A really good article on #engineering , #hacking and #accessibility , reminding us not to pretend that we know the problem better than the people who experience it. We need to listen to them without preconceptions.
I think it is a very important foundation of #solarpunk .
Unpatchable security flaw in Apple Silicon Macs breaks encryption
'University researchers have found an unpatchable security flaw in Apple Silicon Macs, which would allow an attacker to break encryption and get access to cryptographic keys.
The flaw is present in M1, M2, and M3 chips, and because the failing is part of the architecture of the chips, there’s no way for Apple to fix it in current devices …'
As I stray closer to the present day in my #FOIA requests this is the first one of these I’ve gotten, from the #FBI. Request was for records on poodlecorp. #hacking#hacker#history
Feel safe leaving stuff in your hotel room? Well, kiss that goodbye. Researchers have figured out how to hack Saflok secured doors. They just grab a keycard, scan it for a code, write two new cards, and then tap both on the lock in question, and it opens. Saflok maker Dormakaba is aware of this and has been working on fixes for the past year and a half, but it involves people going to ever single door, so some are sure to be missed. Fun. #hacking#travel#securityhttps://www.wired.com/story/saflok-hotel-lock-unsaflok-hack-technique/
#AI#GenerativeAI#RedTeaming#Cybersecurity#Hacking: "Like any computer software, AI models share the same cybervulnerabilities: They can be hacked by nefarious actors to achieve a variety of objectives including data theft or sabotage. As such, red teaming can offer one approach for protecting AI models from external threats. For example, Google uses red teaming to protect its AI models from threats such as prompt attacks, data poisoning, and backdooring. Once such vulnerabilities are identified, they can close the gaps in the software.
To address the potential risks of AI, tech developers have built networks of external experts to help them assess the safety and security of their models. However, they tend to hire contractors and require them to sign nondisclosure agreements . The exercises still take place behind closed doors, and results are reported to the public in broad terms.
Especially for the case of AI, experts from Data & Society, a technology think tank, say that red teaming should not take place internally within a company. Zenko suggests that “not only is there a need for independent third-party validation, companies should build cross-functional and multidisciplinary teams—not just engineers and hackers.”" https://spectrum.ieee.org/red-team-ai-llms
#AI#GenerativeAI#ChatBots#ASCII#Hacking#CyberSecurity: "Researchers have discovered a new way to hack AI assistants that uses a surprisingly old-school method: ASCII art. It turns out that chat-based large language models such as GPT-4 get so distracted trying to process these representations that they forget to enforce rules blocking harmful responses, such as those providing instructions for building bombs.
ASCII art became popular in the 1970s, when the limitations of computers and printers prevented them from displaying images. As a result, users depicted images by carefully choosing and arranging printable characters defined by the American Standard Code for Information Interchange, more widely known as ASCII. The explosion of bulletin board systems in the 1980s and 1990s further popularized the format." https://arstechnica.com/security/2024/03/researchers-use-ascii-art-to-elicit-harmful-responses-from-5-major-ai-chatbots/
@codeandcontext So happy we are starting to work with our new Lab infrastructure! Tomorrow Sarah will help us install the AYAB module on our brother KH-930 knitting machine. Happy that I get the chance to explore the world of textile and knitting in my Lab! @yaxu dragged me into this field, still remembering the Algomech conference on unmaking and my visits to the Penelope Project. Now I am looking forward to creating patterns in textile with analog hardware and analog to digital interface yet to be developed. #textile, #hacking, #ayab
Hacker-for-hire gang with links to Pune police planted emails on the computers of Bhima Koregaon accused: new book
The mercenary hacker gang, headquartered in India, remotely implanted evidence, according to LSE professor’s book; cites cybersecurity researchers to claim gang’s connection to a Pune police officer.
Silence du gouvernement après le piratage massif de données de France Travail: 43 millions de Français sur... 20 ans, un boulevard pour l'usurpation d'identité. Il y a bien une ministre au numérique, Marina Ferrari, aux abonnées absentes. La CNIL dit "accompagner l'organisme" pour l'aider à "informer les personnes concernées". 43 millions de Français, cela mériterait plus une sanction, non? https://www.cnil.fr/fr/france-travail-la-cnil-enquete-sur-la-fuite-de-donnees-et-donne-des-conseils-pour-se-proteger