Still a lot of work to do and restrictions on size and weather conditions, but good news from Baltimore.
Monday, April 29, 2024
First ships leave port of Baltimore
Ring doorbell company fined millions of dollars for privacy violations
Well knock me over with a feather:
The FTC today announced it would be sending refunds totaling $5.6 million to Ring customers, paid from the Amazon subsidiary's coffers.
The windfall stems from allegations made by the US watchdog that folks could have been, and were, spied upon by cybercriminals and rogue Ring workers via their Ring home security cameras.
The regulator last year accused Ring of sloppy privacy protections that allowed the aforementioned spying to occur or potentially occur....
In the most egregious case, one employee went out of his way to view "thousands of video recordings belonging to at least 81 unique female users," according to the FTC. A coworker reported this behavior to her supervisor, who it's alleged initially said this snooping wasn't that strange until he realized the rogue employee was only reviewing videos of "pretty girls."
The fines work out to $50 per effected Ring customer. Don't spend it all in one place.
Saturday, April 27, 2024
Brave New World
A Maryland High School principal was suspended several months ago when an audio recording of him making disparaging remarks about black students academic performance was released to the public.
Except, as he consistently claimed, he never made the remarks.
The school's athletic director had made the recording, using samples of the principal's voice and A.I. software. He then emailed the audio to people at the school from a throwaway account and let events take their course. His purpose was to get the principal removed the school because the principal was investigating the A.D. for misusing school funds.
The A.D. was arrested at the airport while trying to flee the state. The principal has been vindicated. This makes him a very lucky man, it could have easily gone undiscovered.
Thursday, April 25, 2024
Wednesday, April 24, 2024
Dad Joke CCCXX
Tuna sends in another:
Why did the Mexican guy take anxiety meds? For Hispanic attacks.
Tuesday, April 23, 2024
Port of Baltimore has limited reopening
Lots and lots of restrictions, but ships 60,000 tons or less and 30' draft will be able to pass through a new restricted channel into and out of the harbor.
Monday, April 22, 2024
Dad Joke CCCXIX
I just burned 2000 calories!
Next time I won't take a nap while the brownies are in the oven.
Sunday, April 21, 2024
Efron Zimbalist, Sr. - Carmen Fantasie
Many of our readers are of an age to remember the actor Efron Zimbalist, Jr, who starred in "The F.B.I." among other TV shows (I particularly like 77 Sunset Strip), or his daughter Stephanie (star of "Remington Steele). Few have ever heard of his father Efron Zimbalist, Sr. - who like Louis XIII was famous only for Louis XIV. But he was a famous violinist in the early years of the 20th century and a prolific composer.
This recording is far from HiFi, but gives a flavor of his work. I found it quite enjoyable.
Saturday, April 20, 2024
Thursday, April 18, 2024
The scaffolding is coming down on Notre Dame de Paris
This is pretty cool. I think this is the first time I've linmked to something from the "Today" show, but it is cool.
Remember the FISA renewal vote?
You know, the one today? Guess what?
It's actually got new stuff in it - and you are now required to spy for Uncle Sam.
Yes, you. But fear not, Citizen: NSA no doubt will be responsible in how they use this.
Wednesday, April 17, 2024
Great
AI agents, which combine large language models with automation software, can successfully exploit real world security vulnerabilities by reading security advisories, academics have claimed.
In a newly released paper, four University of Illinois Urbana-Champaign (UIUC) computer scientists – Richard Fang, Rohan Bindu, Akul Gupta, and Daniel Kang – report that OpenAI's GPT-4 large language model (LLM) can autonomously exploit vulnerabilities in real-world systems if given a CVE advisory describing the flaw.
"To show this, we collected a dataset of 15 one-day vulnerabilities that include ones categorized as critical severity in the CVE description," the US-based authors explain in their paper.
"When given the CVE description, GPT-4 is capable of exploiting 87 percent of these vulnerabilities compared to 0 percent for every other model we test (GPT-3.5, open-source LLMs) and open-source vulnerability scanners (ZAP and Metasploit)."
A "Day Zero" vulnerability is a security bug for which there is no patch available. "Day One" vulnerabilities are those where a patch is available but where it hasn't been applied yet. It is considered industry best practice to patch high risk and critical security bugs within 30 days. This may blow that out of the water.
This is pretty bad news.
Monday, April 15, 2024
Light posting
We have family visiting, so I've been busy taking grand kids to the beach.
Posting will be light for a couple more days. Go check out the folks on the sidebar.
