Here’s a fun one… Microsoft added copilot features to sharepoint. The copilot system has its own set of access controls. The access controls let it see things that normal users might not be able to see. Normal users can then just ask copilot to tell them the contents of the files and pages that they can’t see themselves. Luckily, no business would ever put sensitive information in their sharepoint system, so this isn’t a realistic threat, haha.

Obviously Microsoft have significant resources to research and fix the security problems that LLM integration will bring with it. So much money. So many experts. Plenty of time to think about the issues since the first recall debacle.

And this is what they’ve accomplished.

https://www.pentestpartners.com/security-blog/exploiting-copilot-ai-for-sharepoint/

You must be new here. Hi!

Please cast your eyes over the archives, paying close attention to the threads where people are enthusing over AI search!

Actually that’s tricky because the people here might generally be described as unenthusiastic about AI, because the technology is fundamentally a fountain of bullshit and bias finely crafted to fool people into thinking it is a valuable and accurate tool.

The popups aren’t the issue, you know.

which can be used in many very useful ways, including saving life and reducing the work needed to fulfill the needs of a population

Uh huh. “Can” needs an asterisk and some disclaimers there. And probably “useful”, too.

An entertaining bit of pushback against the various bathroom bills being pushed at the moment. Bonus points for linking it with ai training. I feel like this is an idea that’s very adaptable…

https://mefi.social/@MissConstrue/113983951020093710

Signs which have been adhered to bathroom stall interiors at the Dallas Fort Worth airport.

SECURITY NOTICE Electronic Genital Verification (EGV) Your genitalia may be photographed electronically during your use of this facility as part of the Electronic Genital Verification (EGV) pilot program at the direction of the Office of the Lieutenant Governor. In the future, EGV will help keep Texans safe while protecting your privacy by screening for potentially improper restroom access using machine vision and Artificial Intelligence (Al) in lieu of traditional genital inspections. At this time, images collected will be used solely for model training purposes and will not be used for law enforcement or shared with other entities except as pursuant to a subpoena, court order or as otherwise compelled by legal process. Your participation in this program is voluntary. You have the right to request removal of your data by calling the EGV program office at (512) 463-0001 during normal operating hours (Mon-Fri 8AM-5PM). STE OP CRATMENT OA Pusi DFW DALLAS FORT WORTH INTERNATIONAL AIRPORT

The contact number appears to be for Dan Patrick, the lt. governor of Texas.

In a hilarious turn of events that no one could have foreseen, Anthropic is having problems with people sending llm generated job applications, and is asking potential candidates to please not use ai.

While we encourage people to use AI systems during their role to help them work faster and more effectively, please do not use AI assistants during the application process. We want to understand your personal interest in Anthropic without mediation through an AI system, and we also want to evaluate your non-AI-assisted communication skills. Please indicate 'Yes' if you have read and agree.

https://www.404media.co/anthropic-claude-job-application-ai-assistants/

In further bluesky news, the team have a bit of an elon moment and forget how public they made everything.

https://bsky.app/profile/miriambo.bsky.social/post/3ldq2c7lu6c25 (only readable if you are logged in to bluesky)

The reality is that some of us only have glimmers of sapience, and many not even that. Most humans, most of the time, are mindless zombies following a script

It’s a funny thing, that there are certain kinds of people who are assured of their own cleverness and so alienated from society that they think that echoing the same dehumanising blurb produced by so many of their forebears is somehow novel or informative, rather than just following a script.

(the irony of responding with an xkcd is not lost on me)

Much like the promptfondlers proudly claiming they are stochastic parrots, flaunting your inability to recognise intelligence in other humans isn’t a great flex.

Proton continuing to do pointlessly stupid and self-destructive things:

https://infosec.exchange/@malwaretech/113257047424000919

They're basically admitting they didn't pay an influencer to spread misinformation about public wifi in order to sell VPN products, they just stole her likeness, used her photo, and attributed completely made up quote to her.

But it was a joke guys! We did a satire! I’m totally certain I know what satire is!

You would choose your nationality like you choose your broadband provider. You would become a citizen of the franchised cyber statelet of your choice.

Ahh, I can’t wait.

Notification of planned maintenance 

Rule of law will be suspended between midnight and 6am 
pacific time to upgrade the constitution. We apologise for 
any inconvenience or loss of life.

One to keep an eye on… you might all know this already, but apparently Mozilla has an “add ai chatbot to sidebar” in Firefox labs (https://blog.nightly.mozilla.org/2024/06/24/experimenting-with-ai-services-in-nightly/ and available in at least v130). You can currently choose from a selection of public llm providers, similar to the search provider choice.

Clearly, Mozilla has its share of AI boosters, given that they forced “ai help” onto MDN against a significant amount of protest (see https://github.com/mdn/yari/issues/9230 from last July for example) so I expect this stuff to proceed apace.

This is fine, because Mozilla clearly has time and money to spare with nothing else useful they could be doing, alternative browsers are readily available and there has never been any anti-ai backlash to adding this sort of stuff to any other project.

Interview with the president of the signal foundation: https://www.wired.com/story/meredith-whittaker-signal/

There’s a bunch of interesting stuff in there, the observation that LLMs and the broader “ai” “industry” wee made possible thanks to surveillance capitalism, but also the link between advertising and algorithmic determination of human targets for military action which seems obvious in retrospect but I hadn’t spotted before.

But in 2017, I found out about the DOD contract to build AI-based drone targeting and surveillance for the US military, in the context of a war that had pioneered the signature strike.

What’s a signature strike?

A signature strike is effectively ad targeting but for death. So I don’t actually know who you are as a human being. All I know is that there’s a data profile that has been identified by my system that matches whatever the example data profile we could sort and compile, that we assume to be Taliban related or it’s terrorist related.

https://matduggan.com/a-eulogy-for-devops/

Possibly interesting blog post about what the idea of “devops” promised, and how it failed to deliver. With any luck, the “getting back to basics” thing will actually happen, instead of people imagining they are google and building nightmares out of kubernetes.