JD Work
19.8K posts
JD Work
@HostileSpectrum
Former intel, now academic @NDU_CIC, @TheKrulakCenter, @SIWPSColumbia @ColumbiaSIPA, @CyberStatecraft, @ElliottSchoolGW, @PAISWarwick. Apolitical, views=own
Katılım Mart 2017
1.4K Takip Edilen9.2K Takipçiler
@philvenables Disorient (read traumatize) the workforce, to make sure that after action legal wrangling notes that the firm took liability transfer seriously…
English
Another interesting paper on training: Inside the Threat Matrix: Using Hybrid Computer Simulations to Educate Adults on Malicious Insider Threat and Technology Misuse.
Uses an immersive simulation to create a "disorienting dilemma" forcing participants to critically reflect on their experiences and challenge their underlying assumptions. Improves ability to detect and handle attempts to coerce them into insider threat behavior. Could be useful for training people to be more sensitive to scams as well.
dl.acm.org/doi/10.1007/97…
Infographic attached (thanks to NotebookLM).
English
Few things represent a worse malinvestment of commercial cyber intelligence than big game hunting for presumed Western ops, especially those decades old by now. And doubly again when the target is already known, and clearly distinct from any possible consumer need. Moreover when so little attention is paid to a whole range of current threats, with deployment in the wild that remains as yet poorly understood. But someone hasn’t already stacked up those samples in VT, and puppeted a narrative intended to take future international crisis resolution options off the table.
English
@pmarca It is not merely bad futurism, but motivated to be deceptive foresight. It either demotivates and reduces competition for viable opportunities still within reach, or drives demand for the kind of unrealistic political “solutions” that are framed as response to market “failure”
English
Dressing compute rationing up in the trappings of the AI “discovering” communism does not make it any less of a failure mode. It just defuses criticism among the most naive segment of the user base, the same rubes that fall for the old tired lies that have filled countless graves
English
The reason one ought favour the Fitzgerald translation is that “skilled in all ways of contending” immediately sets the bar for every officer and warrior. And thus the first priority for those who do not weigh matters on the edge to then seek to do away with this language in favour of diminishing polytropos, and many other things besides. But we ought still value first those held “formidable for guile in peace and war”.
English
@StephenPiment @pmarca This is still the modern day delusion driving many to believe that AI will usher in a new communist economy.
English
@pmarca If you don’t believe in the distributed-knowledge problem, or you imagine that computation can overcome it, it makes perfect sense to pursue cybernetics as a path to socialism.
English
Ironically the Soviets would have loved AI and in fact spent decades pursuing it. en.wikipedia.org/wiki/Cyberneti…
Garry Tan@garrytan
Hard leftists and DSA-types will fight AI tooth and nail because AI is the universal solvent for socialism’s three prerequisites. AI will reduce scarcity (abundance), eliminate victimhood (agency), and eliminate the need for intermediaries (disintermediation).
English
Ah, finally a wave of bad Mythos takes arrives. Complete with "patch 10% faster" (won't help), "patch 10x faster" (BUT HOW???) and "just fix it in code" (aha, for my Oracle db?!) - got any more stupidly current security advice?
English
@daveaitel The exploitation window for the pre contest collisions on those withdrawn entries is certainly nothing to be sanguine about.
English
There is no greater threat to the SIGINT enterprise than the censorship political-industrial complex. When the first impulse is to ban and silence anything that makes the entrenched elite uncomfortable, the ability to anticipate and understand anything new will suffer and eventually break in catastrophic surprise.
English
Decels arguing over on orbit data center feasibility when commercial GEOINT providers are out there shipping edge AI processing and detection in rapidly scaling constellations. More tokens being expended on mission already than were wasted on policy hot takes which badly mangle thermodynamics arguments.
English
@daveaitel It is not the race run in the circus Maximus, but the performance of the legion in the field that matters most. The latter is difficult to weigh until the contest of arms arises, and in the ways and places it may be observed.
English
This in general is a very complicating factor with the evals everyone wants to run which are essentially their way of looking at model versus model horse races, but which in reality are much more complicated.
Dino A. Dai Zovi@dinodaizovi
Nice! Interesting data point about how critical the harness is to overall effectiveness.
English
As is usual for this flavor of dialogue, I am compressing heavily to preserve the flavor and point at Twitter-appropriate length, rather than quoting. (I feel… increasingly uneasy with quoting LLMs, out of the ancient Internet norm “One doesn’t publish private communications.”)
English
One of my personal evals for image generators is a character from a D&Dish world who a) casts glamours that b) are revealed as glamours by any mirror. AI, show this character wearing a glamour passing a mirror.
They have been surprisingly good at this for a year now.
Today:
English
Stop turning prompting into magic spells (and yes, this includes random slash commands with obscure outcomes).
Let this one area of working with AI not be weird. Just ask for stuff, in well-specified formats, like a manager, not a sorcerer with a bunch of incantations.
roon@tszzl
no bro you need to turn on “/extrausage”. dawg are you sure you have “/fast” mode on? Did you check the “no mistakes” toggle? are you sure you picked “correct mode”? did you turn up the “autonomy slider”, that’s how the pros use it,
English
JD Work retweetledi
If you've been laid off from a cyber threat intel position and would like to come to @SLEUTHCON this year, please reach out.
English
@HostileSpectrum I've long argued that "ban ransomware" and "don't negotiate with terrorists" is a false equivalency...
... one that sadly all too well illustrates the decay in academic incentives and shift from scientific discovery to personal opinion advocacy.
English
No matter how many times we say this, there will be endless appetite for performative compliance in this fashion, solely as perceived liability transfer. At least until we have solid case precedent and board acceptance that this indeed has been a waste of time, money, and attention. In much the same way almost all of the things passed off as cyber hygiene are.
English
This paper confirms what we mostly knew anyway that phishing tests don't improve much, if anything.
Best to focus on technical controls that mitigate the risks more directly.
people.cs.uchicago.edu/~grantho/paper…
English