kcarruthers

@kcarruthers@infosec.exchange
5.5K Followers
5.8K Following
9.6K Posts

Sometimes I feel like being a revolutionary catđŸ˜·đŸŒ»đŸ’™đŸ’›đŸ‰
Working at the intersection of data analytics, AI, ML, privacy, data protection, cyber & info sec.
Wide-ranging interests including ethics, law, politics, history, anthropology, science, & MrMaxi. Sydney Australia 🇩đŸ‡ș

Just for the record my pronouns are she/her although I don’t object to they/them either. 


Webhttps://katecarruthers.com/about-kate-carruthers/
Podcasthttps://datarevolution.tech
RDCChttps://www.researchdataculture.org/aboutus
Webhttps://infosphereeducation.com/
kcarruthers39m ago

How AIs can transmit ideas without words: new discovery shows that AIs can influence each other in invisible ways, even through data that seems neutral.

https://www.datastudios.org/post/ais-can-share-ideas-without-words-an-experiment-reveals-how-models-influence-each-other-in-secret

kcarruthers3h ago
Michael3h ago
https://www.middleeasteye.net/live-blog/live-blog-update/alarming-rise-diseases-gaza-israel-continues-blockade-warns-oxfam
Alarming rise in diseases in Gaza as Israel continues blockade, warns Oxfam

Middle East Eye
kcarruthers3h ago
rogue_corq3h ago
Russia hits hospital in Kharkiv with guided aerial bomb: 1 killed, 6 injured https://www.pravda.com.ua/eng/news/2025/07/25/7523376/?utm_source=dlvr.it&utm_medium=mastodon
kcarruthers3h ago

‘Hungry aid staff fainting’ as Israel’s criminal starvation plan spreads in Gaza & truce hopes fade

https://www.theguardian.com/world/2025/jul/24/hamas-sends-ceasefire-proposal-to-israel-as-starvation-spreads-in-gaza

kcarruthers3h ago
Aki the Conqueror 🩓14h ago

I posted my first post on LinkedIn, but I swear it's for a good cause. I'm working on standards for the Cyber Resilience Act, which is going to change how companies build software and take responsibility for their cybersecurity exposure.

You could join me.

https://www.linkedin.com/posts/akibraun_dont-complain-about-it-when-its-too-late-activity-7354272683036987393-Kwcm

Don’t complain about it when it’s too late. | Aki Rose Braun

Don’t complain about it when it’s too late. You can literally shape the future of European tech policy by DM-ing me. 🚀 I’m part of the team helping to develop the standards for “important products” under the Cyber Resilience Act. The CRA means that if you work on one of the many categories of impacted tech products, next year you'll be working to fit your product into the requirements we are writing right now. Or, you could come help write them. VPNs (that one’s mine!), browsers, operating systems, network management, and many more products (see comment) are covered. If your employer is based in Europe, or has operations in Europe, or releases products on the market in Europe, you will be impacted by these new rules, so why not help make them impactful? The organisation in charge of the product-specific standards is called ETSI, and your employer might already be a member. (Link to check/join in the comments.) Is your company already an ETSI member? Check the link in the comment and DM to find out how to attend a meeting or join the mailing list. Company isn’t a member? DM me to find out how to fix that. STAN4CRA is co-funded by the European Commission and EFTA.

kcarruthers3h ago
Toni Aittoniemi5h ago

You thought vibe coding was bad?

Well.. Angela’s got something worse for ya! The billionaires now think they’re ’doing physics’ when talking to LLM’s specifically trained & prompted to suck up their egos. đŸ€Ż

Vibe physics? Anybody who even dares to think this is ”groundbreaking research” isn’t by definition smart. Not. Smart! đŸ˜«

https://youtube.com/watch?v=TMoz3gSXBcY
#vibephysics #llm #sycophancy #vibecoding #ai

vibe physics

YouTube
kcarruthers3h ago
Dan Gillmor7h ago

Trump regime's move to send the homeless et al to concentration camps is right out of the Nazi playbook.

https://archive.ph/HhzUj

Journalists who maintain "neutrality" in the face of fascism are helping to normalize this. They'll regret their inaction when they're among the imprisoned (or worse).

kcarruthers3h ago
DrBob, Neurologist, 🧠Mechanic5h ago

Isn’t complete #Genocide what #Hitler and #Nazi’s wanted to accomplish?

