Monday, July 13, 2026

Now, defenders are embracing the prompt injection, too


<p>Prompt injections, the malicious commands attackers embed into content to entice LLMs to follow them, have been attackers’ go-to tool for turning AI platforms against their users. A well-phrased command sneaked into an email or calendar invitation is often all it takes to cause the LLM to exfiltrate sensitive data or follow other harmful actions.</p> <p>Now defenders are embracing the prompt injection, too.</p> <h2>A strong, sharp effect</h2> <p>Researchers from <a href="https://tracebit.com">Tracebit</a> on Monday <a href="https://agentic.tracebit.com/context-bombs/">said</a> they found that placing prompt injections alongside passwords, cryptographic keys, and other secrets stored on AWS was often all that was needed to shut down attacks from AI hacking agents. The prompts direct the attacking LLM to perform an action forbidden by its guardrails, the safety barriers AI developers erect to prevent them from taking harmful actions. The LLM responds by shutting down.</p><p><a href="https://arstechnica.com/security/2026/07/now-defenders-are-embracing-the-prompt-injection-too/">Read full article</a></p> <p><a href="https://arstechnica.com/security/2026/07/now-defenders-are-embracing-the-prompt-injection-too/#comments">Comments</a></p> Reference : https://ift.tt/E8U6uly

