Olivia
Online
Andy White
@arcwhite
Employee #1 and Director of Software Engineering (AU) @bugcrowd. Ruby, infosec, pol. He/him Social media is bad for you Cryptocurrencies are bad for the planet.
Sydney, AU
Joined November 2008
769 Following
1.3K Followers
11.9K Posts
My AI assistant refuses to believe that Anthropic launched a model named 'Fable 5', I've had to tell it to go google it, even gave it a link and it accused me of winding it up. I'm not entirely sure how to feel about these developments.
Oh man we're talking about vulnerability disclosure again!? Sweet it's like the 2010s came back 'round and nobody vendor-side learnt any damn thing
This is required reading today.
@caseyjohnellis didn't even write this today about MSRC - but it nails it.
Full disclosure IS the agreed upon path forward to keep a vendor in check who stonewalls, threatens, or otherwise is shit to work with for security researchers.
I've got an agent in a loop optimizing a renderer with the goal to minimize frame times (and tests to measure). It got times down from 88ms to 2ms and allocations down from ~150K to 500. Sounds good, right? Wrong. This is exactly why agent psychosis is a big fucking problem.
As an experiment, I rewrote the Ghostty core render state in Go, with access to identically laid out data structures as Ghostty and the exact same validation tests. I made a purposely naive renderer (simple, correct, but slow). 88ms per frame with 150,000 allocations (horrendous, lol)!
I then kickstarted a Ralph loop to bring the frame times down. I told it it can't modify input data structures or the public API or tests (they're correct), but it can do anything else it wants. It got to work.
It has worked for about 4 hours. I've spent around $350 on this experiment so far. The results?
88ms => 1.5ms
150K allocs => ~500 allocs
Incredible right? Nope.
My hand-written renderer I ported has frame times (same benchmark) of ~20us (0.020ms) and 0 allocations in the update path.
This is the problem with psychosis and lacking systems understanding. If you don't understand the system, you're going to accept that this is an incredible result. If you understand the system, you'll see better solutions immediately and can do roughly 75x better on throughput.
The people who blindly trust agent output are in the former camp. They're sheeple, overdrinking from a fountain of mediocrity.
Standard disclaimer: I use AI all the time. I like AI. The point I'm making is to not blindly accept results. Think. Analyze. Learn.
Who to follow
Assetnote 
@assetnote
Assetnote combines advanced reconnaissance and high-signal continuous security analysis to help enterprises gain insight and control of their evolving exposure.
Sajeeb Lohani (prodigysml / sml555)
@sml555_
Global TISO (Snr Director of) Cybersecurity @Bugcrowd | Web Security Lecturer (Masters) @ Melbourne University | Top 40 @Bugcrowd | #2 DVuln | Investor
𝚖𝚎𝚛𝚝 🦧
@mertistaken
hacker / bug bounty hunter / worldwide #1 on critical-high submissions https://t.co/djEccIleby
you know how nobody likes talking to the security people?
i hear you saying "well maybe i like that? more time for computers?"
so true, but if you don't talk to them about computers, the marketing people will
still not quite over the fact that i watched 15 year olds get sued for millions of dollars for downloading twelve songs and now we all have to accept AI slop because every tech company in the known universe decided that IP laws don't exist now that they're inconvenient for them
On the latest round of fertility discourse, friends don't let friends share chart 1 without the important context of chart 2, which is @lymanstoneky's child-survival adjustment:
@_godiego__ @infosec_au Bonjour! https://t.co/njD1wmeyH0
ID verification now required to participate in paid programs.
It simultaneously feels like 1) I can use agents to build anything quickly, but also 2) they have no sense of aesthetics when writing code, so everything comes out a mess, never unified by any vision. It's such a bizarre combination.
"If anything changes, I will be forced to raise it by the exact amount I already will be" he said to the media.
Cybersecurity is just software engineering’s PvP mode
My kinda hot take on the Mythos stuff is really that there is so little money in offensive research that it's still not really that hard to find bugs. These AI companies are operating with budgets that make the entire offensive research of all big tech combined look like a joke
I absolutely admire how he’s able to speak so well on camera
Anthropic: My strongest models would kill you, traveller. You cannot handle my strongest models.
@kaorrosi High-five, fellow lip-ring-haver!
shit has gotten weird
Jordon Steele-John unleashes on Pauline Hanson after she accused ppl with disabilities of rorting the NDIS
“You have no right to speak on disability issues until you have cleaned up your act”🔥 & using “taxpayer money” to attack disabled ppl with “disgusting” animations #auspol
Reading Dune. Frank Herbert was cooking.
@InsiderPhD I wasn't involved personally but from previous startups and what I saw: VC backing goes far with Bay Area banks, especially if you could (at the time) describe it as "uber for X". That, a healthy dose of charisma, and a lot of blood sweat and tears over the KYC/AML requirements
Last Seen Users on Sotwe
DesahanMantan
Seen from Indonesia
แบ่งปัน
Seen from Thailand
Aye
Seen from Ecuador
ชองสวิง หาเดี่ยวค่ะ
Seen from Thailand
LisaOVERdrive ˗ˏˋ ۶ৎ ˎˊ˗.
Seen from United Kingdom
Tobias
Seen from Jordan
jilbab asik
Seen from Indonesia
Mamih Entin
Seen from Indonesia
Afghan
Seen from Pakistan
KÖLE FURKAN 06
Seen from Turkey
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.2M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers