Ian Holmes, CISSP

Homeland Security funding for CVE program expires : Because vulnerability management has nothing to do with national security, right?

This is insane. They're intentionally weaking our cybesecurity posture so that Russia, can exploit it.

YouTube video by Computerphile Generative AI's Greatest Flaw - Computerphile

Very illuminating video from Computerphile on "Indirect Prompt Injection" - described by NIST as "Generative AI's Greatest Flaw." #AI #security

hey I am trendy too

AI has been operating under the "move fast, break things" mindset - they're sucking up everything and then hoping they can fix it all on the backside with iterative refinement. At some point, the future of AI will have to come down to biasing input towards "known good" non-AI-generated content.

Russian propaganda web tricks 33% of AI responses in 49 states The Kremlin's propaganda network flooded the web with 3.6 million fake articles in 2024 to deceive the top 10 AI models, a report reveals.

One aspect of #AI that we generally don't talk about is how easy it is to poison it with propaganda. Garbage in, garbage out is the oldest problem in computing. AI Safety needs to include vetting input - and that task is probably impossible without AI tools built to detect disinformation campaigns.

Well now the admin is calling it a "glitch" - I am sure Signal hates that take haha.

Is this good publicity for #Signal - it's being used as an illegal back channel communication system by the Pentagon - but the people using it are so incompetent it's almost guilt by association. Honestly can't tell.

Just made the jump to GrapheneOS. It's a good time to evaluate your privacy and security decisions. Google's "Don't be Evil" was never actually an official motto, but they've been much less idealistic in recent years. Android is a great OS, even better without Google. #grapheneos #android #pixel

Claude Code is scary good. Embarassing for Github Copilot how far behind it is. #anthropic #ai #claude #copilot

That feeling, after you're a new position and have been wondering if you're in over your head, when all the sudden you are knee deep in the work and realize you're kicking high degrees of ass at it, that is a great feeling.

A fox is in the hen house.

Shock as U.S. Caves to Russia in Cybersecurity Fight The Cybersecurity and Infrastructure Security Agency has reportedly received a new list of directives which exclude Russia as a threat.

From a cybersecurity perspective, this is actually insane. It confirms Donald Trump has been compromised, a fact I've known since 2016. It's obvious if you look for it. #cybersecurity #russia

#amd #rx9070

One of my favorite fun facts about AI is the dumber you are the dumber your answers will be. It's a system of biases, you're subtly prompting it with your own ignorance.

I vastly prefer the terms "machine learning" or "gen text" etc to this stupid moniker of "AI". Intelligence implies cognition. Even apps that use text generation for decision making are not performing cognition, it's correlating text relationships, and then iterating. Not thinking. #ai

If I am being real, part of it is stubbornness. People are comfortable with their castles and moats, even though there are 300 bridges and tunnels into the castle, even if they spend most of the time shoveling the stables, they're at least comfortable doing that stuff. It's familiar, at least.

Obviously it takes time and resources to adapt to new technologies, but the thing about the new technologies is they often are much simpler and ultimately give you time back. That's why it's debt. Every time you go through some goofy manual process, that's an interest payment.

Using outdated paradigms is a form of tech debt. Organizations should consider this when they build out new deployments with ancient architectural concepts. Infrastructure as Code, Config Management, Zero Trust - it's one thing to run legacy systems, but come on get modern, stop deploying them!

This blows my mind.
20 years ago, I worked at the Titusville Staples. We used to sell 32 megabyte flash drives. I remember describing them to people at the time "the capacity of 20 floppy disks."
I now have a ONE TERABYTE microSD card. Thats SEVEN HUNDRED THOUSAND FLOPPY DISKS. #tech #computers

CISA: Don't use SMS, it's not secure.

Signal: We require SMS to sign up. Shut up nerd.

#signal #privacy

Yeah, but trying to de-google my phone and browser (using Thorium) has made me realize all the subtle ways they're able to collect "anonymized usage statistics" about my usage/data. Keyboard auto compete, search, voice assistant, genAI assistants, play store, maps, even the launcher... Its so much.

I feel like the rise of AI, coinciding with the rise of authoritarian right wingers, is making a lot of people reconsider security and privacy. For one, I've always been big on opsec but privacy wasn't a huge concern... but AI tools make it a lot more sinister so I'm breaking up with Google.

It's certainly suspicious they would rather the banned and lose it all then sell and take a minority stake.

Web 2.0 was a mistake.

Tulsi Gabbard, obvious Russian plant, is told that she needs to be a little less obvious. #spycraft

Its just so they can send "anonymized usage statistics" about what you're texting about to advertisers.

That's too bad, seems like an obvious niche.

Re: VAs and corporate laziness, the moment I hear computer voice on YouTube or something I immediately find another creator because it means they probably put the bare minimum amount of effort and the script is probably just botspam too.

Give it graphene os, then maybe I'll buy one.

I'm as much of an environmentalist and AI critic as anyone I know, but for the sake of consistency if this particular criticism was significant, it'd also be a reason to hate people for playing videogames, 3D modeling or even, yes, social media. AI sucks because its IP theft that lies by design.