Building a Foundation Stack for General-Purpose Robots


<img src="https://spectrum.ieee.org/media-library/humanoid-robot-folding-laundry-on-a-neatly-made-bed-in-a-sunlit-bedroom.png?id=67111698&width=1245&height=700&coordinates=4%2C0%2C4%2C0"/><br/><br/><p><em>This article is brought to you by <a href="https://x2robot.com/" target="_blank">X Square Robot</a>.</em></p><p>Large language models gave artificial intelligence a working recipe. Pretrain a large model on broad data, and general capability follows. Robotics has no such recipe. Robotics systems have long been assembled from separate perception, planning, and control parts that rarely add up to intelligence a robot can carry from one task to another, or one machine to another. The central problem in embodied AI is to find the equivalent recipe, and the field does not yet agree on what it is.</p><p><a href="https://x2robot.com/" target="_blank">X Square Robot</a>, a Chinese embodied-AI company, has made an unusually explicit bet. It argues that the recipe is an integrated stack, spanning the data a robot learns from, a world model for predicting changes in the physical world, and an action model that brings together perception, planning, reasoning, and decision-making to generate executable robot behavior. The company also believes that the stack should be built and <a href="https://x2robot.com/en/research" target="_blank">released in the open</a>.</p><p class="shortcode-media shortcode-media-youtube"> <span class="rm-shortcode" data-rm-shortcode-id="21c864c582f34337aa34a1eb5a2c2742" style="display:block;position:relative;padding-top:56.25%;"><iframe frameborder="0" height="auto" lazy-loadable="true" scrolling="no" src="https://www.youtube.com/embed/gOYHyq87Pgk?rel=0" style="position:absolute;top:0;left:0;width:100%;height:100%;" width="100%"></iframe></span> <small class="image-media media-caption" placeholder="Add Photo Caption...">X Square Robot shares its vision of bringing robots into real homes.</small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">X Square Robot</small></p><h2>X Square Robot’s embodied AI stack</h2><p>What holds the stack together is a small set of principles rather than a single overarching model.</p><ul><li>The first is that the basic unit of robot data is an interaction, not a trajectory; a demonstration is successful only if it changes the world as intended, not simply because the joints moved. </li><li>The second is that pretraining should yield usable capability, not just an initialization for later fine-tuning. </li><li>The third is that behavior should be modeled around physical events rather than fixed slices of time. </li></ul><p>These principles make the layers interdependent, since the same robot-free data that trains the action model is also structured to feed the world model. It is worth being precise, though. The company describes the world model and the action model as complementary but independent model families that share a code base. Both sit within its broader World Unified Model, which it has presented as an architecture for training vision, language, action, and physical prediction together.</p><h2>Robot learning data: Engineering for quality and cost, not scale</h2><p>For the X Square Robot team, one of the biggest constraints on general-purpose robots is the cost and quality of interaction data, not the number of parameters. To address that, the company built its Universal Manipulation Interface (UMI) data collection system, <a href="https://x2robot.com/en/news/6a46341cc7feadddbc603a33" target="_blank">QUANXTA Zero Series</a>. It works by collecting demonstrations from people wearing a rig with dual grippers rather than teleoperating a robot. This approach is not itself new, and builds on established methods for robot-free data capture. What sets it apart are two engineering choices.</p><div class="ieee-sidebar-medium"><p class="shortcode-media shortcode-media-rebelmouse-image rm-float-left rm-resized-container rm-resized-container-25" data-rm-resized-container="25%" style="float: left;"> <img alt="Person using VR headset and handheld controllers to teleoperate a dishwashing robot system" class="rm-shortcode" data-rm-shortcode-id="3e5c65f7aab7cc856564629fde6716dc" data-rm-shortcode-name="rebelmouse-image" id="75dbc" loading="lazy" src="https://spectrum.ieee.org/media-library/person-using-vr-headset-and-handheld-controllers-to-teleoperate-a-dishwashing-robot-system.png?id=67111747&width=980"/> <small class="image-media media-caption" placeholder="Add Photo Caption...">X Square Robot emphasizes data quality control, recording trajectories and replaying them on a real robot, with only those that actually complete the task counted as valid.</small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">X Square Robot</small></p></div><p>The first is quality control, and it is the most distinctive part. Rather than accepting recorded trajectories as they are, the system runs a closed inspection loop, and its notable step is physical playback. A sample of trajectories is replayed on the real robot, and only those that actually complete the task count as valid. That makes the validity rate a measured quantity rather than an assumption. For example, a gripper that closes a fraction of a second too early still looks like a grasp in the data, yet it has pushed the object away, so it shouldn’t be classified as valid. A smaller clean dataset can be worth more than a larger noisy one.</p><p>The second choice is how lower-cost human data and scarce robot data are combined. The company pretrains on a large volume of robot-free demonstrations to build general representations, then adds a small amount of real-robot data as an anchor to the specific machine’s dynamics. It reports that this reaches performance comparable to an all-robot dataset at roughly a 20-fold lower cost of collection, driven mainly by how much cheaper the wearable rig is than a teleoperation setup. </p><p>The resulting dataset is deliberately model-agnostic, formatted to feed both action models and world models. The caveat is that the strongest results are measured on the company’s own robots and data-collection pipelines. Broader independent testing will help confirm and extend these promising results across a wider range of settings.</p><h2>A world model organized around events</h2><p>In developing its world model, called <a href="https://x2robot.com/en/pages/wm" target="_blank">WALL-WM</a>, X Square Robot took a differentiated approach. Most action models predict a fixed-length chunk of motion from the current image and instruction. That is convenient, but it segments behavior into fixed-duration windows, so the boundaries fall where elapsed time dictates rather than where one action ends and the next begins. WALL-WM instead treats an action-grounded semantic event as its unit: a coherent piece of behavior such as reaching, grasping, or placing, something that can be named in language, seen in video, and executed as motion.</p><div class="ieee-sidebar-large"><p class="shortcode-media shortcode-media-rebelmouse-image"> <img alt="Collage of robot arms manipulating kitchen objects with charts of multimodal AI performance" class="rm-shortcode" data-rm-shortcode-id="45376efe0d6e4482760985a5be54bc35" data-rm-shortcode-name="rebelmouse-image" id="67705" loading="lazy" src="https://spectrum.ieee.org/media-library/collage-of-robot-arms-manipulating-kitchen-objects-with-charts-of-multimodal-ai-performance.png?id=67111750&width=980"/> <small class="image-media media-caption" placeholder="Add Photo Caption...">X Square Robot’s world model, called WALL-WM, treats an action-grounded semantic event as its unit: a coherent piece of behavior such as reaching, grasping, or placing, something that can be named in language, seen in video, and executed as motion.</small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">X Square Robot</small></p></div><p><span>WALL-WM’s design reflects a specific concern about not discarding what large video models already know. To achieve that, a text-to-video model is coupled to a freshly initialized action network that reads from the video features without overwriting them, which preserves the visual prior. From that one process, it offers two modes. An event mode runs in variable-length segments and suits reasoning over long horizons, while a fixed-length mode produces the steady, real-time output a controller needs. That places WALL-WM between mainstream chunk-based action models and pure video world models, keeping the predictive character of a world model while still yielding executable control.