PSA / hard-learned lesson from network security: any sort of 'autoblock' functionality is usually something you can bootstrap into a DoS. Just throwing that out there.

LLMs are often evaluated against single-turn automated attacks. This is an insufficient threat model for real-world malicious use, where malicious humans chat with LLMs over multiple turns. We show that LLM defenses are much less robust than the reported numbers suggest.

Stuff like this is one of the easiest ways to save time with multimodal LLMs. Photo of messy data in, ask for it in some structured format, do a quick sanity check by hand, done. Right in the sweet spot of laborious and annoying to do by hand, fast with an llm, and easy to check.

1. Time to go into the West.

Still, in this, the year of our lord 2024, if I send someone a photo of a doc, they say "we need a scan". But! If I then take that exact photo, grayscale and reduce the bit depth, and finally embed it in a PDF, it's suddenly fine.

Right into the subtitle hall of fame

Whoaaa, you know how folks talk about QR code scams and mention to be careful but that there isn’t a lot of evidence that QR code scams are in the wild often. Here’s another QR code scam in CA! 150 parking meters with fake QR codes on them plus on the parking signs themselves.

“this is comedy” no this is the reason why I have stopped using my real face on public accounts and why 40% of women leave the entire tech industry within a decade of entering the field. achieving success in this field as a women means accepting that this is normal. it’s not.

I just stepped through some of the beginner AI Security modules that Microsoft published. They look good and would be useful for interested students and potentially managers/PMs trying to survey the field. learn.microsoft.com/en-us/training… learn.microsoft.com/en-us/training… learn.microsoft.com/en-us/training…

9pm last night: 2/3 done with implementing boolean-based SQL injection by hand in python to try to tease out table names. 2pm today: realize that sqlmap will just do it for me with the right switches. No I did not read the documentation.

A security researcher found an unsecured database belonging to Confidant Health that exposed 5.3TB of personal & confidential mental health information. The leaked files contained psychiatry intake notes, medical histories, family traumas, & even audio/video recordings of therapy

We are excited to announce our last but certainly not least Platinum Sponsor: NVIDIA! 👏 HUGE thanks for making our conference possible! #sponsorspotlight #gratitudepost

a collection of set theorists who are so excited that they cannot contain themselves

Ever struck by the astounding value for money of good books. Often: someone works for decades becoming the greatest expert in history on some subject, and then you get to engage with them for many hours (or tens or hundreds of hours, esp with rereads) on that subject

“I have concepts of a plan” - me in my weekly 1-1 about the thing I haven’t worked on at all.

So that happened.