by keeping the livestream going during the hours when fewer people are watching means it’s hard to justify the cost of hiring real streamers.

That’s already happening. In the post-midnight hours, many of the streaming channels on popular e-commerce platforms like Taobao and JD feature these AI-generated streamers.

Previous examples have shown that deepfake technologies don’t need to be perfect to deceive viewers. In 2020, a scammer posed as a famous Chinese actor with the aid of crude face-swapping tools and still managed to get thousands of dollars from unsuspecting women who fell in love with his videos.

“If a company hires 10 livestream hosts, their skill levels are going to vary. Maybe two or three streamers at the top would contribute to 70% to 80% of the total sales,” says Chen Dan, the CEO of Quantum Planet AI, a company that packages technologies like Xiaoice’s and sells them to corporate clients. “A virtual livestream host can replace the rest—six or seven streamers that contribute less and have lower ROI [return on investment] rates. And the costs would come down significantly.”

Chen says he has witnessed a lot more interest from brands in AI streamers this year, partly because everyone is looking to “降本增效”—lower costs and improve efficiency, the new buzzword among Chinese tech companies as the domestic economy slows down.

Chen has over 100 clients using Xiaoice’s service now, and these virtual streamers have brokered millions of dollars in sales. One Xiaoice streamer brought in over 10,000 RMB ($1,370) in revenue in just one hour.

There are still drawbacks, he says. For example, many of his clients are furniture brands, and although the AI is clever enough to speak and use gestures, it can’t really sit on a sofa or lie in a bed, so the streams lack the appeal of real users testing the products.

The rising popularity of AI-generated livestreams has also caught the attention of video platforms like Douyin, the Chinese version of TikTok, as well—though it’s taking a different approach than other tech giants. It’s seemingly more concerned with transparency and it said in a May document that all videos generated by AI should be labeled clearly as such on the platform, and that virtual influencers need to be operated by real humans. The platform has always banned the use of recorded videos as livestreams. AI-generated livestreaming, with no recorded footage but also little real-time human input, straddles the line on that rule.

The Chinese government made several laws in the past two years on synthetic media and generative AI that would apply to the use in e-commerce streaming. But the effects of government and platform regulations remain to be seen, because the technology is still too new to have met serious enforcement.

For Silicon Intelligence, its next step is to add “emotional intelligence” to the AI streamers, Sima says: “If there are abusive comments, it will be sad; if the products are selling well, it will be happy.” The company is also working on making AI streamers interact and learn from each other.

The company has had a fascinating and sort of terrifying goal since its beginning: it wants to create “100,000,000 silicon-based laborers” by 2025. For now, Sima says, the company has generated 400,000 virtual streamers. There’s still a long way to go.

#Intelligence_artificielle #Médias_de_synthèse #Chine #Streamers
#Commerce_electronique

How a ubiquitous keyboard app puts hundreds of millions of Chinese users at risk | MIT Technology Review
▻https://www.technologyreview.com/2023/08/21/1078207/sogou-keyboard-app-security-loophole/?truid=a497ecb44646822921c70e7e051f7f1a

https://wp.technologyreview.com/wp-content/uploads/2023/08/jiandie.png?resize=1200,600

For millions of Chinese people, the first software they download on a new laptop or smartphone is always the same: a keyboard app. Yet few of them are aware that it may make everything they type vulnerable to spying eyes.

Since dozens of Chinese characters can share the same latinized phonetic spelling, the ordinary QWERTY keyboard alone is incredibly inefficient. A smart, localized keyboard app can save a lot of time and frustration by predicting the characters and words a user wants to type. Today, over 800 million Chinese people use third-party keyboard apps on their PCs, laptops, and mobile phones.

But a recent report by the Citizen Lab, a University of Toronto–affiliated research group focused on technology and security, revealed that Sogou, one of the most popular Chinese keyboard apps, had a massive security loophole.

“This is an app that handles very sensitive information—specifically, every single thing that you type,” says Jeffrey Knockel, a senior research associate at the Citizen Lab and coauthor of the report. “So we wanted to look into that in greater detail and see if this app is properly encrypting this very sensitive data that it’s sending over the network—or, as we found, is it improperly doing it in a way that eavesdroppers could decipher?”

