Toby Murray's Avatar

Toby Murray

@tobycmurray.bsky.social

Professor at University of Melbourne and School of Computing and Information Systems cyber lead; Director @dsi-vic.bsky.social; Oxford DPhil (@compscioxford.bsky.social; @hertfordcollege.bsky.social). Cyber, verification, etc. He/him

808 Followers  |  228 Following  |  173 Posts  |  Joined: 08.08.2023  |  2.0185

Latest posts by tobycmurray.bsky.social on Bluesky

Post image

You are an Early Career Researcher in #cybersec? Here is an opportunity: The AEC chairs of @USENIXSecurity '26 are looking for (self)nominations for the Artifact Evaluation Committee. Deadline: October 17th, 2025, so sign up soon!
@chwress.bsky.social, @kumarde.bsky.social, @aurore-fass.bsky.social

10.10.2025 10:16 β€” πŸ‘ 5    πŸ” 9    πŸ’¬ 0    πŸ“Œ 0

Amazing. Can you say more about how this was produced?

10.10.2025 12:27 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

there's still great websites on the internet rouses.net

10.10.2025 00:02 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 2    πŸ“Œ 0

It never fails to amaze and frustrate when it’s the companies pushing security products that fail the most basic tests of secure product development

10.10.2025 00:59 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
High Court endorses use of encrypted phone app to monitor crime figures The High Court has ruled on the use of information gathered through the AN0M app, which was developed by the Australian Federal Police for surveillance.

The latest chapter in the ANOM story, in which the FBI and AFP deployed a fake secure phone system to spy on organised crime. The Australian High Court has unanimously ruled the operation legal and data collected can be used as evidence in prosecutions www.abc.net.au/news/2025-10...

08.10.2025 02:50 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

This is a feature, not a bug. Rare events are, by definition, more informative than common ones.

07.10.2025 23:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Congratulations to you, Ally, and to TOPLAS. Bright times ahead

06.10.2025 23:07 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

There’s a reason that human-to-human touch produces such strong emotional reactions, that the slightest unintended brush between humans elicits β€œsorry”. Humanoids will surely be unsafe to operate with humans absent such fine sensing.

27.09.2025 04:22 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

The deadline for my postdoc on scalable clinical decision support is closing in 1 week: 4 October (Australian Eastern standard Time). Please share with anyone that you think would be interested

26.09.2025 00:42 β€” πŸ‘ 0    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Claude Can (Sometimes) Prove It

I wrote about Claude Code, which to my absolute astonishment is quite good at theorem proving. For people who don't know theorem proving, this is like spending your whole life building F1 engines and getting lapped by a Tesco's shopping trolley www.galois.com/articles/cla...

16.09.2025 22:46 β€” πŸ‘ 15    πŸ” 5    πŸ’¬ 1    πŸ“Œ 1
Recruitment

I'm hiring again! Please share. I'm recruiting a postdoc research fellow in human-centred AI for scalable decision support. Join us to investigate how to balance scalability and human control in medical decision support. Closing date: 4 October (AEST).
uqtmiller.github.io/recruitment/

16.09.2025 04:34 β€” πŸ‘ 2    πŸ” 7    πŸ’¬ 1    πŸ“Œ 1

My university is now on Bluesky πŸ’™

16.09.2025 06:39 β€” πŸ‘ 43    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0

Neat paper showing that automated bug fixing systems can be manipulated into introducing security flaws (eg. reverting CVE fixes) into your code. arxiv.org/pdf/2509.05372

13.09.2025 13:48 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

You’d think that the car company run by the bloke who runs a rocket company would have learned from Apollo 1

12.09.2025 07:13 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I’m hindsight it will seem obvious I think that perhaps the most under appreciated factor that kept memory safety so dangerous for so long was that no single company had control over the hardware, OS and compiler.

10.09.2025 08:51 β€” πŸ‘ 5    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image 09.09.2025 03:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
e-petitions e-petitions

My petition to the πŸ‡¦πŸ‡Ί Australian government: make part-time PhD students' stipends tax exempt!

πŸ“‹ Read and sign here: www.aph.gov.au/e-petitions/...
⏰ Deadline: October 1

03.09.2025 05:54 β€” πŸ‘ 19    πŸ” 18    πŸ’¬ 4    πŸ“Œ 3

Just as with social media in 2010s, the current environment seems to grant new technologies a presumption of innocence when it comes to harms. We need high quality evidence; or risk blunt regulation eg UK Online Safety Acy, AU Socmed ban etc

28.08.2025 23:23 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I agree with the conclusion but quibble:
1. The lack of evidence linking to ChatGPT in the case of the VC’s purported public psychosis
2. The correlational evidence in the linked RCT being used to argue causation
3. Overly simplistic solutions like aborting conversations about suicide

28.08.2025 23:23 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

❀️

27.08.2025 23:19 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Opinion | Students Hate Them. Universities Need Them. The Only Real Solution to the A.I. Cheating Crisis.

Thoughtful reflections on how universities can and must adapt to the rise of generative AI, including by returning to ancient practices. www.nytimes.com/2025/08/26/o...

Left unaddressed is how scalable online education will survive the rise of AI without sacrificing academic integrity

27.08.2025 10:48 β€” πŸ‘ 5    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Can't even build death star anymore, because of ewok

26.08.2025 06:49 β€” πŸ‘ 5661    πŸ” 1313    πŸ’¬ 46    πŸ“Œ 21

And Australia

26.08.2025 07:33 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

A university and an academic publisher walk into a bar.

The publisher orders a pint, sells it back to the university, asks the barman to pay the bill.

26.08.2025 02:19 β€” πŸ‘ 94    πŸ” 19    πŸ’¬ 0    πŸ“Œ 1

Given that so much of what passes for professional boils down to looks and feel, it’s not surprising that GenAI should be used to produce professional reports

26.08.2025 01:23 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Consultancy firms win nearly $1bn in Australian contracts in past year despite new outsourcing rules, research shows Greens senator Barbara Pocock says figures do not match Labor government’s rhetoric about cutting back on use of consultants

Let’s be real. If one wants proper, rigorous research, then one asks a university and not a consultancy firm. I’m not sure that GenAI is materially damaging the quality of the average consultancy report. Meanwhile … www.theguardian.com/australia-ne...

26.08.2025 00:55 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

A key corollary is that big mistakes early in a chat can lead to compounding errors later on. This is perfectly exemplified by the scenario in the linked story: a sycophantic early response that indulges a user’s false hopes, on which the LLM repeatedly doubles down as the chat progresses.

23.08.2025 13:01 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Put another way: the longer the chat (or the more β€œmemories” it draws on from prior chats) the more likely the LLM is high on its own bullshit.

23.08.2025 12:21 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Chatbots Can Go Into a Delusional Spiral. Here’s How It Happens.

A forensic article on LLM induced hallucinations. www.nytimes.com/2025/08/08/t... A much simpler explanation is that errors *accumulate* in long LLM conversations because the LLM’s next answer deep in a chat is a literal function of all of the prior bullshit it has generated so far.

23.08.2025 12:19 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

I reckon the quality of CSUR had been going steadily downhill well before the arrival of GenAI. Ever more surveys on ever more narrow topics, of little value to anyone. I’ve heard colleagues liken to academic pollution. Deep Research and co surely only accelerating that trend

23.08.2025 11:29 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@tobycmurray is following 20 prominent accounts