</span></p><p>In a series of experiments, the company relied on a generalization test that is more specific than most. A model trained on a limited dataset was evaluated on long-horizon tasks in unseen settings and, on the company’s real-robot benchmark, reportedly outscored baselines that had been fine-tuned on related data. That is a meaningful result if it holds. For now, it is measured on the company’s own benchmark. With the code now being released, the broader community will have the opportunity to test, reproduce, and build on them across more settings.</p><h2>A policy that runs before fine-tuning, and action tokens with meaning</h2><p>The action layer carries two connected ideas. The first is a requirement the company sets for itself with <a href="https://x2robot.com/en/oss" target="_blank">Wall-OSS-0.5</a>, its vision-language-action model: The pretrained model should run on a real robot before any task-specific fine-tuning. </p><p>The interest is less in the scores than in the design behind them. The model trains three objectives together, namely discrete action tokens, language grounding, and continuous action generation. And it keeps gradients flowing through all of them rather than freezing parts of the network as some rival designs do. It’s also a more strict method, since it reports untuned behavior such as approaching, grasping, and recovering, including on a deformable task held out of training.</p><div class="ieee-sidebar-large"><p class="shortcode-media shortcode-media-rebelmouse-image"> <img alt="Dashboard of robot training metrics with charts and photos of a robot sorting objects" class="rm-shortcode" data-rm-shortcode-id="02e1332d4b78de0f5e74bb7cd7754667" data-rm-shortcode-name="rebelmouse-image" id="2d02b" loading="lazy" src="https://spectrum.ieee.org/media-library/dashboard-of-robot-training-metrics-with-charts-and-photos-of-a-robot-sorting-objects.png?id=67111753&width=980"/> <small class="image-media media-caption" placeholder="Add Photo Caption...">As part of X Square Robot’s Wall-OSS-0.5 vision-language-action model design, the pretrained model should run on a real robot before any task-specific fine-tuning. </small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">X Square Robot<a href="https://spectrum.ieee.org/r/entryeditor/2677167058#/" target="_self"></a></small></p></div><p>The second idea is the action interface itself, called X-Tokenizer. Most systems that turn continuous motion into discrete tokens produce codes that the language model cannot interpret. X-Tokenizer reframes tokenization as learning a semantic interface, so that the top-level code stands for the intent of a motion while lower-level codes carry finer detail, all aligned with the language model’s own features. </p><p>A useful consequence is stability. Adding noise to an action barely moves the intent code, which is what lets one tokenizer to be reused across robots without re-tuning. The tokenizer inside the production action model is a related variant of this approach. Together, the two ideas give the action layer something rather powerful: capability that transfers.</p><h2>The future of embodied AI stacks</h2><p>X Square Robot is betting that its unique approach combining three layers, each specialized in solving a key part of the problem, will stand out from other embodied AI stacks. The physical-playback step that grounds data quality is uncommon and sensible. The reframing of world modeling around events, with one backbone serving both reasoning and control, is a genuinely distinct approach. And the pairing of a deployable pretraining standard with a tokenizer designed as a semantic interface gives the action layer unusual coherence. </p><p class="pull-quote">X Square Robot’s valuation has climbed above 20 billion yuan (about US $2.9 billion), suggesting that investors increasingly view data infrastructure, foundation models, and scalable training systems as long-term differentiators in embodied AI.</p><p>The next phase will bring broader validation. Much of the current evidence comes from X Square’s own robots and benchmarks. With the world model code now being made public, and as the community begins to test, reproduce, and build on the work, the reported capabilities will be tested across more robots, tasks, and settings.</p><p><span>X Square Robot’s recent funding rounds reflect similar confidence. The company’s valuation has climbed above 20 billion yuan (about US $2.9 billion), suggesting that investors increasingly view data infrastructure, foundation models, and scalable training systems as long-term differentiators in embodied AI.</span></p><h2>What’s next for X Square Robot</h2><p>To learn more about its future plans, the following Q&A with the X Square Robot team further explores the company’s technology, strategy, and vision.</p><p><strong>What made now the right moment, technically, to commit to this stack? What recently became possible that wasn’t possible a couple of years ago?</strong></p><p>It is not one breakthrough but several trends maturing together. Foundation models gave us a shared representation across vision, language, and action, so we can model what a robot sees, what it is asked to do, and how its actions change the world in one framework, rather than as separate perception, planning, and control modules. </p><p>Compute and infrastructure are finally sufficient for large-scale pretraining over long-horizon, multi-embodiment data. Just as importantly, we realized that data, not model size, is the real bottleneck for general robots—what is scarce is diverse, high-quality, reproducible interaction data. And world modeling has become practical. The useful question is no longer how to predict a few seconds of video, but how to understand the ways actions change objects, contacts, and task states. Two years ago these ingredients existed separately. Today they are mature enough to work as one system.</p><p class="pull-quote">“We realized that data, not model size, is the real bottleneck for general robots—what is scarce is diverse, high-quality, reproducible interaction data. And world modeling has become practical.”</p><p><strong>Your data system captures demonstrations with a wearable VR rig and custom grippers rather than teleoperating robots. What was wrong with standard teleoperation?</strong></p><p>Teleoperation is built around controlling the robot. It forces the operator to work within the machine’s kinematics, latency, and viewpoint, and the resulting demonstrations are slower, stiffer, and less diverse. <span>We built our system around capturing human skill instead. Manipulation is really about contact, timing, finger coordination, and recovery, not just the path the hand takes, and a wearable rig records those before the behavior is compressed onto one particular robot. It also breaks teleoperation’s expensive scaling law, in which every demonstration needs a robot. </span></p><p>People can generate rich data independently of any robot, and the crucial property is that those demonstrations can still be replayed and executed on a physical robot through the model. Mobility is convenient, but that replay is the real point, because it is what lets the same data be reused across different platforms.</p><p class="shortcode-media shortcode-media-rebelmouse-image"> <img alt="Robot and person loading a washing machine together in a modern laundry room." class="rm-shortcode" data-rm-shortcode-id="a88f52512288b276095052d0218d9e53" data-rm-shortcode-name="rebelmouse-image" id="3283b" loading="lazy" src="https://spectrum.ieee.org/media-library/robot-and-person-loading-a-washing-machine-together-in-a-modern-laundry-room.png?id=67111806&width=980"/> <small class="image-media media-caption" placeholder="Add Photo Caption...">In X Square Robot’s approach, demonstrations can be replayed and executed on a physical robot through the AI model, allowing the same data to be reused across different platforms.