GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Taggart :ifin: (mttaggart@infosec.exchange)

  1. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Tuesday, 14-Jul-2026 04:19:02 JST Taggart :ifin: Taggart :ifin:

    Pretty wild to see hacking content creators I once admired get completely AI-brained. For years you've made a name for yourself telling people the path to success was learning certain skills. And now, suddenly, the message is just "let the models do it?"

    I know what the models can and can't do. But I also know that they require domain expertise to keep them on track, and there's only one way to develop it. Hint: it isn't writing prompts.

    In conversation about a day ago from infosec.exchange permalink
  2. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Tuesday, 07-Jul-2026 15:30:26 JST Taggart :ifin: Taggart :ifin:
    in reply to
    • Mike Sheward
    • WinterKnight :donor:

    @winterknight1337 @SecureOwl

    In conversation about 8 days ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/877/281/204/646/292/original/f1a0a41e3069c311.png
  3. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Sunday, 28-Jun-2026 06:07:16 JST Taggart :ifin: Taggart :ifin:

    I'm coming to the conclusion that community-owned and operated small clouds (co-ops) with easy onramps for self-hosting open source services like mail, storage, and VPN are the only way forward. Every corpo service is eventually going to make you ashamed to use it.

    In conversation about 17 days ago from infosec.exchange permalink
  4. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Wednesday, 10-Jun-2026 08:15:58 JST Taggart :ifin: Taggart :ifin:

    Over here writing code line by line, comment by comment. You know, like someone who "hates technology."

    In conversation about a month ago from infosec.exchange permalink
  5. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Saturday, 06-Jun-2026 04:31:58 JST Taggart :ifin: Taggart :ifin:

    Alphabet's first equity raise since initial offering should probably be bigger news.

    https://www.semafor.com/article/06/04/2026/hyperscalers-are-strapped-for-cash

    In conversation about a month ago from infosec.exchange permalink
  6. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Thursday, 04-Jun-2026 17:03:56 JST Taggart :ifin: Taggart :ifin:

    Fundamentally. Unsecurable.

    You can't rid yourself of this vulnerability in LLMs.

    https://www.safebreach.com/blog/gemini-voice-assistant-prompt-injection-exploit/

    In conversation about a month ago from infosec.exchange permalink
  7. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Monday, 01-Jun-2026 06:31:10 JST Taggart :ifin: Taggart :ifin:

    It really blows my mind that nobody is taking seriously the risk of processes built assuming the indefinite availability of AI compute—at current costs.

    The financials don't bear that faith out. Even if the "industry" doesn't collapse outright, the costs will skyrocket, and then what will you do?

    In conversation about a month ago from infosec.exchange permalink
  8. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Sunday, 31-May-2026 13:39:37 JST Taggart :ifin: Taggart :ifin:

    Hot diggity dog.

    The briefing concludes that standalone generative AI systems, based on unlawful web scraping, depend on mass invasions of privacy by design, and are fundamentally incompatible with [International Human Rights Law]. As such, Amnesty International is calling for a prohibition of such systems, including where such systems are identified as exacerbating existing inequalities or creating new forms of discrimination.

    https://www.amnesty.org/en/documents/pol40/0996/2026/en/

    In conversation about a month ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: www.amnesty.org
      Unlawful by design: Exposing the human rights costs of generative AI - Amnesty International
      This briefing examines how standalone generative AI systems, based on unlawful web scraping, are in conflict with international human rights law (IHRL) and standards through their design, development and deployment. While these technologies promise sophisticated automation and efficiency, they rely on data collection and model training practices that abuse privacy rights, enable discrimination, and threaten […]
  9. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Saturday, 23-May-2026 15:38:07 JST Taggart :ifin: Taggart :ifin:
    in reply to
    • Kim Scheinberg

    @kims Is there anything more anti-LLM than typing source code from the pages of a magazine?

    In conversation about 2 months ago from infosec.exchange permalink
  10. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Saturday, 23-May-2026 15:17:06 JST Taggart :ifin: Taggart :ifin:

    RE: https://infosec.exchange/@ifin/116622369159743355

    Gonna go back to sending software by mail until we can figure this out.