Minister says Israel racing ahead to wipe out Gaza, will make it Jewish

Heritage Minister Amichai Eliyahu says #Israel is advancing the destruction of Gaza, and that the Strip will be made totally Jewish

“The government is racing ahead for Gaza to be wiped out,” Eliyahu tells Haredi radio station Kol Barama. “Thank #God, we are wiping out this evil. We are pushing this population that has been educated on Mein Kampf.”

Eliyahu says #Gaza will be cleared for Jewish settlement, but says Jewish towns won’t be “fenced in inside cantons.”

https://www.timesofisrael.com/liveblog_entry/minister-says-israel-pushing-for-gaza-to-be-wiped-out-made-jewish/

kcarruthers3h ago
Renkon8h ago

DUDE there is currently a live video feed of bears catching fish trying to swim up a small waterfall and I am MESMERIZED

https://www.youtube.com/watch?v=73-EekdVVU8

Brooks Falls - Katmai National Park, Alaska 2025 powered by EXPLORE.org

YouTube
kcarruthers3h ago
nixCraft 🐧9h ago

PHP is a "cockroach language" that is never going to die. It is popular because it is dead simple to learn and does a better job of helping new developers get started, as it is available everywhere, including on $1 hosting platforms 😉

Source https://nophpunintended.com/a-brief-history-of-web-development/

×
LaF0rgeJun 30
lT security 101: Don't leave your company laptop with authentication smart card inserted, applications open and without screensaver at your seat when using the lavatories on a train. Unbelivable...
Show threadMaximilian GollaJun 30
@LaF0rge Way way crazier is this computer mouse 😅
Show threadChristian VogelJun 30
@LaF0rge or, as we say as “Businesskasper”
 Monday.
Show threadAbdelkader BouiJun 30
@vogelchr Das ist kein Businesskasper. Man achte auf die Smartcard im Laptop. @LaF0rge
Show thread1000millimeterJun 30
@abdelkader_boui @vogelchr @LaF0rge Wenns die Firma fĂŒr alle verlangt braucht auch ein Businesskasper ne Smartcard
Show threadJohannesJun 30
@1000millimeter @abdelkader_boui @vogelchr @LaF0rge Nein, das interessante daran ist nicht, dass das eine Smart card ist, sondern nach welcher Smartcard das aussieht.
Show threadpady Jun 30
@JmbFountain Hilf uns auf die SprĂŒnge.. ich erkenne da nichts 😅
Show threadJohannesJun 30
@hundertzwoelf siehe hier:
https://mastodon.social/@bkastl/114770875578877842
Show threadpady Jun 30
@JmbFountain uff đŸ„Č
Show threadM SchommerJun 30
@JmbFountain @hundertzwoelf @bkastl
Vorsicht, könnte ein Honeypot sein :D
Show threadLucas TreffenstÀdtJun 30
@LaF0rge have you sent an email promising cake to their whole company? That's what we do when someone leaves their workstation unlocked 😅
Show threadlobingeraJun 30
@lucas @LaF0rge my colleagues just sent an email to everyone to invite for a drink when they found an unlocked computer. The percentage of unlocked computers dropped drastically
Show threadKrisJun 30

@lucas

That's what we did at a previous job: Send that promise into a specially created group "Cake News".

@LaF0rge

Show threadStefan OffermannJun 30

@isotopp @lucas @LaF0rge I am still waiting for an unlocked notebook to establish this group in my company.

