Will GallegoNew blog post: "Big Enough to Fail".
I think some services/companies have grown so big that blame actually goes *down* during large scale outages.
Oneironaut
@Oneironaut@infosec.exchange
- 13 Followers
- 95 Following
- 1.4K Posts
GRC advocate. Cyber adjacent. Celine Dion fan
OSNewsYouTube’s new anti-adblock measures
Over the past few months, YouTube has been trying another round of anti-adblock measures. Currently the anti-adblock stuff is being A/B tested, and one of my accounts is in the experimental group. I wrote a filter that partially avoids one of the anti-adblock measures, fake buffering, on uBlock Origin (and Brave browser, since it uses the same filter rules). (It’s
https://www.osnews.com/story/142624/youtubes-new-anti-adblock-measures/
Wolfgang LuchtIt was a headline this week, but the world shrugs (while visiting violence upon others):
An update by climate scientists who know what they're doing reveals: the "remaining" carbon budget for staying below 1.5C is now only 130 GtCO2. We emit that in ~3 yrs.
We always said the window is closing. It is. (Nobody can say they didn't know.)
We now need to track cumulative overshoot budgets. Keep them small. And link responsibility to the mind-blowing damage caused.
Indicators of Global Climate Change 2024: annual update of key indicators of the state of the climate system and human influence
Abstract. In a rapidly changing climate, evidence-based decision-making benefits from up-to-date and timely information. Here we compile monitoring datasets (published at https://doi.org/10.5281/zenodo.15639576; Smith et al., 2025a) to produce updated estimates for key indicators of the state of the climate system: net emissions of greenhouse gases and short-lived climate forcers, greenhouse gas concentrations, radiative forcing, the Earth's energy imbalance, surface temperature changes, warming attributed to human activities, the remaining carbon budget, and estimates of global temperature extremes. This year, we additionally include indicators for sea-level rise and land precipitation change. We follow methods as closely as possible to those used in the IPCC Sixth Assessment Report (AR6) Working Group One report. The indicators show that human activities are increasing the Earth's energy imbalance and driving faster sea-level rise compared to the AR6 assessment. For the 2015–2024 decade average, observed warming relative to 1850–1900 was 1.24 [1.11 to 1.35] °C, of which 1.22 [1.0 to 1.5] °C was human-induced. The 2024-observed best estimate of global surface temperature (1.52 °C) is well above the best estimate of human-caused warming (1.36 °C). However, the 2024 observed warming can still be regarded as a typical year, considering the human-induced warming level and the state of internal variability associated with the phase of El Niño and Atlantic variability. Human-induced warming has been increasing at a rate that is unprecedented in the instrumental record, reaching 0.27 [0.2–0.4] °C per decade over 2015–2024. This high rate of warming is caused by a combination of greenhouse gas emissions being at an all-time high of 53.6±5.2 Gt CO2e yr−1 over the last decade (2014–2023), as well as reductions in the strength of aerosol cooling. Despite this, there is evidence that the rate of increase in CO2 emissions over the last decade has slowed compared to the 2000s, and depending on societal choices, a continued series of these annual updates over the critical 2020s decade could track decreases or increases in the rate of the climatic changes presented here.
da_667
Catalin CimpanuIn May last year, the city of Helsinki disclosed a data breach. The IR post-mortem report is now live: https://www.turvallisuustutkinta.fi/en/index/tutkintaselostukset/poikkeuksellisettapahtumat/p2024-01160databreachtargetingthecityofhelsinkiin2024.html (cc: @PogoWasRight)
-entry via unpatched Cisco ASA
-attackers stole 2TB of data
-breach costs went over €1mil
-attacker stole data on 150,000 students and 38,000 employees
Prof. Emily M. Bender(she/her)Got asked to review a book proposal for "A Guide to Prompt Engineering".
More accurate title: "A Guide to Poking at the Environmentally Disastrous Racist Pile of Linear Algebra Trained on Stolen Data and Exploitative Labor Practices to Produce Outputs You're Too Lazy to Learn to Evaluate"
NosirrahSec 🏴☠️ guillotine enthusiastFuck you #Verizon
You're absolute scum. THAT is the last straw for me.
Pay to speak to customer service? Lol get fucked.
BrianKrebsNew, by me: A Dark Adtech Empire Fed by Fake CAPTCHAs
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by leveraging the same malicious advertising technology that powers a sprawling ecosystem of online hucksters and website hackers. A new report on the fallout from that investigation finds this dark ad tech industry is far more resilient and incestuous than previously known.
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/
racheltobac 
If a user’s expectations about how a tool functions don’t match reality, you’ve got yourself a huge user experience and security problem.
Humans have built a schema around AI chat bots and do not expect their AI chat bot prompts to show up in a social media style Discover feed — it’s not how other tools function.
Because of this, users are inadvertently posting sensitive info to a public feed with their identity linked, including prompts with:
- exact medical issues
- federal crimes committed
- tax evasion
- home address
- interest in extramarital affairs
- sensitive court details
- private photos of unclothed children
- audio asking personal questions
- private upcoming travel plans
- questions about the legality of actions
- challenges in personal relationships
- feeling shame with disabilities
What do I recommend as next steps for Meta and other orgs considering a public AI chat bot prompt feed?
1. Pause the public Discover feed. Your users clearly don’t understand that their AI chat bot prompts have been made public.
2. Ensure all AI chat bot prompts are private by default. This goes for all future AI chat bots as well. Don’t wait for users to accidentally post their secrets publicly. Notice that humans interact with AI chatbots with an expectation of privacy, and meet them where they are at.
3. Alert users who have posted their prompts publicly and that their prompts have been removed for them from the feed to protect their privacy.
If I’m able to watch users inadvertently admitting to federal crimes and posting unclothed pictures of their children to the Meta AI Discover Prompt feed, they clearly don’t understand how it works!
Meta: Pause the product, bake in clear strong privacy, and help users fix their accidental prompt posts.
It’s time to make it right.
Here is a redacted user asking Meta AI about how to ask a judge to not sentence them to death for the murder of 2 people.
Clearly Meta users do not believe their Meta AI prompts are publicly available. This one is tied to the user’s identity with elements of their username which I’ve redacted.
If your family, friends, and coworkers aren’t aware that Meta AI chat bot prompts can be easily and accidentally posted to a social media-like feed, please inform them so they can keep their sensitive questions private.
Imagine if Google searches were surprisingly showing up on a new social media feed, this would devastate folks.
evacideIf you have an iPhone, make sure you always have the latest security update.
If you are concerned that you might be targeted by government spyware, enable Lockdown Mode.
https://techcrunch.com/2025/06/12/apple-fixes-new-iphone-zero-day-bug-used-in-paragon-spyware-hacks/
Kevin Mirsky 
adingbatponder
Ian Campbell
Oberst Enzian
nantucketlit