René Mayrhofer  🇺🇦

@[email protected]
1.4K Followers
386 Following
3.4K Posts

Prof. for networks and security at #JKULinz + dabbling in Android platform security at #Google. This account will mostly carry IT security stuff, occasionally politics and other comedy.

Screeching voice of the minority. I will not cooperate with fascists or nazis - traditional or neo; Austrian, German, US, Russian, or otherwise. I will not help build surveillance and oppression states. Never again.

"I need privacy, not because my actions are questionable, but because your judgement and intentions are."

Statements are only my own opinion, not my employers'.

This is currently my primary infosec account in the #Fediverse. It should be #searchable through https://tootfinder.ch. Previous Twitter posts are available in archival form at https://twitterarchive.mayrhofer.eu.org/.

Homepagehttps://www.mayrhofer.eu.org
Universityhttps://jku.at/ins
René Mayrhofer  🇺🇦11m ago
Kevin Beaumont9h ago
Probably going to get a viral blog out of this experience, I'm trying to report a 4tb exposed cloud bucket to a company using their responsible disclosure programme... but they replaced the people with a GenAI ticket system that refuses to discuss the case as it thinks exploring open buckets is unethical and against its rules.
René Mayrhofer  🇺🇦14m ago
Zack Whittaker1h ago

New, by me: A popular Canadian money transfer app exposed thousands of driver's licenses and passports to the open web. Anyone with a link was able to view the data in their browser.

The data goes back to September 2020, and was updating daily until the server was secured this week.

https://techcrunch.com/2026/04/02/canadian-money-transfer-app-duc-expose-drivers-licenses-passports-amazon-server/

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

An exposed Amazon-hosted server allowed anyone to access reams of customer data without needing a password.

TechCrunch
René Mayrhofer  🇺🇦9h ago
jonny (good kind)2d ago
  • Claude code source "leaks" in a mapfile
  • people immediately use the code laundering machines to code launder the code laundering frontend
  • now many dubious open source-ish knockoffs in python and rust being derived directly from the source

What's anthropic going to do, sue them? Insist in court that LLM recreating copyrighted code is a violation of copyright???

René Mayrhofer  🇺🇦20h ago
Rainhard1d ago

"Top Brussels official urges Europeans to work from home and drive less"
https://www.politico.eu/article/europeans-urged-to-work-from-home-and-drive-less-as-eu-warns-of-long-crisis/

Some excerpts:

"The more you can do to save oil, especially diesel, especially jet fuel, the better we are off"

"...work from home where possible, reduce highway speed limits by ten kilometers [an hour], encourage public transport, alternate private car access ... increase car sharing and adopt efficient driving practices."

"Longer term, he urged EU countries to double down on building more renewables, saying 'this must be the time we finally turn the tide and truly become energy independent.'"

Top Brussels official urges Europeans to work from home and drive less

Energy commissioner says the oil crisis triggered by Iran war will bring lengthy upheaval, in a speech reminiscent of the Covid pandemic.

POLITICO
René Mayrhofer  🇺🇦20h ago
Jens Ohlig1d ago

„By Wednesday morning, Anthropic representatives had used a copyright takedown request to force the removal of more than 8,000 copies and adaptations of the raw Claude Code instructions—known as source code—that developers had shared on programming platform GitHub.“

Because if there’s one thing GenAI companies absolutely don’t take lightly, it’s copyright.

https://www.wsj.com/tech/ai/anthropic-races-to-contain-leak-of-code-behind-claude-ai-agent-4bc5acc7

René Mayrhofer  🇺🇦21h ago
Alex Kretzschmar1d ago

Brutal.

When Microsoft acquired GitHub.

René Mayrhofer  🇺🇦21h ago
Show threadJohn Regehr1d ago
@shafik so anyway, things are weird right now. but one thing that's completely clear to me is that the models are not simply reproducing things from their training set. that's just not how to think about it anymore. I mean, they might do that sometimes-- but it's not the interesting part.
René Mayrhofer  🇺🇦22h ago
John Regehr2d ago

this spring I've been teaching undergrads to use LLM agents. my rationale for doing this was that it would give me a chance to covertly teach lots of real software engineering, which is what I've done.

meanwhile, I've been watching the students closely to try to figure out whether a coding agent is a leveling factor (reducing differences in effectiveness between different students) or an anti-leveling factor (amplifying differences). at this point I'm 99% sure it's the second thing.

René Mayrhofer  🇺🇦22h ago
Show threadSophie Schmieg1d ago

And now also on Ars Technica:

@dangoodin

https://arstechnica.com/security/2026/03/new-quantum-computing-advances-heighten-threat-to-elliptic-curve-cryptosystems/

Quantum computers need vastly fewer resources than thought to break vital encryption

No, the sky isn't falling, but Q Day is coming, and it won't be as expensive as thought.

Ars Technica
René Mayrhofer  🇺🇦1d ago
Show threadEtienne / Tek2d ago
It is confirmed by TechCrunch : Sora was burning around $1 million every day. The problem is that there was no clear revenue for Sora and in the meantime, Claude was becoming better at coding, which actually makes money
https://techcrunch.com/2026/03/29/why-openai-really-shut-down-sora/
Why OpenAI really shut down Sora | TechCrunch

OpenAI's decision last week to shut down Sora, its AI video-generation tool, just six months after releasing it to the public raised immediate suspicions. The app had invited users to upload their own faces — so was this some kind of elaborate data grab?

TechCrunch