Jon Gorenflo 🇺🇦🌻
@flakpaket
Followers
3K
Following
14K
Media
2K
Statuses
15K
Family Man, Army Vet, Consultant, Founder @StartATTACKD, @SANSInstitute Principal Instructor, @hthackers Director.
Joined December 2011
It is more important to have notable character than to be a notable character.
1
5
48
RT @bettersafetynet: OpenAI's image generation is now indistinguishable from trolling. And yet. there's something off w/ this picture. N….
0
7
0
RT @SANSInstitute: Halfway through #SANSFIRE and you’re crushing it! 💥. Day 3️⃣ brought intensity, insight, and maybe a few “a-ha!” moments….
0
2
0
RT @joswr1ght: The AI hype cycle is exhausting, but I'm trying to devote time to writing each week on what I learn. TechTarget just publish….
www.techtarget.com
Learn how prompt injection attacks evolved from pranks to serious threats, enabling attackers to bypass AI security controls and execute malicious code.
0
3
0
RT @nntaleb: Most people are looking for fat & cost savings in government. No, no, no (outside defense). It is in EDUCATION & HEALTHCARE th….
0
145
0
RT @tradegal_: a fun prompt for introspection is "what contribution to societal flourishing do you most crave to be recognized for" and min….
0
830
0
RT @nyxgeek: If you’re using Azure Front Door WAF, make sure you select the correct IP match variable or you’re gonna have a bad time. Her….
0
54
0
RT @bettersafetynet: I _really_ like this take. The technical impacts are practically nil. Help spread this around. Seriously. This would….
0
2
0
RT @cutekernel: Indeed. There's a curious element to conversing with an AI while believing it's human and vice versa.
0
1
0
RT @dinodaizovi: Wait until you see the benefits of having the client (mobile app / web browser) generate the protobufs and then use then e….
0
3
0
Ignore EVERYTHING about AI in this article. AI was irrelevant to the vulnerability and what the researches did. The issues in the app were:.- a dumb password.- unnecessary data retention.
McDonald's uses an AI bot called "Olivia" for hiring. A pair of hackers found they could access every conversation job applicants had with it—including all the personal info they shared—by exploiting security flaws as basic as using the password "123456".
1
0
2
This sounds a little bit like the "evil bit", except it's backwards. It also makes it easy to draft laws, which make it easier to prosecute abuses. As AI gets better, the "technical" fixes will become much more difficult. Governed, appropriate use will become paramount. 3/3.
0
0
4
At first, I considered this just an ethical requirement; however, I think it goes far beyond ethics. I don't think anyone could or will be harmed by tagging AI messaging, which is not true of the inverse. 2/3.
1
0
4
I think AI will lead to a few new "fundamental human rights". For example, I believe, as a human being, I have a right to know if the other participant in a conversation is a human, a bot, or an AI agent. All communications from bots and agents MUST be tagged appropriately. 1/3.
1
0
8
“Exclusions” and “exceptions to policy” are security Jenga. If you’ve never played, the tower always falls. Always.
Exclusions are the bane of defensive security. All it does is allow threat actors to get on second base immediately. It's kind of funny because the word "exclusion" literally means to keep out, which is literally the opposite of what you do when you create exclusions in security.
2
1
7
RT @bettersafetynet: @RSnake DBs are _all_ the dumb. My fav method to test for SQLi is to use arcane techniques few know about. My MVP? t….
0
1
0
I want one of these toys painted like Jack and Rose on the door after the Titanic sank.
1
0
2
RT @SwiftOnSecurity: I didn't like or listen to Taylor Swift until I made this account to make a Heartbleed joke. She won me over.
0
8
0