Damn colleagues! Hitting WIN+L every time they leave their hardware... ;-)

Show threadschrotthaufenJun 30
@lucas That’s questionable within the own company, and likely a crime if you do it on a train. @LaF0rge
Show threadTheConstructor (he/him)Jun 30
@lucas @LaF0rge at university they messed with the desktop wallpaper. We had cases where it was replaced by a screenshot of itself, then icons hidden and taskbar minimized, and cases with pictures thought to be not in the taste of the person not locking the desktop
 Very few persons had this happen to them twice. Less cake, though.
Show threadthunfischJun 30
@LaF0rge Well, there's only honest and law-abiding people travelling in first class, so there's nothing to worry about here! /s
Show threadlobingeraJun 30
@thunfisch @LaF0rge i seriously like your sense of humor
Show threadRiku VoipioJun 30
@thunfisch @LaF0rge This is one of the security holes the 9/11 attackers exploited.
Show threadDanielJun 30
@LaF0rge failure on layer 8, the meat space is a tough ground for IT-security. It is so hard to teach users to do the right things. There are cultural barriers between IT departments and basically the rest of their surrounding organisations.
Show threadMarcus MĂŒllerJun 30
@daccle @LaF0rge not that I'd generally disagree, but this is quite literally equivalent to leaving a company car with company keyring on the dashboard unlocked at a highway resting area while you're taking a leak. Not hard to communicate at all.
Someone here just doesn't care.
Show threadAreskulJun 30

@daccle @LaF0rge

The 8th layer should be part of the OSI model.
Do you mind if I start an internet draft? 😂

Show threadDanielJun 30
@jean_dupont @LaF0rge go for it, but I guess it is already existing
Show threadTimo JJun 30
@jean_dupont @daccle @LaF0rge Layers 8 and 9 have been religion and politics for as long as I can remember. Maybe you’re looking at Layer 10.
Show threadDanielJun 30
@timoj @jean_dupont @LaF0rge then we will need a standardisation committee, since in my bubble layer 8 is and always has been the user.
Show threadTimo JJun 30
@LaF0rge @daccle @jean_dupont Fine, then you can moderate the inevitable, neverending debate as to when it’s best to hold the requisite ISO standards conference in Switzerland, followed by whatever inevitable argument they’ll have with the NIST folk in Gaithersburg, provided those people still exist.
Show threadccchrisJun 30
@LaF0rge Karte ziehen und kurz nen Kaffee trinken gehen.
Show thread1000millimeterJun 30
@ccchris @LaF0rge Wieso gehen? Das Spektakel wĂŒrd ich mir anschauen wollen
Show threadkamikadseJun 30
@ccchris @LaF0rge Nimm die Kiste komplett mit und schick Karte und Workstation separat mit insgesamt einer Grußkarte ans BSI. Dann gibt‘s ne Gaudi, das sag ich dir
Show threadkamikadseJun 30
@LaF0rge @ccchris #SINASafari #SINAZwangsbremsung
Show threadLaF0rgeJun 30
@kamikadse @ccchris na das wÀre vmtl wahlweise Unterschlagung, Nötigung oder Diebstahl. Nein danke :/
Show threadkamikadseJun 30

@ccchris @LaF0rge Wieso Nötigung?

Und fĂŒr Unterschlagung und Diebstahl liegt nicht die erforderliche Zueignungsabsicht vor :p /j

Show threadDrScripttJun 30

@LaF0rge that’s when I do something like moving / rotating the computer. Something obvious so that they know someone did something but they have no idea what else was done.

Actual smart card. So someone else takes security more seriously than your fellow passenger.

Show threaddie_christineJun 30
@LaF0rge As I can see: It's a Lenovo with sensor for fingerprints. You can lock and unlock it within milliseconds.
Show threadCHBJun 30
@die_christine @LaF0rge Yes, but the user of the computer didn’t do that. The screen is clearly indicating the computer is not locked.
Show threaddie_christineJun 30
@stadsplanering I can see that. I only wanted to point out that locking and unlocking is so easy. I can'*t understand that he didn't do it. @LaF0rge
Show threadtuxfloJun 30
@die_christine @stadsplanering @LaF0rge probably not. If the previous commentors are right, then that the Laptop is a Sina Workstation that is running a custom "secure" OS.
Fingerprint is usually not supported on those. You are supposed to pull out the Smartcard which will lock the device automatically. In my opinion that is even easier than biometrics, but still doesn't help if the users don't do it.
Show threadtuxfloJun 30
@die_christine @stadsplanering @LaF0rge BTW since those devices are built for dealing with confidentiality material it could be even a violation of the german law to leave the laptop unlocked and unattended (if confidential material IS on the device)
Show threadCHBJul 1

@tuxflo @die_christine @LaF0rge I assume it is a violation just leaving it unlocked even if you do not handle confidential information on it at the moment. It is acting as a point of entry to the entire secure system it is connected to. đŸ€Šâ€â™‚ïž

And yes, just pulling the card out is so easy and locks it right away (had similar system on a work computer a while back).

