| https://twitter.com/nicolas09F9 | |
| Location | Buenos Aires, Argentina |
| Liberapay | https://liberapay.com/nicolas17 |
This is peak malicious compliance and I love it
https://sightlessscribbles.com/posts/the-paperwork-flood/
Edit : the blog author is on the fediverse if you want to follow him here, and he maintains a follow page on his site with many options!
Dad bought a FIDO2 key. He goes to bank website, clicks "add security key", website says "to verify your identity you need an authorization code, call [phone number] to get it".
Calling that number gets you a voice bot that doesn't even remotely understand what you need and offers you unrelated options.
– I want to add a security key.
– you want to see if your check has cleared, please answer yes or no.
– no.
– [old IVR-style menu with unrelated options]
Since the bank's AI support is making his life harder, my dad is approaching the problem by throwing more AI at it and asking chatbots for help. It's not going well either.
I accidentally updated VS Code when I updated the rest of my distro and now it has an AI Chat panel by default, the plugins panel has a whole section for MCP servers, etc etc.
How far back do I need to downgrade to?
@bagder IANA just published a new field for the security.txt (RFC 9116) format: "Bug-Bounty: True/False".
The @RIOT_OS team is receiving an increased amount of presumably LLM generated bogus vuln reports (though nowhere near curl levels). And since we deployed a security.txt, scrapers started sending emails inquiring about our bug bounty programs.
I was hoping that if that field gets some visibility, scrapers might filter for that before spamming the security inboxes.
https://www.iana.org/assignments/security-txt-fields/security-txt-fields.xhtml
Door et de platine
Zhuowei Zhang
Joshua Wise
maribu