</small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">X Square Robot<a href="https://spectrum.ieee.org/r/entryeditor/2677167058#/" target="_self"></a></small></p><p><strong>X Square Robot reports that its pipeline has roughly an 85 percent data-validity rate. Why is quality control such an underrated bottleneck?</strong></p><p>Because errors in robot data are far more expensive than in language data. A small timing or contact error can change what a demonstration means. If a gripper closes a fraction of a second too early, the motion still looks like a grasp, but physically it has pushed the object away. A dataset that mixes failures and accidental successes teaches ambiguity, not skill, because the real unit is the interaction, not the trajectory. </p><p>So we run automated inspection, kinematic checks, and physical replay, where we play a sample of trajectories back on the real robot and count only the ones that actually complete the task. Data quality sets the ceiling on how good a policy can be. In our experience a smaller, cleaner dataset often beats a much larger, noisier one, which is why we treat quality control as part of the model, not a preprocessing afterthought.</p><p><strong>The model runs in both “event mode” and “chunk mode.” When does each matter?</strong></p><p>Both matter, for different reasons. The physical world changes through events—when contact occurs, a grasp forms, or an object slips—not in fixed-frame windows. Event mode concentrates the model’s attention on those moments, and it matters most for long-horizon tasks, like clearing a table, where progress is a sequence of semantic events rather than a smooth stream. It runs in variable-length segments that follow the task rather than a clock. Chunk mode matters for deployment. Real controllers need a stable, real-time interface, and fixed-length chunks integrate cleanly with existing control systems. </p><p>We organize learning around events in the first place because a fixed window can split one motion in half or merge two together, which turns training into short-horizon pattern matching and weakens the model on long tasks. So the world model’s job is to connect event-level understanding, which is where the reasoning happens, with a fixed-length output a real robot can actually run.</p><p><strong>Why make “deployable before fine-tuning” the criterion?</strong></p><p>Pretraining should produce capability, not just a good starting point. If a model is only useful after heavy fine-tuning, then most of the intelligence still lives in the downstream supervision, not in the foundation model. Deployable before fine-tuning is a more honest test of what pretraining actually learned. A well-pretrained robot should already know how to approach, grasp, move, avoid obstacles, and correct itself. Fine-tuning should adapt it to a specific task or robot, not create the ability from nothing. It is also a practical requirement. A robot in a home or a workplace shouldn’t need a brand-new dataset and a new policy every time the task changes, so a foundation model that already carries general skill, and some ability to recover, is the minimum bar for something genuinely useful in the real world.</p><p><strong>What is the most challenging part of cross-embodiment learning?</strong></p><p>Robots differ in control frequency, delay, compliance, sensing precision, and contact dynamics, so the same instruction can require different action decompositions and recovery strategies, and a behavior that works on one arm cannot simply be copied to another. Cross-embodiment learning needs an intermediate abstraction, lower than language but higher than joint angles: how you approach an object, how you make contact, how you apply force, and how you recover from a mistake. </p><p>When we say cross-embodiment, the main capability we mean is multi-embodiment generalization: transferring across robots, training on many embodiments at once, and adapting to different kinematics. Human-to-robot transfer and other techniques are specific approaches to that goal.</p><p class="pull-quote">“A robot in a home or workplace shouldn’t need a new dataset and policy every time the task changes. A useful foundation model should already carry general skills and the ability to recover.”</p><p><strong><span></span>What would you most like to see other researchers attempt to reproduce or stress-test?</strong></p><p>Three things, above all. Whether event-level representations really generalize beyond our own datasets, across more tasks, scenes, objects, embodiments, and failure conditions. Whether pretraining stays effective on robots the model never saw during training, or whether its capability is still too tightly coupled to what it has already seen. And whether real-robot evaluation can become a shared language for the field, so that we compare not just success rates but the reasons systems fail, where an instruction was misread, where perception broke down, or where recovery fell short. Robotics has been driven too often by impressive demonstrations, and real progress comes from results that are reproducible and diagnosable.</p><p><strong>What capability is still missing before robots become dependable in homes?</strong></p><p>Benchmarks measure competence, like whether a model can finish a task. Homes demand reliability, safe and consistent operation over time in a place that changes every day, with objects moving, instructions that are vague, and people interrupting. The missing piece is not a higher one-time success rate: it is robust recovery. A dependable home robot has to know when it is uncertain, when to slow down, when to ask for help, and how to bring the world back to a safe state after it drops something or misunderstands a request. </p><p>In a real home, failure recovery matters more than raw success, because the home does not reset itself. Homes also demand careful personalization, learning a household’s routines and preferences over time, with safety and trust as first principles. That combination, not any single skill, separates a capable demonstration from a robot people can live with.</p><p class="shortcode-media shortcode-media-rebelmouse-image"> <img alt="Humanoid service robot stands by a table in a modern living room." class="rm-shortcode" data-rm-shortcode-id="f3ec231082e32418641508eee7c21e31" data-rm-shortcode-name="rebelmouse-image" id="169cf" loading="lazy" src="https://spectrum.ieee.org/media-library/humanoid-service-robot-stands-by-a-table-in-a-modern-living-room.jpg?id=67111807&width=980"/> <small class="image-media media-caption" placeholder="Add Photo Caption...">X Square Robot’s approach is that, in a real home, failure recovery matters more than raw success, because the home does not reset itself and it demands careful personalization, with safety and trust as first principles. </small><small class="image-media media-photo-credit" placeholder="Add Photo Credit...">X Square Robot<a href="https://spectrum.ieee.org/r/entryeditor/2677167058#/" target="_self"></a></small></p><p><strong>How do the open-source components fit into X Square Robot’s World Unified Model direction?</strong></p><p>We see these releases as layers of the World Unified Model direction rather than isolated projects. <a href="https://x2robot.com/en/oss" target="_blank">Wall-OSS-0.5</a>, the action model, asks whether an open vision-language-action model can gain directly measurable capability from large-scale pretraining, so it is the capability layer. <span>WALL-WM, the world model, asks how a robot should understand change in the world, shifting from fixed windows to event-level modeling, so it is the representation layer. The data system supplies the interaction data that both of them learn from. </span></p><p>Together they form a loop in which models produce capability, world models organize understanding, and the open-source community drives reproduction and improvement. World Unified Model is the broader architecture those layers support, bringing vision, language, action, and physical prediction together. </p><p>We are releasing these pieces openly because embodied intelligence cannot be solved by one organization; it needs many embodiments, many real tasks, and broad feedback, and the long-term goal is a stack that keeps learning and ultimately moves robots from laboratory demonstrations toward reliable everyday use.</p> Reference: https://ift.tt/wgBkfLz

