Kevin BeaumontNew by me - Microsoft Vibing. A very strange fake open source project published by Microsoft employees, which gathers screenshots and voice recordings of users with unique machine identifiers attached. Not sure how this one has happened.
This Vibing one is a fun blog btw as every page it gets to be a bigger version of this
Since publishing my blog, Yaoyao Chang, who authored Vibing, has removed references to it from Microsoft’s VibeVoice repo - marking the change as “removing outdated links”. https://github.com/microsoft/VibeVoice/commit/e73d1e17c3754f046352014856a922f8208fb5d3
I withheld a load of details from the blog on this so far btw, if you're a researcher and want a laugh pull the binaries and have a look at what the MS Research team were doing and poke the backend.
Something tells me Microsoft are going to end up freezing the Azure backend for Vibing and having a security incident.
Vibing has been suspended and downloads removed pending a compliance review by Microsoft. https://github.com/VibingJustSpeakIt/Vibing
Also worth noting - Yaoyao Chang made the changes to the Vibing-Team repo, which is the first time Microsoft has officially been linked to Vibing.
It’s a very strange situation where MS were covertly operating an AI service, while pretending it was an open source project.
Microsoft are now trying to hide the compliance review message, by removing the download links and removing the compliance review messages on Github. https://github.com/VibingJustSpeakIt/Vibing/commit/ab8e6302543754685f85cf02e02d1d0287d2f4f0
Did anybody happen to the screenshot or archive the Microsoft Vibing website ( https://vibingjustspeakit.github.io/Vibing/ ) and Github ( https://github.com/VibingJustSpeakIt/Vibing/ ) showing the compliance suspension messages before they were deleted? The changes are archived on GitHub, but I'd like to document what they looked like prior to removal.
An attempt to hide the MS link with Microsoft Vibing on GitHub - “This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.” - the commit hiding the compliance review has been redone today without Yaoyao’s name on it.
New commit: https://github.com/VibingJustSpeakIt/Vibing/commit/84c82ccad2092b4bc2dffe5c96ef8c8d4466cc6e
Hidden commit: https://github.com/VibingJustSpeakIt/Vibing/commit/ab8e6302543754685f85cf02e02d1d0287d2f4f0
So @dangoodin asked Microsoft about Vibing - they’ve confirmed it is a Microsoft research project. They say “We have removed the application as we review its functionality and adherence to our policies. We remain committed to responsible AI and are taking appropriate steps as part of this review.”
I’ve updated my write up. https://doublepulsar.com/microsoft-vibing-capturing-screenshots-and-voice-samples-without-governance-6973c48f03a7
Here's a question - re the Microsoft Vibing thing.
Microsoft didn't disclose they were behind Vibing, multiple staff pretended on Github it was an open source community project (it wasn't), one specifically said they weren't involved (they were), they collected screenshots and mic recordings, and it had no security, compliance or AI review by Microsoft.
Is that okay?
If anybody is wondering - almost a month later, Microsoft Vibing is still suspended, the infrastructure is offline and the downloads gone.
GarretSidzaka@GossiTheDog
Not every hero wears a cape.
Not every hero wears a cape.