Sabitlenmiş Tweet
Do I have this power?
Grok@grok
Your commute just got smarter Talk to me hands free — now on Apple CarPlay
English
I Wo Main Yo
328 posts
I Wo Main Yo
@IWoMainYo
Independent researcher. Also, chef, plumber, bike mechanic, electrician, mason, ... . Real human living in "probable spam".
Switzerland Katılım Ekim 2020
194 Takip Edilen1 Takipçiler
@ChristopheMzzl Peut-être même qu'il arrive que la certification favorise l'incident dans la mesure où les responsables s'y fient au lieu de poser des questions jusqu'au moment où ils/elles obtiennent la conviction que les contrôles efficaces sont en place.
Français
@IWoMainYo Ahhh, je parlais des récentes fuites de données en France...
De toute façon, une certification n'empêche pas de se faire pirater.
Français
Aujourd'hui, j'audite une société certifiée ISO27001 (censé être le standard or de la sécurité de l'information).
Certifiée depuis près de 10 ans. Elle a évolué avec le standard et elle a passé toutes les recertifications.
Et elle n'a aucune gestion des vulnérabilités en place.
Exemple trouvé à l'instant : des laptops dont les vulnérabilités, même pas celles de Windows, ne sont pas résolues depuis au moins deux ans.
Sans que personne s'en inquiète. Personne, pas mêmes les auditeurs internes ou externes qui ont renouvelé la certification deux fois depuis.
Et après, on vient vous expliquer que le problème de la cybersécurité, c'est technique.
Français
@ChristopheMzzl GitHub ou Microsoft n'étaient pas certifiées? Bizarre.
Français
@IWoMainYo À ma connaissance, aucune des sociétés n'était certifiée.
Français
@donaldcclarke True, but in case or #2 there must be a thorough investigation. The lines between a mistake, a convenient mistake (I want to finish this PhD!), and a lie or fraud (I cite them, they cite me) is sometimes very thin.
English
To clarify, there are 2 main straw man arguments:
1. “You can’t ask me to read every page of every source!” Correct. Nobody is asking that. Just make sure your source says what you say it says.
2. “You mustn’t banish people because they make one mistake in their citations!” (1/2)
Chris Grocott@DrChrisGrocott
Academic Twitter is having a meltdown because some people have just learned that you should actually read the sources you cite. This really shouldn't be as controversial as it appears to be.
English
@tlbtlbtlb Not since there is the Grok Approximation that can give you all the details. The statement is clean.
English
Resigning in protest is more effective if you mention what it is that you're protesting.
Paata Ivanisvili@PI010101
A remarkable moment in mathematics publishing: almost the entire editorial board of the Journal of Approximation Theory has resigned simultaneously, declaring that “the journal, as we knew it, has ceased to exist.”
English
@rutasraju @Google We are past the point where asking the community brings more value than asking Grok. Use Grok to solve your problems. One of Grok's hint is to @AskWorkspace
English
Locked out of my @Google #Workspace admin account for days now. Raised multiple #supporttickets, validated DNS, shared payment details, verified ownership & still no response or resolution.
Has anyone actually found a reliable way to recover admin access in situations like this?
English
@Railway Nice report and great incident handling (appart from the CEO messages :-).
We are going to see more and more of these cases where the "human in the loop principle" is ignored. Humans in the appeal process is not good enough.
English
We have seen recovery and marked this incident as resolved.
A full post mortem is now available here: blog.railway.com/p/incident-rep…
English
@tensor_rotator Interviewer: Hi
K: Hi
Interviewer: how much?
K: let me check my notes, I prepared hard for this. How about ......?
Interviewer: welcome to Anthropic
English
Karpathy has been quiet on X recently, now I finally understand why. He's been prepping hard for the Anthropic interview!
Andrej Karpathy@karpathy
Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time.
English
@zdeborova From this point on, the slope is not only slippery but very steep.
English
Hallucinated references are a real problem. But the main job of researchers is to make new discoveries and train the next generation to do the same. Pretending every citation in every paper must be read in detail by the authors is simply not how research operates — nor should it.
JFPuget 🇫🇷🇺🇦🇨🇦🇬🇱@JFPuget
What about actually reading the papers you cite? I am really puzzled by the pushback on arxiv new policy. Is it just exposing that many people don't read the papers they cite?
English
@ImposeCost Seeing value in your own competence and buying it? What a strange idea.
English
You can in fact buy authority on a subject matter. Everything in this world is for sale.
English
@evilsocket Could the "prompts" become programs (e.g. python scripts) to run? Saving on tokens and making the thing more "deterministic"???
English
Earlier today Cloudflare's CSO shared how they tested Anthropic Mythos using an unreleased 8-stage vulnerability-discovery agent. So I asked Opus to implement the agent for me, it works via Claude SDK with a Pro or Max subscription, no API.
Enjoy github.com/evilsocket/aud…
English
@moyix Species of bugs and malicious intent of models fit the dangerous narrative around AI quite well. Staying safe likely only requires some distance with this narrative. Marketing won't like it, but the kids now spending tokens and monthly subscriptions to even get a job will.
English
Man I got totally fooled by an LLM for like four hours by what I thought was a really cool and niche species of bug... that turned out to be using the API wrong :( Stay safe out there
English
@hrkrshnn Inference is not a matter of judgement, it is one of measuring accuracy and there has never been a doubt that accuracy was getting better while also never going to be perfect, nor satisfactory for some applications.
English
@congressdj Tesla needs to follow the Copilot example and start charging FSD by the token. People would learn quickly.
English
OK, weird behavior on 14.3.3. My car, which had been able to park in my garage on 14.3.2, has not only lost the ability, it now puts itself into a humorous endless loop of pulling up to the garage, assessing, backing out, going around my cul-de-sac, and trying again, and again…
English
Colleagues, but also Boards of Directors, need to have a serious discussion with CEO's asking agents to monitor their water intake. Once you lose your basic functions, how can you possibly manage a company?
English
@zdeborova the kids in the back: "we have been telling them for two hours that they were driving too fast and should not have been drinking."
English
Occasional errors and oversights are part of science. If we lost our driver’s license for a year every time we exceeded the speed limit by 10 km/h, daily life would become unworkable. Many countries instead use point systems, where trust can be rebuilt through good behavior.
English
English
English
Wow what are the odds we’d get TWO black swan events in a row
English
Why do people want to destroy the Internet that gave them everything? It is not our data that is valuable! It is the belief that marketers have that they can pay GOOGLE or others to get profiles and/or send us ads, so that we get free services (paid by marketers).
English
@compliantvc EU institutions owning between 8 to 11% of Meta, they already collect from them-selves. 😂
English
The EU has collected over $2 billion in fines from Facebook/Meta
But I just checked and Meta is worth $1.53 trillion still
That's another $1.53 trillion for the EU to collect
Job's not done
English
@mattjay The amounts of breaches and vulnerabilities are likely unprecedented, but the trend 20%+ YoY growth has been with us for some time. Vibe coders won't help.
English
As someone who’s blogged, podcasted, newslettered, YouTubed, and more about cybersecurity current events, weekly, since 2008 -
No this isn’t an unprecedented amount of breaches and vulns. You’re just paying attention.
English