The United States Copyright Office (USCO) recently issued a decision that AI-generated images cannot receive copyright protections if they are made with little human input. But the finding isn’t necessarily an indication of where US law is going to land on numerous legal questions about machine-generated works, like AI-written code, experts told IT Brew.

In September 2022, the USCO approved Zarya of the Dawn, a graphic novel by Kris Kashtanova utilizing AI-generated art, as an intellectual property protected by copyright. However, the USCO has since amended the copyright certificate to exclude the AI-generated images contained in the book. Reuters described the decision as “one of the first by a US court or agency on the scope of copyright protection for works created with AI.”

The USCO wrote that the work still qualified as a copyrightable “compilation,” finding individual elements, such as text and the selection and layout of images, are the work of the author. But it also wrote that the images themselves are “not the product of human authorship,” because Midjourney, the AI used to create them, is not a human-guided tool like a graphics editing program.

In mid-March, the USCO further clarified its position, stating that while artwork made entirely by an AI might not be copyrightable, final work can still receive protections if a human made substantial contributions, such as extensively editing a piece of AI-generated art in Photoshop.

“There’s been no doubt up to now at least that creativity meant human creativity,” Daniel Gervais, a Vanderbilt University law professor who specializes in IP and AI, told IT Brew. “Now, the machines produce something that definitely looks like it was the result of creativity, but it’s a different process entirely.”

Read more here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.

Staying on track can be tough.

If it seems like just about every industry is facing cybersecurity threats as they move further and further toward a digital future, well, that’s because it’s true. And global railways are no exception.

Shawn Smith works as VP of business development and strategic alliances for Cylus, a cybersecurity company that is focused specifically on the global rail sector.

IT Brew caught up with Smith at CES in January to talk about how threat actors are targeting the sector.

This conversation has been edited for length and clarity.

What are you doing at Cylus with respect to railway cybersecurity, and why is this so important?

When we established the company five years ago, we foresaw significant digital change that was coming on the horizon within the rail sector. All of the good benefits—digitization, efficiency, automation, passenger safety, lower costs—are counterbalanced by all of that technology increasing the threat landscape that these organizations have to deal with from a risk perspective. We saw that this industry was underserved by the cybersecurity community at large, from a software and tooling perspective. And we also saw a trend that, particularly within security for operating technologies, there would be a growing need to have very purpose-built capabilities that aligned to the needs of specific industries.

We built a platform that enables rail operators to fast-track their security programs by delivering visibility into their operating environment, understanding risks, and then applying monitoring and threat detection capabilities….whether they’re trackside systems like signaling or interlocking—really the foundational systems that enable you to operate in that environment—[or] the rolling stock and train sets, now [they] are interconnected and communicate over standard information technology, functions, and capabilities.

Keep reading here.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Sometimes the high-tech solution is actually what you need to solve a low-tech problem.

Hyundai and Kia are rolling out software fixes after a trick involving a USB cable and a screwdriver led to car thefts going viral on TikTok and other social media sites.

Hyundai is the parent company of Kia, and updates for 3.8 million affected Hyundai cars and 4.5 million affected Kia cars have begun to be rolled out, free of charge.

The exploit relies on unscrewing the outer steering wheel and removing the ignition casing, then using a USB cable to turn the switch on. The switch casing has a sensor in it that detects a sensor in the key and won’t allow the car to be turned on without it—stopping the jam-a-screwdriver-in-there trick you see in movies.

But by removing the ignition case completely, and substituting the USB for the key, thieves are able to start the car with ease.

In a statement, Hyundai Motor America CEO Randy Parker said that the company had begun rolling out the fix to Sonatas, Elantras, and Venues first because those cars are the ones being targeted the most. Other Hyundai cars will receive software updates in June.

“We have prioritized the upgrade’s availability for owners and lessees of our highest selling vehicles and those most targeted by thieves in order for dealers to service them first,” Parker said.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Today’s top IT reads.

Stat: 20%. That’s the drop in bonus multiplier for Meta employees in the company’s latest move to cut costs. (the Wall Street Journal)

Quote: “We needed to stay ahead of the curve to ensure that the data can’t be decrypted for the next thousand years, and the only way we can do that is by being secure against quantum computers.”—Sean Prescott, CTO of VeroWay Group, on the fight against quantum hacking (ITPro Today)

Read: How Amazon Sidewalk is changing the wireless game by creating a mesh network in your neighborhood. (Wired)

End to endpoint: Don’t let security lapses leave you vulnerable. With CIS Endpoint Security Services (ESS), you have the tools to identify, detect, respond to, and remediate endpoint issues in real time. Get started here.*

^{*This is sponsored advertising content.}