Ray [REDACTED]

Sam Watson isn’t just my son…. He is yours too! Check what your son what just did in Bali, Indonesia: (Video with sound)

@McGrewSecurity Just wait until it is actually in your brain rather than in your field of vision!! (Shudder)

This kind of thing happens a lot and it’s always a little surreal to be walking down the strip and blam, there a Windows UI or Linux boot screen or whatever just filling a huge chunk of your field of view

Opus 4.6 extended feedback on my tweets below.

@bettersafetynet @planedrop And more

@bettersafetynet @planedrop More

The more I think about it, the less I like the "use AI to find issues an AI would" Have we collectively forgotten about hallucinations? Or has that been solved? (pls let me know if so!) I agree we need more automation... but real talk? Org culture is biggest patch drag.

@bettersafetynet @planedrop And more

If you cant seem to get 2 tickets to any event, try searching for singles (1). There is significant evidence that the LA Olympics trickle singles out every hour every 15-20 mins.

@aviramj This is a blatant self plug, but for evidence supporting your thesis and *ALSO* evidence rebutting it.... check out redact dot link slash history

Hot take: the cybersecurity industry is losing its institutional memory. The OG hackers - the ones who figured this stuff out before there were playbooks - are aging out. And most of their knowledge is not being captured. What they learned by breaking things in the 90s and early 2000s is still more relevant than half the threat intel reports being published today. We need more stages, more mentorship, more intentional knowledge transfer. Before that generation is gone.

@planedrop @bettersafetynet Bonus step: post all outputs to github and offer a cash bounty for anyone who can identify an hallucination that got past the harness and guardrails.

@planedrop @bettersafetynet Challenge the models to see if they can get and identify an hallucination from one of their collegaue models, using synthetic data, trickery, or anything short of command prompt injection/ jailbreaking. Have it run this challenge anytime between 1AM and 7AM, and track and log.

Two guys ran an entire hacking operation in a PRISON for months In 2015, two prisoners in Ohio were assigned to a recycling program where they dismantled old computers Instead of scrapping the parts, they started stealing them Carried components over 1,100 feet past guards, metal detectors, and multiple security checkpoints Then built two working PCs and hid them behind a plywood board in the ceiling of a training room closet They ran cables from the ceiling into the prison's own network Stole login credentials from an employee by watching him type his password Set up Bitcoin wallets, Stripe accounts, bank accounts and credit card applications using another inmate's stolen identity Downloaded VPNs, the Tor browser, password cracking tools and what investigators called "a large hacker's toolkit" Created fake security passes to access restricted areas of the prison This entire operation ran for months They only got caught because one of the computers used so much bandwidth it triggered an automatic alert The Inspector General said it was "almost as if it's an episode of Hogan's Heroes" Two guys with recycled computer parts and a ceiling tile built a cybercrime operation inside a state prison

@planedrop @bettersafetynet I am not being sarcastic. I have three agentic platforms running currently without any hallucinations being output to the end user.

@RayRedacted @bettersafetynet Is this, and I mean this quite literally, sarcastic or not? I can't tell and I want to respond as if I can. So please tell me and then we'll pretend I didn't have to ask.

Infosec pop quiz, question 21: What is the industry (2 word) term for when individual departments or individuals activate their own applications, servers, or devices, without procuring it through the corporate IT process? Example: twitter.com/WeldPond/statu…

Infosec pop quiz, question 18: What does David mean by "domain" in this context? Which domain is he referring to, and what are some other domains? twitter.com/davevenable/st…

Infosec Pop Quiz, Question 11: Which of these emails was actually from Capital One?

@planedrop @bettersafetynet With all due respect, I disagree. x.com/rayredacted/st…

@bettersafetynet Honestly as I understand it, and I'm not an expert, hallucinations quite literally can't be solved. There was a paper written about it fairly recently, which I've yet to finish, but it sounds like making an AI not hallucinate would result in it being rather useless.

@bettersafetynet Hallucinations are a total non issue with Panel of Experts. You run 12 models simultaneously, and your hallucination rate plummets to .00000000001% asymptotic to zero, because the independent agents catch them and prevent them fr9. Being output