If you're at @BlackHatEvents Europe today, come check out the launch of SaferPickle, our framework for preventing unsafe pickle deserialization. @geolit_ and I will be making dumb pickle puns and explaining our research!
https://t.co/xQEYD20RwL
There is a paper attributed to me on Google Scholar that never existed. Sadly, this "paper" has multiple citations in peer-reviewed work. So yes, please read your citations.
Academic Twitter is having a meltdown because some people have just learned that you should actually read the sources you cite. This really shouldn't be as controversial as it appears to be.
People confuse "top secret" with "only know to a small few". Classification is oftentimes the result of *how* the information was found. "It was sunny in Moscow yesterday " could be top secret if it was derived from Putin's text messages, and unclassified if pulled from a website
I handled Top Secret information only a handful of times in my military career.
Every time I did, I remember thinking to myself "Why is this classified? Everybody suspects this is true, it's just common sense..."
But then I remembered that the reason the data was classified was so that no one in the know would or could ever confirm or deny whether "common sense" suspicions were actually true.
THAT is the power of security classifications.
My point is this: it does not matter whether or not anyone has a common sense suspicion that stores of precision munitions might be depleted. When Kelly officially verified that suspicion at the individual munition level, he created a grave breach of national security.
Prosecute this traitor. Remember when some submariner went to the brig because he posted a picture from the inside of a sub? This is far worse.
Prosecute.
Kevin O'Leary's massive data center was approved by a county commission in Utah last night.
At 40,000 acres, it would be 2.5x the size of Manhattan.
The commission approved the proposal despite opposition from hundreds of locals.
Game theory is not designed to have predictive power, it is normative. Red is a strictly superior option because it has the same upside with no downside in case of defection. Game theory doesn't care if you opt for blue, it just gives you the tools to realize it is a bad choice.
Amazing how lots of self appointed game theory experts confidently asserting that blue is the stupid choice. But every time this poll is run blue wins. Not only is the “game theory” answer predicting the wrong outcome, its explanatory power is based on it being able to predict the right answer. So it’s doubly wrong.
If I was designing a cover for a spy who was going to photograph planes, I'd probably choose an aviation geek studying aeronautical engineering...oh wait.
So this Glasgow student just got himself in proper trouble with the FBI over aircraft pics.
His name’s Tianrui Liang, 21, Chinese guy studying aeronautical engineering at Glasgow Uni. He’s a massive aviation geek... been travelling round the UK snapping all sorts of aircrafts for his own collection. But he took it too far.
End of March he was at Offutt Air Force Base in Nebraska (that’s where US Strategic Command is) sitting in his car with a long lens, taking shots of the E-4B Doomsday Plane and an RC-135. Someone clocked him, reported it, and on 7 April the FBI nicked him at JFK while he was trying to fly back to Scotland.
He got bail at first then they yanked it and said he’s a high flight risk. Now he’s back inside facing charges for photographing military equipment without permission. He told them it was just for fun, but obviously the Doomsday Plane isn’t something you just casually snap from the perimeter.
Kinda mad how a hobby can land you in this much shit. What do you make of it... innocent plane nerd who didn’t think, or were they right to come down hard?
A lot of people don't seem to understand that if you ask an AI the SAME question, you will get the SAME answer. Every. Single. Time.
To avoid that, the models "salt" your prompt by adding random input params so that the model does not take the same path.
But LLMs are not random or unpredictable - if you ask it the name of TinTin's dog, and it gives you an answer, then the same model with the same weights and the same input will ALWAYS say Snowy.
an ai skeptic dies and goes to heaven.
god says "welcome, you can ask me one question."
man says "i gotta know, what really happened with mythos?"
god replies "it found tons of zero-day vulnerabilities, acting alone"
the man replies "wow, the ai hype goes deeper than i thought"
The biggest question when it comes to mitigating risks enabled by AI is uplift. If the only uplift a bad actor needs is knowing how to disable a shotgun's safety, no amount of guardrails would fix that. If AI didn't exist, a search query could provide the same uplift.
Buried in here:
Ikner opened fire at FSU less than 3 minutes after ChatGPT told him how to take the safety off of his shotgun
He also asked when the student union would be busiest…it told him between 11:30 am and 1:30 pm
He attacked at 11:59 am
I’ve interviewed 100s of people, here’s a realistic question that really helps weed out the cybersec candidates:
Would you surrender your admin password to a stranger for $10million in btc?
>If they say yes, they can’t be trusted
>if they say no, they’re stupid (or lying)
We are still looking at the axios supply chain compromise, but we’ve attributed it to UNC1069, a suspected DPRK actor, who we covered in a blog this February. They are financially-motivated and historically DPRK uses these incidents to target crypto. https://t.co/RIeOp14UNU
@AhmedSQRD@steren #4 doesn't annoy anyone, but #2 can be a serious pain when writing things like python/go code compared to how the rest of the world does it. Try out Bazel some time if you want a feel for how Google's build system feels. Great for scaling, not fun day-to-day.
> be me
> crash out over LiteLLM supply chain attack
> get dm
> look inside
You are correct. It was a success. I apologize. I was wrong. You have indeed committed aggravated identify theft at an international level.