Indeed, what he and his colleagues found was that Sogou’s encryption system could be exploited to intercept and decrypt exactly what people were typing, as they were typing it.

Sogou, which was acquired by the tech giant Tencent in 2021, quickly fixed this loophole after the Citizen Lab researchers disclosed it to the company.

“User privacy is fundamental to our business,” a Sogou spokesperson told MIT Technology Review. “We have addressed the issues identified by the Citizen Lab and will continue to work so that user data remains safe and secure. We transparently disclose our data processing activities in our privacy policy and do not otherwise share user data.”

But there’s no guarantee that this was the only vulnerability in the app, and the researchers did not examine other popular keyboard apps in the Chinese market—meaning the ubiquitous software will continue to be a security risk for hundreds of millions of people. And, alarmingly, the potential for such makes otherwise encrypted communications by Chinese users—in apps like Signal, for example—vulnerable to systems of state surveillance.
An indispensable part of Chinese devices

Officially called input method editors (IMEs), keyboard apps are necessary for typing in languages that have more characters than a common Latin-alphabet keyboard allows, like those with Japanese, Korean, or Indic characters.

For Chinese users, having an IME is almost a necessity.

“There’s a lot more ambiguity to resolve when typing Chinese characters using a Latin alphabet,” says Mona Wang, an Open Technology Fund fellow at the Citizen Lab and another coauthor of the report. Because the same phonetic spelling can be matched to dozens or even hundreds of Chinese characters, and these characters also can be paired in different ways to become different words, a keyboard app that has been fine-tuned to the Chinese language can perform much better than the default keyboard.
Related Story
An early mock-up of a Chinese bitmap font made by the Graphic Arts Research Foundation (GARF).
Behind the painstaking process of creating Chinese computer fonts

More than 40 years ago, designers drew and edited thousands of characters by hand to make it possible to type and print in Chinese.

Starting in the PC era, Chinese software developers proposed all kinds of IME products to expedite typing, some even ditching phonetic spelling and allowing users to draw or choose the components of a Chinese character. As a result, downloading third-party keyboard software became standard practice for everyone in China.

Released in 2006, Sogou Input Method quickly became the most popular keyboard app in the country. It was more capable than any competitor in predicting which character or word the user actually wanted to type, and it did that by scraping text from the internet and maintaining an extensive library of Chinese words. The cloud-based library was updated frequently to include newly coined words, trending expressions, or names of people in the news. In 2007, when Google launched its Chinese keyboard, it even copied Sogou’s word library (and later had to apologize).

In 2014, when the iPhone finally enabled third-party IMEs for the first time, Chinese users rushed to download Sogou’s keyboard app, leaving 3,000 reviews in just one day. At one point, over 90% of Chinese PC users were using Sogou.

Over the years, its market dominance has waned; as of last year, Baidu Input Method was the top keyboard app in China, with 607 million users and 46.4% of the market share. But Sogou still had 561 million users, according to iiMedia, an analytics firm.
Exposing the loophole

A keyboard app can access a wide variety of user information. For example, once Sogou is downloaded and added to the iPhone keyboard options, the app will ask for “full access.” If it’s granted, anything the user types can be sent to Sogou’s cloud-based server.

Connecting to the cloud is what makes most IMEs successful, allowing them to improve text prediction and enable other miscellaneous features, like the ability to search for GIFs and memes. But this also adds risk since content can, at least in theory, be intercepted during transmission.

It becomes the apps’ responsibility to properly encrypt the data and prevent that from happening. Sogou’s privacy policy says it has “adopted industry-standard security technology measures … to maximize the prevention of leak, destruction, misuse, unauthorized access, unauthorized disclosure, or alteration” of users’ personal information.

“People generally had suspicions [about the security of keyboard apps] because they’re advertising [their] cloud service,” says Wang. “Almost certainly they’re sending some amount of keystrokes over the internet.”

Nevertheless, users have continued to grant the apps full access.

