Hamishthepiper

@[email protected]
93 Followers
49 Following
787 Posts
Hamishthepiper2d ago
BSides Atlanta2d ago

BSides Atlanta 2026 is scheduled for Saturday, October 3rd, 2026, and will be hosted at the Georgia Tech Hotel & Conference Center in midtown Atlanta. This will be our 14th annual event and will feature over 18,000 sq ft of space, 13 content areas, a buffet lunch in the hotel’s dining area, and more!

Tickets to attend BSides Atlanta 2026 will go on sale on Monday, April 6th.

BSides Atlanta showcases the best content that our cybersecurity community has to offer. The calls for presenters and villages will open on Monday, July 6th.

As a community-run event, we rely on volunteers to make the BSides Atlanta experience the best it can be. The call for volunteers will open on Monday, July 27th.

Sponsors support the majority of the cost of running BSides Atlanta and get brand exposure to hundreds of attendees. For sponsorship info, please contact [email protected].

Hamishthepiper3d ago
Dan Goodin4d ago

Wow, TeamPCP is hacking open-source developers faster than we can report on them. The latest (that I'm aware of, anyway) is LiteLLM. They worked with Trivy but didn't bother to change their credentials after Trivy was hacked, despite an ample amount of advice to do so.

Folks, if any of you used LiteLLM, now is the time to change your credentials, in an atomic way. Now, as in immediately.

https://news.ycombinator.com/item?id=47501729

LiteLLM Python package compromised by supply-chain attack | Hacker News

Show threadHamishthepiper6d ago

@jerry I think one consideration is if the CISO is a board-level position or not. If not, it’s likely you’re going to have to focus on relating risk (ie cost, as some have noted) to a HIGH LEVEL view of some technical controls, because they don’t have someone on the board that’s already been doing that work.

Also, I think that most technical folks tend to think of “risk” as “Who has admin privileges?” and not “Who’s role has a direct line to the business core?” Sometimes that’s a material scientist that doesn’t have Global Admin, but they might need some tighter controls on how they authenticate vs sales or marketing.

Show threadHamishthepiperMar 18
@Bluewall You’re looking in https://security.microsoft.com/alertpoliciesv2 ? This is where you’d create a new custom alert policy.
HamishthepiperMar 17
David GerardMar 17

yt comment:

> Remember: The dumbest person you know is being told 'you are absolutely right' by a LLM right now.

HamishthepiperMar 17
Electronic Frontier FoundationMar 16
Publishers say they’re blocking the Internet Archive because of AI scraping. But shutting out a nonprofit library won’t stop AI—it will damage the public’s best record of the web. https://www.eff.org/deeplinks/2026/03/blocking-internet-archive-wont-stop-ai-it-will-erase-webs-historical-record
Blocking the Internet Archive Won’t Stop AI, But It Will Erase the Web’s Historical Record

Imagine a newspaper publisher announcing it will no longer allow libraries to keep copies of its paper. That’s effectively what’s begun happening online in the last few months. The Internet Archive—the world’s largest digital library—has preserved newspapers since it went online in the mid-1990s....

Electronic Frontier Foundation
HamishthepiperMar 13
Show threadDave BittnerMar 13

And now, we’re adding another layer.

Artificial intelligence.

AI can now generate convincing text, images, voices, and video at a scale we’ve never seen before. Which means that something very fundamental is changing: the relationship between our senses and reality.

For most of human history, “seeing is believing” was a pretty reliable rule.

That rule is breaking.

We’re entering a moment where what we see and hear can no longer be taken at face value. And that means every one of us is being asked to become a kind of full-time detective, constantly evaluating, verifying, second-guessing.

But here’s the problem: humans aren’t built for permanent vigilance.

Our brains evolved for trust. For cooperation. For social connection. Not for navigating an endless stream of carefully engineered manipulation.

So naturally, the question people start asking is: what do we do about it?

Some people say regulation. Treat this as a public health issue. Just as we eventually put guardrails around industries that harmed our bodies, unsafe food, polluted air, dangerous products, we might need guardrails around systems that harm our attention, our emotional stability, even our sense of reality.

But that’s difficult. Because the same economic forces that created these systems have enormous influence over the institutions that might regulate them.

Others think the answer might only come after a crisis, some kind of economic or social reset that forces us to rethink the incentives that shape our technologies.

Maybe.

HamishthepiperMar 13
sam henri goldMar 12
The MacBook Neo is such an interesting machine that it coaxed a thousand-word-essay out of me: https://samhenri.gold/blog/20260312-this-is-not-the-computer-for-you/
“This Is Not The Computer For You” · Sam Henri Gold

Sam Henri Gold is a product design engineer building playful, useful software.

HamishthepiperMar 13
Thomas ReedMar 12
Oh hell no
HamishthepiperMar 12
Taylor ParizoMar 12
I've been habitually taking my camera with me when I go out so I take more photos. I thought I'd take more at the museum over the weekend but only ended up taking one. Not even mad because this is one of the more creative ones in a long time. Inside looking out a window so I metered the window light rather than the average room light.
#Fujifilm