Friday, July 10, 2026

IEEE Remembers Pioneering Computer Scientist Peter G. Neumann


<img src="https://spectrum.ieee.org/media-library/portrait-of-a-bearded-white-man-with-gray-hair-smiling-in-a-blue-suit-with-red-tie.jpg?id=67112656&width=2000&height=1500&coordinates=0%2C0%2C0%2C0"/><br/><br/><p>The computing community recently lost one of its enduring voices: IEEE Fellow <a href="https://ethw.org/Peter_G._Neumann" rel="noopener noreferrer" target="_blank">Peter G. Neumann</a>. The renowned computer scientist and respected risk analyst died on 17 May at the age of 93.</p><p>For almost 70 years, Neumann <a href="https://spectrum.ieee.org/is-it-time-for-the-computerindustry-to-take-a-mulligan" target="_self">shaped the computing field through his pioneering work</a> on risks, system dependability, security, and fault tolerance with rare intellectual depth and unwavering ethical clarity.</p><p>Five of those decades were spent as a principal scientist at <a href="https://en.wikipedia.org/wiki/SRI_International" rel="noopener noreferrer" target="_blank">SRI International</a> in Menlo Park, Calif., where he worked until his death. A detailed narrative of his work, life, and mentoring is available on his SRI <a href="https://www.csl.sri.com/~neumann/" rel="noopener noreferrer" target="_blank">web page</a>, where he chronicled his journey.</p><p>He possessed a rare ability to identify systemic vulnerabilities long before they became widely recognized. He cautioned that interconnected systems, if poorly designed or insufficiently scrutinized, could fail and become targets for exploitation. He insisted innovation always must be accompanied by responsibility, reliability, and a clear understanding of the risks involved.</p><p>With the widespread adoption of computing, information technology, artificial intelligence, and autonomous systems, Neumann’s insights have become more relevant.</p><h2>From Harvard to Bell Labs</h2><p>Neumann was born on 21 September 1932 in New York City. After graduating from high school, he pursued a degree in mathematics at <a href="https://en.wikipedia.org/wiki/Harvard_University" rel="noopener noreferrer" target="_blank">Harvard</a>, where he had a conversation that shaped his approach to research, according to the <a href="https://cacm.acm.org/news/in-memoriam-peter-g-neumann-1932-2026/" rel="noopener noreferrer" target="_blank">Association for Computing Machinery</a> (ACM). In November 1952 he had a two-hour breakfast meeting with <a href="https://spectrum.ieee.org/albert-einsteinrefrigerator-technician" target="_self">Albert Einstein</a>, at which they discussed the importance of simplicity in design.</p><p>Neumann was among the first generation of Harvard students to program computers and, remarkably for that era, enjoyed exclusive access to the computing systems.</p><p>After earning his bachelor’s degree in 1954, he continued his education at Harvard, earning a master’s degree in 1955. In 1958 he moved to Germany to become a doctoral student at the <a href="https://www.tu-darmstadt.de/universitaet/index.en.jsp" rel="noopener noreferrer" target="_blank">Technical University of Darmstadt</a> as part of the <a href="https://us.fulbrightonline.org/" rel="noopener noreferrer" target="_blank">Fulbright program</a>, which provides funding for U.S. citizens to study or teach abroad. He earned his doctorate in 1960.</p><p>After returning to the United States, he joined <a href="https://spectrum.ieee.org/nokia-bell-labs-new-headquarters" target="_self">Bell Labs</a> in Murray Hill, N.J., where he worked on error-correcting codes and survivable communications. He also pursued a second Ph.D. in applied mathematics and science at Harvard, achieving that goal in 1961.</p><p>Four years later, he was assigned to work on <a href="https://en.wikipedia.org/wiki/Multics" rel="noopener noreferrer" target="_blank">Multics</a>, which became an influential operating system that shaped modern secure computing architectures. Multics was a mainframe time-sharing system designed to serve the diverse needs of multiple users simultaneously. Neumann designed its filing system, which featured hierarchical directories, access control lists, and dynamically paged virtual memory segments. He also played a key role in the design of its input/output system.</p><p>In 1970 he left Bell Labs to join SRI<strong>.</strong></p><h2>Technical contributions at SRI</h2><p>Neumann made several seminal and foundational technical contributions while at SRI, including the following:</p><ul><li><strong>Provably Secure Operating System.</strong> The <a href="https://www.csl.sri.com/~neumann/psos.pdf" rel="noopener noreferrer" target="_blank">PSOS</a> project he worked on advanced formal methods in operating systems and computer security. The project demonstrated that security could be designed within the initial plan rather than retrofitted.</li><li><strong>Election integrity and voting systems.</strong> He outlined vulnerabilities in electronic systems and advocated for transparency, verifiability, and public accountability.</li><li><strong>Systems-level risk thinking.</strong> He broadened the concept of computer security to encompass human factors, governance, policy failures, social consequences, organizational negligence, and misuse of automation. His system-level perspective now fuels debates on AI governance and digital trust.</li><li><strong>Intrusion-detection systems.</strong> With his colleague <a href="https://en.wikipedia.org/wiki/Dorothy_E._Denning" rel="noopener noreferrer" target="_blank">Dorothy E. Denning</a>, a security expert, he helped develop an <a href="https://www.csl.sri.com/papers/9sri/" rel="noopener noreferrer" target="_blank">intrusion-detection expert system</a> (IDES), laying the groundwork for modern cyberdefenses.</li><li><strong>CHERI.</strong> He promoted hardware-assisted secure computing: technology that now influences next-generation processors.<a href="https://www.cheri-alliance.org/?ref=blog.disclose.io" rel="noopener noreferrer" target="_blank"> The </a>Capability Hardware-Enhanced RISC Instructions (<a href="https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/" rel="noopener noreferrer" target="_blank">CHERI</a>) architecture project, which Neumann led, is now being commercialized by an international, nonprofit <a href="https://www.cheri-alliance.org/?ref=blog.disclose.io" rel="noopener noreferrer" target="_blank">alliance</a>.</li></ul><p>His contributions are united by a simple but profound principle: Security should be foundational, not incidental. Neumann argued that security must be embedded into system architecture from the start—not patched after deployment.</p><h2>ACM’s Risks Forum</h2><p>Neumann’s other enduring contribution was the creation and stewardship of the ACM <a href="https://catless.ncl.ac.uk/Risks/?ref=blog.disclose.io" rel="noopener noreferrer" target="_blank">Risks Forum</a>, formally known as the Forum on Risks to the Public in Computers and Related Systems. For decades, it was one of the most respected online arenas for critical reflection on computing failures, vulnerabilities, security breaches, unintended consequences, and emerging technological threats. He transformed the forum into a scholarly archive of cautionary lessons in computing failures and risks.</p><p>In 1985 he started documenting how technological systems fail when complexity exceeds understanding and when society places blind trust in automation. He then moderated the community for 41 years, leaving his position in April, weeks before his passing.</p><p>In 1995 he published <a href="https://www.amazon.com/dp/B0030SSHWC/?mr_donotredirect" rel="noopener noreferrer" target="_blank"><em><em>Computer-Related Risks</em></em></a>, a book that serves as a case-driven guide to how computer systems fail and why. It is still relevant in an era defined by AI, growing cyberthreats, and our deep digital dependence.</p><h2>Intellectual rigor with grace and humility</h2><p>Neumann viewed computing not as an abstract technical pursuit but as a profoundly human enterprise carrying societal responsibilities. He was thoughtfully skeptical, questioned assumptions, and challenged complacency. His observations often anticipated challenges years before they became mainstream concerns.</p><p>He exemplified high scholarship ideals and was intellectually honest and ethically steadfast. He had been a frequent <a href="https://www.pressreader.com/usa/the-boston-globe/20260522/282183657701214" rel="noopener noreferrer" target="_blank">critic</a> of lax attitudes the industry has maintained toward both computer security and individual digital privacy. He warned against the industry’s tendency to repeat mistakes.</p><p class="pull-quote">Neumann’s signature contribution was not technical but a stance. He insisted, against industry custom, that recurring computer failures were not unfortunate accidents but rather were predictable consequences of how systems were built and sold.</p><p>He was fundamentally an optimist about what can be done with research and was a pessimist about corporations.</p><p>Security is not merely a technical patch, he said, but is a systemic property requiring sound design, governance, and human judgment. He consistently warned that uncontrolled complexity is itself a source of risk.</p><p>His signature contribution was not technical but a stance. He insisted, against industry custom, that recurring computer failures were not unfortunate accidents but rather were predictable consequences of how systems were built and sold.</p><h2>Honors and recognitions</h2><p>Neumann was honored with a number of honors including the <a href="https://epic.org/" target="_blank">Electronic Privacy Information Center</a>’s 2018 <a href="https://blog.epic.org/2019/05/17/peter-neumann-computer-system-vulnerabilities/" rel="noopener noreferrer" target="_blank">Lifetime Achievement Award</a>, the <a href="https://cra.org/computing-research-association/" rel="noopener noreferrer" target="_blank">Computing Research Association</a>’s 2013 <a href="https://cra.org/about/awards/distinguished-service-award/" rel="noopener noreferrer" target="_blank">Distinguished Service Award</a>, and ACM’s 2005 <a href="https://awards.acm.org/sig-awards/sigsac" rel="noopener noreferrer" target="_blank">Special Interest Group on Security, Audit, and Control Outstanding Contributions Award</a>.</p><p>In addition to being an IEEE Fellow, he was a Fellow of ACM, the <a href="https://www.aaas.org/" rel="noopener noreferrer" target="_blank">American Association for the Advancement of Science</a>, and SRI. In 2012 he was inducted into the <a href="https://www.cybersecurityhalloffame.org/about-us" rel="noopener noreferrer" target="_blank">Cyber Security Hall of Fame</a>.</p><h2>An enduring legacy</h2><p>Neumann’s greatest legacy is not necessarily his inventions but his way of thinking. His longtime interest was the risk ecology of computing—the business, technological, social, political, and personal risks that computing has created, along with its tremendous benefits in each of those spheres. He left us a timely lesson: Innovation must be accompanied by responsibility, foresight, and care.</p><p>Neumann was “one of the last of the old guard and a pointer to the future,” observed IEEE Life Fellow <a href="https://spectrum.ieee.org/forty-years-later-turing-prize-winners-devoted-to-personal-privacy-and-nuclear-activism" target="_self">Whitfield Diffie</a>, who helped invent public key cryptography. Highlighting both the significance and enduring relevance of Neumann’s work, a tribute by blogger <a href="https://ussphoenix.substack.com/p/the-man-who-kept-score-peter-g-neumann" rel="noopener noreferrer" target="_blank">Phoenix AMTD</a> aptly said: “He spent 70 years cataloging how computers fail. We spent 70 years not listening. Maybe now we will.”</p><p>Let’s honor Peter G. Neumann not merely by remembering his advice but by following it.</p> Reference: https://ift.tt/HPlQZAK