When the Citizen Lab researchers started looking at the Sogou Input Method on Windows, Android, and iOS platforms, they found that it used EncryptWall, an encryption system it developed itself, instead of Transport Layer Security (TLS), the standard international cryptographic protocol that has been in use since 1999. (Sogou is also used on other platforms like MacOS and Linux, but the researchers haven’t looked into them.)

One critical difference between the two encryption systems, the Citizen Lab found, is that Sogou’s EncryptWall is still vulnerable to an exploit that was revealed in 2002 and can turn encrypted data back into plain text. TLS was updated to protect against this in 2003. But when they used that exploit method on Sogou, the researchers managed to decrypt the exact keystrokes they’d typed.
Example of recovered data; line 19 contains the user-typed text and line 2 contains the package name of the app in which the text is being typed.
THE CITIZEN LAB

The existence of this loophole meant that users were vulnerable to all kinds of hacks. The typed content could be intercepted when it went through VPN software, home Wi-Fi routers, and telecom providers.

Not every word is transmitted to the cloud, the researchers found. “If you type in nihao [‘hello’ in Chinese] or something like that, [the app] can answer that without having to use the cloud database,” says Knockel. “But if it’s more complicated and, frankly, more interesting things that you’re typing in, it has to reach out to that cloud database.”

Along with the content being typed, Knockel and his Citizen Lab colleagues also obtained other information like technical identifiers of the user’s device, the app that the typing occurred in, and even a list of apps installed on the device.

A lot of malicious actors would be interested in exploiting a loophole like this and eavesdropping on keystrokes, the researchers note—from cybercriminals after private information (like street addresses and bank account numbers) to government hackers.

(In a written response to the Citizen Lab, Sogou said the transmission of typed text is required to access more accurate and extensive vocabularies on the cloud and enable a built-in search engine, and the uses are stated in the privacy agreement.)

This particular loophole was closed when Tencent updated the Sogou software across platforms in late July. The Citizen Lab researchers found that the latest version effectively fixed the problem by adopting the TLS encryption protocol.
How secure messaging becomes insecure

Around the world, people who are at high risk of being surveilled by state authorities have turned to apps that offer end-to-end encryption. But if keyboard apps are vulnerable, then otherwise encrypted communication apps like Signal or WhatsApp are now also unsafe. What’s more, once a keyboard app is compromised, even an otherwise offline app, like the built-in notebook app, can be a security risk too.

(Signal and WhatsApp did not respond to MIT Technology Review’s requests for comment. A spokesperson from Baidu said, “Baidu Input Method consistently adheres to established security practice standards. As of now, there are no vulnerabilities related to [the encryption exploit Sogou was vulnerable to] within Baidu Input Method’s products.”)

As early as 2019, Naomi Wu, a Shenzhen-based tech blogger known as SexyCyborg online, had sounded the alarm about the risk of using Chinese keyboard apps alongside Signal.

“The Signal ‘fix’ is ‘Incognito Mode’ aka for the app to say ‘Pretty please don’t read everything I type’ to the virtual keyboard and count on Google/random app makers to listen to the flag, and not be under court order to do otherwise,” she wrote in a 2019 Twitter thread. Since keyboard apps have no obligation to honor Signal’s request, “basically all hardware here is self-compromised 5 minutes out of the box,” she added.

Wu suspects that the use of Signal was the reason some Chinese student activists talking to foreign media were detained by the police in 2018.

In January 2021, Signal itself tried to clarify that its Incognito Keyboard feature (which only works for users on Android systems, which are more vulnerable than iOS) was not a foolproof privacy solution: “Keyboards and IME’s can ignore Android’s Incognito Keyboard flag. This Android system flag is a best effort, not a guarantee. It’s important to use a keyboard or IME that you trust. Signal cannot detect or prevent malware on your device,” the company added to its article on keyboard security.

