Mike Williamson

@sleepycat@infosec.exchange
255 Followers
410 Following
1.2K Posts

Digital Transformation = Agile + APIs + AppSec

Security Architect at the Public Health Agency of Canada. Formerly TBS Cyber security & part of the team that launched the Canadian Digital Service.

bloghttps://mikewilliamson.wordpress.com
githubhttps://github.com/sleepycat
Mike Williamson12h ago
Kevin Beaumont12h ago

According to recent research from McKinsey & Company, nearly eight in 10 companies have reported using generative A.I., but just as many have reported “no significant bottom-line impact.”

https://www.nytimes.com/2025/08/13/business/ai-business-payoff-lags.html

Companies Are Pouring Billions Into A.I. It Has Yet to Pay Off.

Corporate spending on artificial intelligence is surging as executives bank on major efficiency gains. So far, they report little effect to the bottom line.

The New York Times
Mike Williamson12h ago

"The House of Commons and Canada's cybersecurity agency are investigating a significant data breach caused by an unknown "threat actor" targeting employee information."

#gcdigital

https://www.cbc.ca/news/politics/house-of-commons-data-breach-1.7608061

House of Commons hit by cyberattack from 'threat actor': internal email | CBC News

The House of Commons and Canada’s cybersecurity agency are investigating a significant data breach caused by an unknown “threat actor” targeting employee information.

CBC
Mike Williamson5d ago
Janelle ShaneApr 12

“Slopsquatting” in a nutshell:

1. LLM-generated code tries to run code from online software packages. Which is normal but
2. The packages don’t exist. Which would normally cause an error but
3. Nefarious people have made malware under the package names that LLMs make up most often. So
4. Now the LLM code points to malware.

https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/

LLMs can't stop making up software dependencies and sabotaging everything

: Hallucinated package names fuel 'slopsquatting'

The Register
Mike Williamson6d ago
Simon Willison6d ago
I gave a talk on Wednesday at the Bay Area AI Security Meetup about prompt injection, MCP security and the lethal trifecta. Here are the annotated slides from my presentation, including notes on my weird hobby of trying to coin or amplify new terms of art https://simonwillison.net/2025/Aug/9/bay-area-ai/
My Lethal Trifecta talk at the Bay Area AI Security Meetup

I gave a talk on Wednesday at the Bay Area AI Security Meetup about prompt injection, the lethal trifecta and the challenges of securing systems that use MCP. It wasn’t …

Simon Willison’s Weblog
Mike WilliamsonAug 8
Systems ApproachAug 8
Apparently there is now a faster way to calculate shortest paths through a network: https://www.quantamagazine.org/new-method-is-the-fastest-way-to-find-the-best-routes-20250806/
New Method Is the Fastest Way To Find the Best Routes | Quanta Magazine

A canonical problem in computer science is to find the shortest route to every point in a network. A new approach beats the classic algorithm taught in textbooks.

Quanta Magazine
Mike WilliamsonAug 2
LobstersAug 2
Unikernel Guide: Build & Deploy Lightweight, Secure Apps https://lobste.rs/s/fpljpw #devops #osdev #security
https://tallysolutions.com/technology/introduction-to-unikernel-2/
Unikernel Guide: Build & Deploy Lightweight, Secure Apps | Lobsters

Mike WilliamsonAug 2
The New StackAug 2

Software architecture is evolving, and it’s finally prioritizing developer experience. Avraam Tolmidis explains how treating architecture as a product leads to systems that actually work for devs.

https://thenewstack.io/software-architecture-is-finally-fixing-its-biggest-problem-developer-experience/

Software Architecture Is Finally Fixing Its Biggest Problem: Developer Experience

Discover how treating software architecture as a product finally solves developer experience problems.

The New Stack
Mike WilliamsonAug 2
ProPublicaJul 28

8 Things to Know About New Research on Earth’s Rapid Drying and the Loss of Its Groundwater

Decades of NASA satellite data reveal how quickly the planet’s underground stores of fresh water have been depleted and how their use is contributing to rising sea levels. Here are the key takeaways.
https://www.propublica.org/article/groundwater-fresh-water-depletion-research-science-advances-takeaways?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon-post

#News #Science #Climate #Environment #ClimateChange #Water #NASA #Data

8 Things to Know About New Research on Earth’s Rapid Drying and the Loss of Its Groundwater

Decades of NASA satellite data reveal how quickly the planet’s underground stores of fresh water have been depleted and how their use is contributing to rising sea levels. Here are the key takeaways.

ProPublica
Show threadMike WilliamsonAug 1

@tantramar

If the focus is narrowed to "will a screen reader properly identify this thing" alt text on a picture of text is probably equivalent.

If the scope is a little broader, the benefits are clearer:

Being able to have signature blocks that work for small screens, that change languages along with the rest of the text on the page, whose text scales along with everything else when you zoom, that works nicely with dark mode...

I think the accessibility is icing on that cake.

Mike WilliamsonAug 1
Ricardo TavaresJul 29
It's ironic how proper documentation wasn't something we could possibly invest time into for the sake of junior devs or interested customers, but now it's all worth it if we feed it to the AI.