Thursday, July 9, 2026

Patch for Windows Defender 0-day could allow attackers to fill hard disk


<p>A patch Microsoft released on Wednesday to fix a zero-day vulnerability in its Defender security engine may cause Windows machines to write files large enough to completely consume available disk space, the researcher who discovered the flaw said.</p> <p>RoguePlanet, tracked as CVE-2026-50656, came to public notice <a href="%22https://deadeclipse666.blogspot.com%E2%80%9D/">in June</a> when NightmareEclipse, the pseudonymous name used by a researcher, disclosed it along with <a href="https://git.projectnightcrawler.dev/NightmareEclipse/RoguePlanet">code</a> for exploiting it. The vulnerability allows remote attackers to gain administrative control of Windows 10 and Windows 11 machines, even when real-time protection has been disabled. Over the past few months, the anonymous researcher has published a <a href="https://arstechnica.com/security/2026/05/zero-day-exploit-completely-defeats-default-windows-11-bitlocker-protections/">handful</a> of <a href="https://arstechnica.com/security/2026/06/locked-in-heated-rivalry-with-researcher-microsoft-fixes-0-day-they-disclosed/">other</a> zero-days that have sent Microsoft scrambling to develop patches.</p> <h2>Writing files of unlimited size</h2> <p>Microsoft <a href="https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2026-50656">said</a> Wednesday that it patched RoguePlanet with an update to the Microsoft Malware Protection Engine, which is used by the Defender antivirus app. The fix will automatically be downloaded and installed without users having to take any action. Wednesday’s update also includes “defense-in-depth updates to help improve security-related features.”</p><p><a href="https://arstechnica.com/security/2026/07/patch-for-windows-defender-0-day-could-allow-attackers-to-fill-hard-disk/">Read full article</a></p> <p><a href="https://arstechnica.com/security/2026/07/patch-for-windows-defender-0-day-could-allow-attackers-to-fill-hard-disk/#comments">Comments</a></p> Reference : https://ift.tt/xdpfGPr

Allstate accuses Broadcom of auditing it because it quit VMware, CA


<p>Allstate Insurance Company has accused Broadcom of haphazardly issuing audits against it because the insurance firm decided not to renew its contracts with VMware and CA Technologies.</p> <p>The allegations were made in relation to a lawsuit that VMware filed against Allstate in December 2025, according to <a href="https://www.theregister.com/virtualization/2026/07/08/allstate-insurance-quits-broadcom-alleges-vengeful-license-audit-on-the-way-out/5268155">The Register</a>. In the complaint, Broadcom alleges that Allstate failed to comply with license audits, which Broadcom claims its contract with Allstate requires.</p> <p>In a June 12 filing, Allstate suggested that Broadcom issued the audits in response to Allstate deciding to end business with its companies. Allstate's statement reads:</p><p><a href="https://arstechnica.com/information-technology/2026/07/allstate-accuses-broadcom-of-auditing-it-because-it-quit-vmware-ca/">Read full article</a></p> <p><a href="https://arstechnica.com/information-technology/2026/07/allstate-accuses-broadcom-of-auditing-it-because-it-quit-vmware-ca/#comments">Comments</a></p> Reference : https://ift.tt/PJ4Rm8H

The Rebirth of High Frequency


<img src="https://spectrum.ieee.org/media-library/rohde-schwarz-logo-with-slogan-make-ideas-real-and-rs-monogram-in-diamond.png?id=67100960&width=980"/><br/><br/><p>An examination of how satellite vulnerabilities, modern wideband waveforms, and automatic link establishment are driving renewed military and government investment in HF communications.</p><p>What Attendees will Learn</p><ol><li>Why HF (High Frequency) declined — and what has changed — How satellites overtook HF for global communications from the 1970s onward, and why growing awareness of satellite vulnerabilities to anti-satellite weapons, jamming, solar storms, and coverage gaps is reviving interest in skywave propagation as a resilient alternative.</li><li>How the ionosphere enables and limits global HF communication — Understand the roles of the D, E, and F ionospheric layers in refracting and absorbing signals, the concepts of maximum usable frequency (MUF) and lowest usable frequency (LUF), and how sunspot number, solar flux index, and A/K geomagnetic indices are used to quantify and predict propagation conditions.</li><li>How automatic link establishment transforms HF operability — Trace the evolution from proprietary first-generation ALE through interoperable second- and third-generation standards to fourth-generation wideband ALE, which automates frequency selection, link setup, and adaptation to changing channel conditions — removing the dependency on highly skilled operators.</li><li>How wideband HF is closing the throughput.</li></ol><div><span><a href="https://content.knowledgehub.wiley.com/the-rebirth-of-high-frequency/" target="_blank">Download this free whitepaper now!</a></span></div> Reference: https://ift.tt/oCEnqL0