#Chine #Keyboard_apps #Surveillance #Chiffrement

Worldcoin just officially launched. Here’s why it’s being investigated. | MIT Technology Review
▻https://www.technologyreview.com/2023/08/07/1077250/worldcoin-officially-launched-why-its-being-investigated/?truid=a497ecb44646822921c70e7e051f7f1a

https://wp.technologyreview.com/wp-content/uploads/2023/08/Orb-02@2x.jpeg?resize=1200,600

It’s a project that claims to use cryptocurrency to distribute money across the world, though its bigger ambition is to create a global identity system called “World ID” that relies on individuals’ unique biometric data to prove that they are humans. It officially launched on July 24 in more than 20 countries, and Sam Altman, the CEO of OpenAI and one of the biggest tech celebrities right now, is one of the cofounders of the project.

The company makes big, idealistic promises: that it can deliver a form of universal basic income through technology to make the world a better and more equitable place, while offering a way to verify your humanity in a digital future filled with nonhuman intelligence, which it calls “proof of personhood.” If you’re thinking this sounds like a potential privacy nightmare, you’re not alone.

“Our investigation revealed wide gaps between Worldcoin’s public messaging, which focused on protecting privacy, and what users experienced. We found that the company’s representatives used deceptive marketing practices, collected more personal data than it acknowledged, and failed to obtain meaningful informed consent.”

What’s more, the company was using test users’ sensitive, but anonymized, data to train artificial intelligence models, but Eileen and Adi found that individuals did not know their data was being used that way.

Importantly, a core objective of the Worldcoin project is to perfect its “proof of personhood” methodology, which requires a lot of data to train AI models. If its proof-of-personhood system becomes widely adopted, this could be quite lucrative for its investors, particularly during an AI gold rush like the one we’re seeing now.

The company announced this week that it will allow other companies and governments to deploy its identity system.

“Worldcoin’s proposed identity solution is problematic whether or not other companies and governments use it. Of course, it would be worse if it were used more broadly without so many key questions being answered,” says Eileen. “But I think at this stage, it’s clever marketing to try to convince everyone to get scanned and sign up so that they can achieve the ‘fastest’ and ‘biggest onboarding into crypto and Web3’ to date, as Blania told me last year.”

#Biométrie #Vie_privée #Données_personnelles #Worldcoin #Proof_of_personhood

Next-gen content farms are using AI-generated text to spin up junk websites | MIT Technology Review
▻https://www.technologyreview.com/2023/06/26/1075504/junk-websites-filled-with-ai-generated-text-are-pulling-in-money-from-programmatic-ads/?truid=a497ecb44646822921c70e7e051f7f1a

https://wp.technologyreview.com/wp-content/uploads/2023/06/programmatic-ad.jpeg?resize=1200,600

Pour bien comprendre le phénomène (l’arnaque !) et le rôle des ^mateformes (ici Google), un seul bon livre : Le grand Krack de l’attention de Tim Hwang
►https://cfeditions.com/krach

The news: AI chatbots are filling junk websites with AI-generated text that attracts paying advertisers. More than 140 major brands are paying for ads that end up on unreliable AI-written sites, likely without their knowledge, according to a new report.

Making money from junk: Most companies that advertise online automatically bid on spots to run those ads through a practice called “programmatic advertising.” As a result, big brands end up paying for ad placements on sites that they may have never heard of before, with little to no human oversight. To take advantage, content farms have sprung up where low-paid humans use AI to churn out low-quality content to attract maximum ad revenue.

Why it matters: Ninety percent of the ads from major brands found on these AI-generated news sites were served by Google, in violation of the company’s own policies. The practice threatens to hasten the arrival of a glitchy, spammy internet that is overrun by AI-generated content, as well as wasting massive amounts of ad money.

https://cfeditions.com/krach/ressources/couv_krach_grand.jpg

#Economie_attention #Tim_Hwang #Google

Meta’s former CTO has a new $50 million project : ocean-based carbon removal | MIT Technology Review
▻https://www.technologyreview.com/2023/06/06/1074124/metas-former-cto-has-a-new-50-million-project-ocean-based-carbon-removal/?truid=a497ecb44646822921c70e7e051f7f1a

https://wp.technologyreview.com/wp-content/uploads/2023/06/GettyImages-614437058-crop.jpeg?resize=1200,600

Un ancien CTO de Facebook se lance dans le géoengineering... pensez-vous que quelque chose puisse mal tourner ?

