Stephen Hoffman

@[email protected]
253 Followers
196 Following
3.8K Posts
VSI OpenVMS, Apple macOS, iOS, iPadOS; Server & Network Security; IP & DECnet Networking; TLS, DNS, C et al. ⌘ irc·2600·net #vms pwd:VMS
Stephen Hoffman1d ago
Farce Majeure2d ago
If you're using Ubuntu, Julian Klode wrote a post about the upcoming Secure Boot certification expiry here: https://discourse.ubuntu.com/t/microsoft-uefi-ca-rotation-what-it-means-for-ubuntu-users-and-vendors/82652
Microsoft UEFI CA rotation: What it means for Ubuntu users and vendors

Microsoft’s 2011 UEFI and KEK CAs are set to expire in June 2026 and are being replaced by 2023 CAs. While existing boot assets will continue to work, future shim bootloader updates from Canonical will use the new 2023 CA. Failure to update the CA on existing Ubuntu installations (26.04 LTS and earlier) will lead to package management failures and an inability to install security and non-security updates starting in Q4 2026 or later. Canonical is distributing the 2023 CA through fwupd (version >=...

Ubuntu Community Hub
Stephen Hoffman2d ago
tante3d ago

A court in Munich declared that Google is liable for their "AI summaries" and all its hallucinations. This is an important step to bring "AI" slop in line with all other products on the market: "AI" products are basically the only ones where a provider can just deliver unchecked garbage and put all the liability on the consumer. I hope to see aggressive change here.

https://the-decoder.com/landmark-german-ruling-declares-googles-ai-overviews-are-googles-own-words-and-makes-it-liable-for-false-answers/

Landmark German ruling declares Google's AI Overviews are Google's own words and makes it liable for false answers

A German regional court has ruled that Google is directly liable for the content of its AI search overviews. According to the court, previous limited liability protections for search engine operators don't apply to AI overviews. In this case, Google's AI had falsely linked two publishers to fraud and made claims that didn't appear in any of the linked sources. The ruling could set a precedent for AI-generated content liability worldwide.

The Decoder
Stephen Hoffman3d ago
Show threadChristine Lemmer-Webber3d ago

Even then I couldn't have anticipated this other adaptation we're seeing in the wild https://indieweb.social/@laurenshof/116720287681995824

Well good great I sure HOPE the safeguards work and it doesn't work as a LITERAL PROMPT INJECTION because holy damn, a worm that's spreading around instructions to create weapons of mass destruction isn't... great?

Stephen Hoffman3d ago
Christine Lemmer-Webber3d ago

Oh remember when I made a blogpost speculating about an "AI worm" which would use the credentials it found on each machine to pay for itself and would mutate each time it changed? https://dustycloud.org/blog/the-first-ai-agent-worm-is-months-away-if-that/

Yeah so a research lab tried that and uh, it was a "spectacular success". They're very assuring that "don't worry it didn't break containment" but holy damn it worked well, it infiltrated systems incredibly well and changed itself and scanned networks for known vulnerabilities and wrote new ones as it spread https://arxiv.org/abs/2606.03811

The first AI agent worm is months away, if that -- Dustycloud Brainstorms

Stephen Hoffman3d ago
𝑮7𝑰𝙕𝑼 𝑹𝙍𝑫4d ago

Space Policy

Researchers at NASA’s Ames Research Center, reports that 73.3% of images the agency’s new SPHEREx space telescope collected between May and September of last year were contaminated by at least one artificial satellite trail.

[...] And it’s only going to get worse from here. Recent FCC filings have been made to approve up to 2 million satellites in Low Earth Orbit, as compared to the 20,000 or so currently in orbit.

Read more: https://www.universetoday.com/articles/space-telescopes-are-now-overwhelmed-by-satellite-trails

Space Telescopes Are Now Overwhelmed by Satellite Trails

Unfortunately there’s more bad news to report on the clear skies front. A new paper, available in pre-print on arXiv from researchers at NASA’s Ames Research Center, reports that 73.3% of images the agency’s new SPHEREx space telescope collected between May and September of last year were contaminated by at least one artificial satellite trail. And it’s only going to get worse from here.

Universe Today
Stephen Hoffman5d ago

When you get in trouble, you never really know who will show up offering to help:

https://www.gotheborg.se/en/news/rescue-of-sailing-boat/

#Götheborg #sailing

Sailing boat rescued by the Götheborg | Götheborg of Sweden

Imagine losing your rudder out at sea and sending out a distress call. And then the largest ocean-going wooden sailing ship in the world comes to your rescue. Or in the words of the sailors on the sailing boat: "This moment was very strange, and we wondered if we were dreaming. Where were we? What time period was it?"

Götheborg of Sweden
Stephen HoffmanJun 5

RE: https://infosec.exchange/@david_chisnall/116696597934617319

This incremental approach is the the least perilous way to conduct large enterprise migrations be conducted, too.

Trying to port a whole huge app or a whole environment is far more expensive, and far riskier.

One that was moving from “proprietary”OpenVMS to Microsoft Windows (yeah, wouldn’t be my choice, and obviously not proprietary 🙄) designed internal interfaces and then ported myriad individual app pieces over roughly a decade.

Stephen HoffmanJun 5

RE: https://tapbots.social/@paul/116621237341779722

Patrick Boyle reviews the SpaceX IPO:

https://www.youtube.com/watch?v=IHD8BDFYyGI

The finances listed in the SEC filing are surreal.

I too hadn’t realized it’s Starlink funding everything else.

The section on Grok was interesting, too.

Stephen HoffmanMay 31
KensanMay 31
RE: https://mstdn.ca/@teledyn/116652708401285794
Stephen HoffmanMay 31
BrianKrebsMay 31

Reuters writes that US military personnel are being targeted using location data that is collected and sold on mobile users. The story cites a recent letter from Sen. Ron Wyden (D-Ore.) noting that U.S. Central Command had “received multiple threat reports concerning adversary exploitation of commercial location data to target or surveil U.S. personnel in theater." Wyden said in a statement that it was time to "start treating the adtech industry as a national security threat."

https://www.documentcloud.org/documents/28167310-department-of-defense-letter-to-ron-wyden/

For more on how mobile ad data is being collected and used to profile people, check out The Global Surveillance Free-for-All in Mobile Ad Data (Oct. 2024)

https://krebsonsecurity.com/2024/10/the-global-surveillance-free-for-all-in-mobile-ad-data/

Department of Defense Letter to Ron Wyden