Wednesday, July 8, 2026

Inside the Race to Electrify Semi Trailers for Long Haul Freight


<img src="https://spectrum.ieee.org/media-library/a-large-battery-installed-on-the-undercarriage-of-an-electric-semi-trailer.jpg?id=67112537&width=1200&height=800&coordinates=62%2C0%2C63%2C0"/><br/><br/><p>A semi-trailer that helps propel itself entered commercial road testing in late May, when a powertrain kit developed by<a href="https://nivalisenergy.com/" rel="noopener noreferrer" target="_blank"> Nivalis Energy Europe</a>, headquartered in Luxembourg with engineering operations in Germany, was fitted to a trailer supplied by Amsterdam-based<a href="https://www.tip-group.com/en" rel="noopener noreferrer" target="_blank"> TIP Group</a>. The self-powered trailer was handed over to German transport operator<a href="https://www.sommer-online.de/index.php?id=3&L=1&cHash=e4f22bfe1ffee70d4675cc8b03e2d616&no_cache=1&sword_list%5B0%5D=tas" rel="noopener noreferrer" target="_blank"> Sommer</a> for use in its working fleet. </p><p>The Nivalis Powered Trailer Kit centers on an electric axle co-developed with Wiehl, Germany–based running gear specialist<a href="https://www.bpw.de/en/products/axle-running-gears" rel="noopener noreferrer" target="_blank"> BPW</a>, rated at 50 kilowatts peak, capable of both propulsion assistance and<a href="https://spectrum.ieee.org/tag/regenerative-braking" target="_self"> regenerative braking</a>. That axle draws on a 60-kilowatt-hour, 400-volt<a href="https://spectrum.ieee.org/tag/lithium-ion-batteries" target="_self"> lithium-ion battery</a> pack charged from three sources: the axle itself during braking and deceleration, a full-rooftop array of<a href="https://spectrum.ieee.org/tag/photovoltaics" target="_self"> photovoltaic panels</a> generating up to 3.7 kilowatts-peak, and a 32-amp, three-phase AC grid connection available during parking stops. The driver’s only window into the system is a small display readable from the cab’s side mirror that shows the system status and battery charge level. Nothing about the trailer’s handling or licensing requirements changes.<br/><br/> The partners project savings of up to 7,000 liters of diesel per trailer per year, which is enough to keep about 19 tonnes of carbon dioxide out of the air. These figures are based on a trailer running 100,000 kilometers annually at payloads between 20 and 24 tonnes, on a mix of long-haul and hub-to-hub routes.</p><p><a href="https://de.linkedin.com/in/pavel-gilman/en" rel="noopener noreferrer" target="_blank">Pavel Gilman</a>, vice president of sales and marketing at Nivalis, breaks down where those savings come from: roughly 30 to 35 percent from the electric axle during braking and deceleration, 11 to 15 percent from the rooftop solar panels, and the remainder (roughly half) from grid charging during parking stops. The pilot is planned to run for more than a year, spanning multiple seasons. The retrofit cost has not been disclosed, and the pilot is running on a single trailer. But the underlying assumptions are now on the table and they represent a specific, high-utilization use case (meaning a truck that’s almost always on the move, filled to capacity with freight) not a universal one.<br/><br/> Across Europe and North America, a growing number of companies have concluded that electrifying the trailer, rather than replacing the tractor unit, may be the fastest and most cost-effective path to decarbonizing long-haul freight. A new<a href="https://spectrum.ieee.org/electric-hgv" target="_self"> battery-electric heavy truck</a> carries a high upfront cost and demands charging infrastructure that most freight corridors do not yet reliably provide. A retrofit kit fitted to an existing trailer is meant to sidestep both problems. </p><p>The question the industry has been working to answer is whether the energy harvested from regenerative braking,<a href="https://spectrum.ieee.org/solar-powered-cars" target="_self"> rooftop solar</a>, and grid charging in short bursts when the vehicle is parked for loading and unloading is enough to produce savings that recover the kit’s cost in a reasonable timeframe. Several companies now believe the answer is yes, and they are accumulating field data to prove it—though not all of them are going about it the same way.</p><h2> Trailer industry places its bets</h2><p> The competitive landscape has taken shape most visibly in Germany.<a href="https://www.iru.org/news-resources/members-directory/trailer-dynamics" rel="noopener noreferrer" target="_blank"> Trailer Dynamics</a>, an Aachen-based company, has conducted field tests with<a href="https://www.bmwgroup.jobs/apac/en/jobfields/logistics.html" rel="noopener noreferrer" target="_blank"> BMW Logistics</a>,<a href="https://www.dbschenker.com/global" rel="noopener noreferrer" target="_blank"> DB Schenker</a>,<a href="https://www.duvenbeck.de/en" rel="noopener noreferrer" target="_blank"> Duvenbeck</a>, and<a href="https://www.volkswagen-group.com/en/enhancing-sustainability-in-volkswagen-group-logistics-18669" rel="noopener noreferrer" target="_blank"> Volkswagen Konzernlogistik</a>, reporting average fuel savings of around 40 percent for diesel tractor combinations, substantially higher than the up to 18 percent reduction implied by the Nivalis projection. The difference traces directly to battery size, but Trailer Dynamics frames the choice as an economic question rather than an architectural one.<br/><br/> “The discussion should not start with battery size, but with the economics of the transport operation,” the company said in response to written questions. “There is no single battery capacity that is universally right for every fleet.”<br/><br/> Trailer Dynamics’s modular system offers three configurations ranging from 187 to 551 kilowatt-hours, sized to match route profile, annual mileage, payload, and charging access. The M300 version, whose designation reflects the capacity of its 300-kilowatt-hour lithium iron phosphate battery supplied by Chinese battery manufacturer<a href="https://www.catl.com/en/" rel="noopener noreferrer" target="_blank"> CATL</a>, adds approximately four tonnes to the trailer, roughly three times the one-to-1.4–tonnes added to a trailer by the Nivalis system.<br/><br/> Both companies’ systems would extend the range of a battery-electric tractor by reducing the energy demand on the tractor’s motor. But Trailer Dynamics explicitly targets that use case, claiming its self-propelled trailer yields combined ranges of up to 850 kilometers—enough to eliminate intermediate charging stops on many long-haul routes. Nivalis has not published range extension figures for electric tractor combinations, and its smaller battery and peak lower output suggest the effect would be more modest.<br/><br/> That higher energy storage capability widens the addressable market for Trailer Dynamics considerably and helps explain the investment flowing into the self-propelled trailer space. In November 2025, the<a href="https://www.eib.org/en/index" rel="noopener noreferrer" target="_blank"> European Investment Bank</a> extended a<a href="https://www.eib.org/en/press/all/2025-459-eib-backs-game-changing-electric-trailer-rollout-for-europe-s-freight-sector-invests-eur25-million-in-trailer-dynamics" rel="noopener noreferrer" target="_blank"> €25 million loan to the company</a>, backed by the European Union’s<a href="https://investeu.europa.eu/investeu-programme_en" rel="noopener noreferrer" target="_blank"> InvestEU program</a>, to support commercialization. Trailer Dynamics says it plans to begin industrial-scale production in 2028, with adoption expected to accelerate as<a href="https://climate.ec.europa.eu/eu-action/european-climate-law_en" rel="noopener noreferrer" target="_blank"> European carbon dioxide reduction requirements</a> tighten toward 2030.