They should also have those privacy filters installed just to limit the view of the screen.

Show threadjouiJun 30
@LaF0rge They don't care and transform every public space into the cubicle from hell. Encryption is useless with them as they spill all the beans over the air and plain old shoulder surfing and -a pair of working ears- scratch that: a half decent mic and a recording device is all you need.
Show threadJoe WJun 30
@maz @LaF0rge Also people entertaining the whole train with their medical problems or relationship drama on their phone. Better than soap operas....
Show threadChristian HornJun 30
@LaF0rge Don't underestimate this setup of a honeypot to see what comes by..
Show threadKarstenJun 30
@LaF0rge "sicher im Rechtssinne"
Show threadAlerta! Alerta!Jun 30
@LaF0rge It'd be interesting to see what happens should the smart-card suddenly be lost... 🙈
Show threadBianca KastlJun 30
@LaF0rge đŸ€š no worries, it’s just government grade authentication đŸ«Ł
Show threadme·ta·phil, derJun 30
@bkastl @LaF0rge đŸ«Ł
Show threadRationalgardeJun 30

@metaphil @bkastl @LaF0rge

omg

Show threadjan guerillahandwerker ullrichJun 30
@rationalgarde @metaphil @bkastl @LaF0rge die besten der besten, sir!!
Show threadAki DockhardJun 30
@rationalgarde @metaphil @bkastl @LaF0rge
Unverantwortlich! Das GerÀt hat keine Blickschutzfolie.
Show threadme·ta·phil, derJun 30
@qwertziop Die braucht's nicht, da Scheuklappen zur Arbeitsplatzausstattung gehören đŸ’Ș
Show threadwaldiJun 30
@bkastl @LaF0rge No worries. Now we are just curious, which certificate is stored on the card.
Show threadkamikadseJun 30
@bkastl @LaF0rge And technical equipment designed to handle information classified as restricted.
Show thread010011000101010101011000Jun 30
@LaF0rge Lenovo mit Sinacard und Billigmaus. Das sieht nach Standardausstattung Bundesministerien aus.
Show threadSven GeggusJun 30
@hlux @LaF0rge Weil MĂ€use laut BMVg maximal 20€ kosten dĂŒrfen...
Show threadJoshua BarrettoJun 30
@LaF0rge Don't worry, they probably have a dvorak keyboard layout or something
Show threadTrulsJun 30
@LaF0rge Open Notepad and type "Ich soll meinen Computer sperren!" into it. Then leave it like that.
Show threadHarald Hannelius Jun 30
@truls46 @LaF0rge at work we tend to open playboy dot com or some such. Open landscape. They won't forget
Show threadstefanrowerJun 30

@LaF0rge Bitte nimm den Laptop schreib eine Mail an alle@his-Company.tld mit folgendem Inhalt:

Hallo

[Company]Ich bin ein Laptop der im Zug verlassen und nicht gesperrt wurde.
Ein Unternehmens-Fremder schreibt gerade eine Mail in meinem Namen.
Jeder der auf diese Nachricht innerhalb von 5 min antwortet bekommt eine große Mageritapizza vom Absender ausgegeben.

Einen guten Wochenstart
ein Fremder

Show threadAndrocatJun 30

@LaF0rge Honeypot detected

(I hope)

Show threadJoerg MoellenkampJun 30
@LaF0rge I had a lockscreen displaying a fake spreadsheet for a fake company (something along the line of ACME, but less obvious) for a while. One line at the end there was a line with the value "Curiosity killed the cat" right after "Total revenue projection FY14:". That said, I stopped using it, after realizing I take the the notebook with me even for the shortest moment ....
Show threadJoerg MoellenkampJun 30
@LaF0rge In the ICE between Hamburg and Berlin this is a frequent occurrence .... besides the even worse habit of shouting company internals through the train ...