On appréciera la phrase : “The way you get started is by doing,” he says. “And by moving, in particular, the science forward and making sure that the people who can answer these fundamental questions have the resources and time to answer them thoroughly.” Le moto traditionnel de la Silicon Valley : on fait et on réfléchit après, en payant des chercheurs pour justifier ce qu’on a fait. Quand c’est problématique, on cache sous le tapis le travail de recherche comme l’a montré la lanceuse d’alerte Frances Hauben.

Et celle-ci également d’un des "scientifique" qui poussent de tels projets : “It’s a huge operation, of course, similar to fossil fuels or coal mining,” he says. “So these are all side effects we have to take into account.”...exactement ce que fait Meta, isn’t it ?

A nonprofit formed by Mike Schroepfer, Meta’s former chief technology officer, has spun out a new organization dedicated to accelerating research into ocean alkalinity enhancement—one potential means of using the seas to suck up and store away even more carbon dioxide.

Additional Ventures, cofounded by Schroepfer, and a group of other foundations have committed $50 million over five years to the nonprofit research program, dubbed the Carbon to Sea Initiative. The goals of the effort include evaluating potential approaches; eventually conducting small-scale field trials in the ocean; advancing policies that could streamline permitting for those experiments and provide more public funding for research; and developing the technology necessary to carry out and assess these interventions if they prove to work well and safely.

The seas already act as a powerful buffer against the worst dangers of climate change, drawing down about a quarter of human-driven carbon dioxide emissions and absorbing the vast majority of global warming. Carbon dioxide dissolves naturally into seawater where the air and ocean meet.

But scientists and startups are exploring whether these global commons can do even more to ease climate change, as a growing body of research finds that nations now need to both slash emissions and pull vast amounts of additional greenhouse gas out of the atmosphere to keep warming in check.

Ocean alkalinity enhancement (OAE) refers to various ways of adding alkaline substances, like olivine, basalt, or lime, into seawater. These basic materials bind with dissolved inorganic carbon dioxide in the water to form bicarbonates and carbonates, ions that can persist for tens of thousands of years in the ocean. As those CO2-depleted waters reach the surface, they can pull down additional carbon dioxide from the air to return to a state of equilibrium.

The ground-up materials could be added directly to ocean waters from vessels, placed along the coastline, or used in onshore devices that help trigger reactions with seawater.

Carbon to Sea is effectively an expansion of the Ocean Alkalinity Enhancement R&D Program, which Additional Ventures launched in late 2021 with the Astera Institute, the Grantham Environmental Trust, and others. Ocean Visions, a nonprofit research group working to advance ocean-based climate solutions, is also a partner, though not a funder. Early last year, the organizations began accepting applications for research grants for “at least $10 million” that could be put to use over the next five years. The program has committed $23 million to the research field so far.

Schroepfer, who will serve as a board chair of Carbon to Sea, said that he decided to support the field of ocean alkalinity enhancement because he consistently heard that it was a promising approach to carbon removal that needed to be closely studied, but “nobody was stepping up to do the actual funding of the work.”

“The way you get started is by doing,” he says. “And by moving, in particular, the science forward and making sure that the people who can answer these fundamental questions have the resources and time to answer them thoroughly.”

Antonius Gagern, previously the program director for ocean carbon dioxide removal at Additional Ventures, is leading the new organization.

“In looking at the different ways that the ocean is already using natural carbon pumps to sequester CO2 permanently, ocean alkalinity enhancement has emerged as, for us, the most promising one for a number of reasons,” Gagern says.

It’s “extremely scalable,” it’s “very permanent,” and it “doesn’t mess with” biological systems in the ways that other ocean-based approaches may, he adds.
’A substantial climatic impact’

Other observers also consider ocean alkalinity enhancement a promising approach, in part because it’s one of the major ways the planet already pulls down carbon dioxide over very long time scales: rainwater dissolves basic rocks, producing calcium and other alkaline compounds that eventually flow into the oceans through rivers and streams.