<br/><br/><a href="https://www.zf.com/mobile/en/homepage/homepage.html" rel="noopener noreferrer" target="_blank"> ZF</a>, the German automotive supplier, entered the space with its<a href="https://press.zf.com/press/en/releases/release_75585.html" rel="noopener noreferrer" target="_blank"> TrailTrax</a> system, using an electric axle rated at up to 210 kilowatts continuous power. ZF claims that, between onboard battery storage and energy recovered via regenerative braking, the self-propelled trailer system yields up to 16 percent in energy and carbon dioxide savings when combined with an ICE powered truck. The company also says TrailTrax can reduce carbon dioxide emissions by as much as 40 percent with opportunistic plug-in charging. Trailer manufacturers<a href="https://kaessbohrer.com/en" target="_blank"> Kässbohrer</a> and<a href="https://www.krone-trailer.com/en/" target="_blank"> Krone</a> have adopted the platform, as has BPW—the same running gear specialist co-developing the Nivalis axle.<br/><br/> In North America,<a href="https://www.range.energy/post/cost-effective-fleet-building-leveraging-electric-trailers-for-practical-decarbonization" rel="noopener noreferrer" target="_blank"> Range Energy</a> is developing a system with up to 300 kilowatt-hours of onboard energy capacity, compatible with diesel, battery-electric, and hydrogen fuel cell tractors. Range, which has announced a<a href="https://press.zf.com/press/en/releases/release_81026.html" rel="noopener noreferrer" target="_blank"> partnership with ZF</a>, to help drive the development and adoption of the Range eTrailer System within the North American commercial trucking industry, is now equipping its trailers with<a href="https://www.zf.com/products/en/cv/products_75841.html" rel="noopener noreferrer" target="_blank"> ZF’s AxTrax 2 e-axle</a> for battery-powered propulsion. Range Energy has a separate pilot agreement with DB Schenker, the German logistics company that is also among the European operators that tested the Trailer Dynamics system. Range and DB Schenker say they plan to deploy a powered trailer in commercial trucking operations in North America, with first deliveries scheduled for later this year. The breadth of activity across continents reflects a field that has moved well past the question of whether powered trailers work. The argument now is about which architecture works best and at what cost.<br/><br/> What the field does not yet have is a common standard for measuring and reporting savings. The figures from various pilots—an average of 40 percent from Trailer Dynamics, up to 18 percent implied by the Nivalis projection—reflect different routes, loads, seasons, and battery sizes. In some cases, they represent short validation runs rather than sustained operational data. Fleet operators evaluating competing systems are working with numbers that are difficult to interpret and impossible to rank against one another.</p><p> Both architectures reduce available payload, but by very different margins. The M300’s roughly four-tonne addition dwarfs the one-to-1.4-tonne addition of the Nivalis system. Trailer Dynamics argues the weight penalty is largely academic in practice, because more than 90 percent of trailer movements are constrained by cargo volume before they approach legal weight limits. Under<a href="https://transport.ec.europa.eu/transport-modes/road/weights-and-dimensions_en" rel="noopener noreferrer" target="_blank"> current European regulations</a>, both systems reduce payload on a one-for-one basis. Frameworks under discussion would change that. New rules could allow up to four extra tonnes for electric trucks, with proposals to extend the provision to electric trailers. If amended, the payload effect would turn positive for both systems. Until then, every kilogram of kit is a kilogram unavailable for freight.</p><h2>Small versus large battery systems</h2><p>The choice between large-battery and small-battery powered trailers is a bet on which cost will fall faster: battery pack prices or the cost of grid charging infrastructure. A large-battery system delivers higher savings but requires reliable charging access across the operating cycle. If infrastructure buildout stalls—as it has repeatedly in heavy-duty transport—operators face the same dependency problem that has slowed battery-electric truck adoption. The Nivalis architecture hedges against that risk: its 32-amp connection requires only a standard industrial outlet, and the solar array and regenerative braking handle significant energy input without infrastructure at all. Gilman frames the design philosophy in terms of the industry it serves.<br/><br/> “Logistics lives with low margins,” he said. “We are focused on the product which fits the industry technically and financially. It overcomes the capital expenditure hurdle and maximizes financial benefit by adding sources of energy which are symbiotic to each other.” And because Nivalis’s axle is comparatively light, he says, operators won’t be forced to reduce payload.<br/><br/> Trailer Dynamics sees it differently.<br/><br/> “Long-haul transport will increasingly move toward depot-based and destination-based charging models,” says Michael W. Nimtsch, the company’s Managing Director. “The question is not how small a battery can be made, but how much economic value each additional kilowatt-hour can generate over the life of the vehicle.”<br/><br/> On solar and regenerative recovery, Nimtsch argues both are useful complements to stored battery energy rather than substitutes for it.</p><p>“Compared with the daily energy demand of a long-haul truck, solar generation remains relatively modest,” he says. The Nivalis energy breakdown supports that view in relative terms: Grid charging contributes the largest share of projected savings, regenerative braking second, and solar third. That hierarchy means performance depends more on charging access during dwell time than the multi-source framing might suggest even if that access requires only a standard industrial outlet.<br/><br/> Trailer Dynamics prices its system between €145,000 and €195,000 and targets a payback period of no more than five years. Nivalis targets five to six years at current costs, falling to three to four years as volumes grow. Asked exactly what the price tag says, the company declined to answer. The minimum annual savings needed, Gilman said, is between €5,000 and €6,000 per trailer. Until someone publishes a full year of results from a trailer running in normal commercial rotation, fleet operators cannot answer the two questions that actually drives adoption: What does this cost, and when does it pay back?</p> Reference: https://ift.tt/QnHdNLa

Now, defenders are embracing the prompt injection, too

<p>Prompt injections, the malicious commands attackers embed into content to entice LLMs to follow them, ...