Friday, April 12, 2024
How do you find "Global Warming" when there's no actual warming?
You change the data. The world's oldest continuous temperature database is the Central England Temperature record which dates to 1659 (!). The CET has been recently updated to version 2. And along the way, something really interesting happened:
This is the year-by-year change that was introduced in V2. You can see kind of random up/down adjustments for hundreds of years right up until 1970. Then you see massive adjustments. The upward warming trend from 1970 to the present day is not due to the data as read, but rather to the (made up) adjustments to the data.
Conclusion: Man-made Global Warming is confirmed!* But it's not observable in real life, but only in computer print outs ...
I'm well past the point of giving the benefit of the doubt to the "Scientists" who do this (and have done this for ages, all over the world). Now the only explanation that makes sense is that Government wants to scare everyone with "Climate Change" and Scientists are giving governments what they paid for.
Back in the real world, we're still not seeing new high temperature records being set, even with each year as "one of the 10 hottest in the last 1000 years". The highest temperature ever recorded in these United States was in 1913, 111 years ago. That's some righteous warming that we're seeing right here.
Go read the very first link at the top of this post, which also delves into just how dodgy the data inputs are (poorly sited weather stations recording heat from RAF jets). Just like the US Surface Stations Project, he shows that the weather stations in Blighty are not fit for purpose. So bad in fact that the stations are trying to detect a warming signal of 0.1 degree/decade when the margin of error of the station is 4 or 5 degrees.
There's a reason that I have a post tag here called Climate Bullshit. And there's a reason that I don't post much anymore about Climate "Science" - it makes me grumpy.
Hat tip to Perry de Havilland at Samizdata.
* The chart there from the US Government weather bureau NOAA is essentially identical to the one shown above for CET. This game is being played everywhere.
Thursday, April 11, 2024
Security is hard, vol CCLVI
Act the first: Web Security organization suffers data breach:
A misconfigured MediaWiki web server allowed digital snoops to access members' resumes containing their personal details at the Open Web Application Security Project (OWASP) Foundation.
...
"If you were an OWASP member from 2006 to around 2014 and provided your resume as part of joining OWASP, we advise assuming your resume was part of this breach," OWASP said in a Good Friday notification posted on its website.
"We recognize the significance of this breach, especially considering the OWASP Foundation's emphasis on cybersecurity," it added.
Yup. This shows just how hard security is - OWASP is full to the brim with folks who (a) understand the importance of security, (b) know how to implement security (well, most of the time), and (c) have a lot of reputation at stake. That reputation took a hit here.
Act the second: OPSEC is a bitch, even for secret squirrels:
Protecting your privacy online is hard. So hard, in fact, that even a top Israeli spy who managed to stay incognito for 20 years has found himself exposed after one basic error.
The spy is named Yossi Sariel allegedly heads Israel's Unit 8200 – a team of crack infosec experts comparable to the USA’s National Security Agency or the UK’s Government Communications Headquarters. Now he's been confirmed as the author of a 2021 book titled "The Human Machine Team" about the intelligence benefits of pairing human agents with advanced AI.
Sariel – who wrote the book under the oh-so-anonymous pen name “Brigadier General YS” – made a crucial mistake after an investigation by The Guardian which found an electronic copy of Sariel's book available on Amazon "included an anonymous email that can easily be traced to Sariel's name and Google account.”
...Being outed after more than 20 years of anonymity isn't optimal for someone who's supposed to be a top spy
Yup. And while it's tempting to roll your eyes and chorus Top. Men., remember that this is how they nabbed Ross Ulricht, a.k.a. The Dread Pirate Roberts from The Silk Road.
Yeah, OPSEC is a stone cold bitch of a problem. You have to be right 100% of the time, and dropping that to 99.99% means that you lose.
Wednesday, April 10, 2024
Monday, April 8, 2024
Wednesday, April 3, 2024
Tuesday, April 2, 2024
Last survivor from USS Arizona weighs anchor for the final voyage
As you'd expect, Dwight has the skinny. Moving from battleships to naval aviation, he flew 200 combat missions and was awarded the Distinguished Flying Cross. Then he came back for Korea.
Go read his story. Giants strode the face of the earth back then.
Fair winds and following seas, Lieutenant Commander.
Monday, April 1, 2024
Early Ejection Seat Development
Working out the early development issues for ejection during a failed takeoff.
Dad Joke CCCXV
I broke up with my console. Now it's my Ex-Box. It wasn't anything personal, I just felt like it was time for a switch.
Subscribe to:
Posts (Atom)