YourShadowDani
Ian Campbell đ´i love that we went from "zero trust" as a fundamental buzzword to "trust autonomous nondeterministic agents everywhere in your stack"
Ronny Lam
GhostOnTheHalfShell
waldi@GhostOnTheHalfShell @neurovagrant You forgot to patent it first.
Jeff GriggAutonomous agents designed to follow "instructions" regardless of source. So there is really no defense against "agent (command) injection" attacks.
đą đą đą đą đą đą đą đą đą đą đą
Alice 
@neurovagrant I'm sure some people even combine these 2 at once
@neurovagrant zero trust except for our slop machines
Bruce Simpson, Ph.D.@neurovagrant Jensen Huang piping some random site into his | bash for the LOSE.
UsagiJer đ° ā˛āŗā˛°āŗā˛Žā˛ŋ@bms48 @neurovagrant I was just coming here to mention that. you win :)
da_667@neurovagrant I still think your last observation about humans no longer being the weakest link in the chain is everything wrong with LLMs and I'll die on that hill.
@neurovagrant y'all remember the old demotivator memes from the early 2000s?
One of them read "None of us is as dumb as all of us." LLMs are non-deterministic balls of shit put together with the absolute dumbest takes from Reddit and StackExchange, thrown into that non-deterministic blender, to shit out what is probably the most awful code known to man. None of us is as dumb as all of us.
@da_667 oh my god, i remember those.
it came to pass. this can't be good.
RootWyrm đēđĻ
@neurovagrant @da_667 I mean, there's still an outlier on the stupidity front.
The problem is they're the dictator with the 'most powerful military in the world.'
@rootwyrm @neurovagrant The minute his obituary is announced I'm just going to post the first sentences you see in the game, Brigador:
Great leader is dead.
Solo Nobre Must Fall
Welcome, Brigador
Zimmie@da_667 @neurovagrant That one was Meetings from https://despair.com/collections/posters/products/meetings
I have a big lithograph of Idiocy (a ring of skydivers captioned âNever underestimate the power of stupid people in large groups.â).
For a while, they sold a shirt labeled âInsecurityâ.
TheJaySunday@thejaysunday @da_667 @neurovagrant Agile! Because it sounds better than the other term we use for an unending series of sprints.
@bob_zim @da_667 @neurovagrant you got me. I was an agile product owner for 10 months. Then burn out and depression.
@thejaysunday My team is chronically understaffed. During one of the âWe know agile has never worked for IT infrastructure in the past, so weâll be the first to make it work!â cycles, they put each of us on four or five different agile teams. Each one had a 45 minute standup every day. It was this incredible combination of every wrong way to do agile, all together.
And they wondered why none of the work my team does was getting done in a reasonable timeframe.
Viss
@da_667 @neurovagrant i bought these when i worked at websense in like 2001. now they live on the art wall in my office
Jeremy7o2
Paul_IPv6ah yes. the demotivational posters. we had a mostly complete collection on the walls of a startup i worked at.
AprazethOh wow. That brought back some memories
They also had a glass coffee mug with the text "the glass is now half empty" Loved that mug. Till it got dropped by someone :-/
Stupidly expensive to replace now (look it up) on eBay or such
The Doctor@da_667 @neurovagrant Geez. I remember when folks used to get fired for having those on the wall at work.
David Penfold 
@davep thanks, i hate it.
Just in case you missed the LinkedIn Speak translator...
https://translate.kagi.com/?from=en_gb&to=linkedin&text=let%27s+go+
@neurovagrant Yikes. Just saw it uses AI. BOLLOCKS.
@neurovagrant Actually, I don't mind so much when AI is used for this sort of thing. It's more focused, inherently nondeterministic, and can be a much smaller model trained using wannabe psychopaths on LinkedIn.
Martin Vermeer FCD@davep @neurovagrant Vaguely curious what that training corpus looks like. But yes it's true, translation is a language thing, what LLMs are for, and inherently fuzzy anyway. And this is really only for entertainment, so not critical.
Anarchism School Dropout
MacCruiskeen@neurovagrant "zero trust" was questionable bullshit even then. The implication of "zero trust" was to not trust the *human element*, to privilege the code over the human. Now that the tech bros are close to removing the human element entirely, the mask is off.
Lianna Begett@neurovagrant
They distrust humans due to their fallibility and potential ulterior motives, while they believe 'AI' to be an objective machine.
It's a weird situation where they both anthropomorphise algorithms by ascribing intelligence and intent to them, while at the same time relying on the fact that they're algorithms as a reassurance that they are objective mathematical and logical tools.
It's cherrypicking the best of both worlds â simultaneously supposedly thinking and infallible.
@neurovagrant 'Zero trust' has always been about potentially nefarious human intentions and sabotage, and since so-called 'AI' cannot have intentions and are supposedly merely doing what they're told as they are programs, they are considered inherently trustworthy.
The problem is that they think of 'AI' in terms of a traditional program: we know what it does because we programmed it, so it cannot do anything it's not supposed to do, unlike a human.
They ignore the black-box nature of 'AI'.
Ellie@neurovagrant RCE as core business value
Michelle (she/her) 
Laura@neurovagrant Andâof courseâproviding government ID to every random website for â¨safetyâ¨
stony kark@neurovagrant @blogdiva imo "zero trust" was only marketing spin for "trust only me"
canleaf08â
å æŋ大čå đŗī¸âđâ§ī¸đĒđēđ@neurovagrant banana software not maturing at the customer
luca@neurovagrant Zero trust still holds, for humans.
David Chisnall (*Now with 50% more sarcasm!*)The original Zero Trust paper said, basically: assume endpoints are compromised. Design your system such that a compromised endpoint won't doesn't impact your global security. It rapidly became: massively increase your attack surface by running a load of privileged code on every client that doesn't actually have the ability to make strong security claims and, if that code claims the device is compliant, treat it as completely trusted.
There's a reason I assume TRUST in Zero TRUST is an acronym for 'Thinking Rationally, Understanding Security and Threats'.
W6KME@neurovagrant The same way we went from "never get in a car with a stranger" to...
Jonathan Kamens 86 47@neurovagrant we laugh so we don't cry
@neurovagrant Can I quote you on that?
@neurovagrant Thank you kindly.
Tock@neurovagrant Hardened security, end to end encryption, and eliminating SPOFs kind of fell by the wayside to "yuck, yuck, of course AI is safe!"
Joy_intl@neurovagrant I think the problem started with "move fast and break things" as the ideal way to do things..
@Joy_intl what they never admit is that "things" means "people"
TormodOur CEO used the words "zero trust" and "agentic AI" in the same sentence - as examples of what we are all-in on. It was a public event.
Rui Seabra@neurovagrant
Zero trust was always about full trust on proprietary blobs, so that's nothing new, really. ;)
Zero trust was always about full trust on proprietary blobs, so that's nothing new, really. ;)
Greg Bell@neurovagrant @wendynather *I* have zero trust for them, but that doesn't seem to stop anyone
rainynight65@neurovagrant Zero Trust was always overengineering, but the eagerness with which the same Zero Trust advocates are punching holes in their security setup so LLMs can have free reign and we can have some of this "don't get left behind, look at how much time/money you can save with this" is astounding.
synlogic4242@neurovagrant from least authority to OpenClaw