These processes naturally sequester hundreds of millions of tons of carbon dioxide per year, by some estimates. And the planet has more than enough of the reactive materials required to bond with all the carbon dioxide humans have emitted throughout history.

There are potentially some additional benefits as well. Alkaline substances could reduce ocean acidification locally and might provide beneficial nutrients to certain marine organisms.

Andreas Oschlies, a climate modeler at the Helmholtz Centre for Ocean Research in Kiel, Germany, agrees that it’s one of the few carbon removal approaches that could “really deliver at scale and have a substantial climatic impact.”

“The minerals are not limiting and the reservoir, the ocean, is not limiting,” he says.

(Oschlies hasn’t received research grants from the Additional Ventures consortium but is a senior advisor to a project that has.)

He’s quick to stress, however, that there are significant challenges in scaling it up, and that far more research is needed to understand the most effective approaches and secondary impacts of such interventions.

Notably, some approaches would require mining, grinding, and moving around massive amounts of alkaline materials, all of which entails a lot of energy and environmental impacts.

“It’s a huge operation, of course, similar to fossil fuels or coal mining,” he says. “So these are all side effects we have to take into account.”

(Not all these concerns would necessarily be raised by other methods, however, like using electrochemistry to remove acid from seawater or processing existing waste from mines.)

There are additional challenges and uncertainties as well.

Several recent lab experiments found that these approaches didn’t work as well or easily as expected. Indeed, in some instances the addition of such substances reduced alkalinity as well as the uptake of carbon dioxide. This raises the possibility that these methods may only work in limited areas or circumstances, or could be more costly or complex to implement than hoped.

Some of the minerals contain trace heavy metals, which can collect in marine ecosystems. They could also alter the light conditions and biogeochemistry of the waters in ways that might harm or help various organisms.

Finally, the fact that carbon removal happens as a second step in the process makes it challenging to accurately monitor and measure how much CO2 the process really removes, particularly with approaches that occur in the turbulent, variable open oceans. That, in turn, could make it difficult to incentivize and monetize such efforts through carbon markets.

CarbonPlan, a San Francisco nonprofit that evaluates the scientific integrity of carbon removal projects and techniques, ranks ocean alkalinity enhancement on the low end of its “verification confidence levels,” which evaluate the degree to which long-term carbon removal and storage “can be accurately quantified” with existing tools and approaches.

“There is a lot of natural variability associated with these processes, which means it can be hard to discern a signal from the noise,” Freya Chay, program lead for carbon removal at CarbonPlan, said in an email.

“We’re still in exploration mode when it comes to OAE—there is a lot to learn about how to measure, monitor, and effectively deploy these technologies,” she added.
‘Getting the science right’

These challenges are precisely why it’s crucial to fund a coordinated research program into ocean alkalinity research, Gagern says. One of Carbon to Sea’s top priorities will include “getting the science right,” he says, by supporting studies designed to assess what approaches work most effectively and safely, and under what conditions.

He says that improving systems for monitoring, reporting, and verifying the carbon actually removed through these processes will also be a “major, major focus,” with efforts to develop, test, and refine sensors and models. Finally, Carbon to Sea will also prioritize “community building” in the nascent field, striving to draw in more researchers across disciplines and encourage collaborations through conferences, workshops, and fellowships.

One of Carbon to Sea’s initial grantees is the Ocean Alk-Align consortium, an international group of researchers studying the potential and environmental safety of ocean alkalinity enhancement.

“The award from Carbon to Sea enables us to rigorously investigate the promise of OAE for meaningful climate change mitigation and provides us with significant resources to tackle important questions through independent scientific study,” said Katja Fennel, who leads the consortium and is chair of the department of oceanography at Dalhousie University, in a prepared statement.

The program’s additional funding will likely go to a mix of research groups and startups.

#Meta #Goeengineering #Hubris

See how biased AI image models are for yourself with these new tools | MIT Technology Review
▻https://www.technologyreview.com/2023/03/22/1070167/these-news-tool-let-you-see-for-yourself-how-biased-ai-image-model

https://wp.technologyreview.com/wp-content/uploads/2023/03/BiasGrid_painters.jpeg?resize=1200,600