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      IFIN - The Independent Federated Intelligence Network (@ifin@infosec.exchange)
      from IFIN - The Independent Federated Intelligence Network
      Add Laravel to the list of large projects whose GitHub repos have been compromised. https://discourse.ifin.network/t/laravel-packages-compromised-in-yet-another-github-attack/497 #ThreatIntel #ThreatIntelligence #IFIN
  11. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Thursday, 21-May-2026 17:02:04 JST Taggart :ifin: Taggart :ifin:

    Lmao okay. Well the Claude/Claude Code "sandbox" does not prevent any DNS resolution either, soooo

    https://www.theregister.com/security/2026/05/20/even-claude-agrees-hole-in-its-sandbox-was-real-and-dangerous/5243662

    In conversation about 2 months ago from infosec.exchange permalink
  12. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Wednesday, 20-May-2026 13:58:42 JST Taggart :ifin: Taggart :ifin:

    RE: https://infosec.exchange/@ifin/116605052950779161

    I'm really hoping this, and the last few weeks, are a tipping point toward taking supply chain security seriously. Initial access appears to be a compromised VS Code extension.

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      IFIN - The Independent Federated Intelligence Network (@ifin@infosec.exchange)
      from IFIN - The Independent Federated Intelligence Network
      GitHub's internal repositories have been exfiltrated and offered for sale. https://discourse.ifin.network/t/github-internal-repositories-compromised-offered-for-sale/484
  13. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Tuesday, 19-May-2026 10:40:29 JST Taggart :ifin: Taggart :ifin:

    Bluesky once again appears to be struggling

    In conversation about 2 months ago from infosec.exchange permalink
  14. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Sunday, 17-May-2026 07:23:28 JST Taggart :ifin: Taggart :ifin:

    This entire report from the Ontario government on genAI systems is worth a read, but the review of healthcare scribe accuracy is pretty devastating, imo. This has to work for the tech to be worth anything. If the notes in the chart are wrong, the whole thing falls apart.

    https://www.auditor.on.ca/en/content/specialreports/specialreports/en26/2026_AI_EN.pdf

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/586/007/548/909/881/original/43a301bc8c0b6234.png
  15. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Friday, 15-May-2026 00:31:38 JST Taggart :ifin: Taggart :ifin:

    If you think folks are going to let things like this get built in their communities and operate with impunity, you have another thing coming. I'm not saying they should be sabotaged; I'm saying they positively will be.

    https://www.yahoo.com/news/articles/ai-data-center-bigger-2-124356503.html

    In conversation about 2 months ago from infosec.exchange permalink
  16. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Tuesday, 12-May-2026 13:16:03 JST Taggart :ifin: Taggart :ifin:
    • Davi Ottenheimer

    Truly phenomenal work from @flyingpenguin here. A breakdown of the timeline of the Ubuntu attack, the business behind the booter service, and Cloudflare's problematic role.

    https://www.flyingpenguin.com/can-someone-please-explain-whether-cloudflare-blackmailed-canonical/

    In conversation about 2 months ago from infosec.exchange permalink
  17. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Friday, 08-May-2026 23:30:31 JST Taggart :ifin: Taggart :ifin:

    So the Claude extension allows any other extension to inject JavaScript into claude.ai and run it? Cool cool cool.

    Yeah, don't let this one in.

    https://layerxsecurity.com/blog/a-flaw-in-claudes-browser-extension-allows-any-extension-to-hijack-it/

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: claude.ai
      Claude
      Talk to Claude, an AI assistant from Anthropic
  18. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Friday, 08-May-2026 13:06:58 JST Taggart :ifin: Taggart :ifin:
    in reply to

    For real though, more schools should know about Gibbon: https://gibbonedu.org/

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: gibbonedu.org
      Gibbon - The Flexible School Platform
      from @rossdotparker
      Created by teachers, Gibbon is the school platform which solves real problems encountered by educators every day. Being free, open source and flexible Gibbon can morph to meet the needs of a huge range of schools.
  19. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Friday, 08-May-2026 13:06:58 JST Taggart :ifin: Taggart :ifin:

    Do you see Moodles getting owned? I don't think so!

    In conversation about 2 months ago from infosec.exchange permalink
  20. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Thursday, 07-May-2026 02:49:59 JST Taggart :ifin: Taggart :ifin:
    in reply to
    • Christine Lemmer-Webber

    @cwebber Willison's distinction (and previous iterations of it) strike me as dangerously naive. Based on my own experience with both the tool and, y'know, human nature, nothing but the most draconian guardrails will prevent people from taking the easy way with these tools.

    We were never going to do this safely.

    In conversation about 2 months ago from infosec.exchange permalink
  • Before

User actions

    Taggart :ifin:

    Taggart :ifin:

    Displaced Philly boy. Threat hunter. Educator. :ifin: Executive Director. #infosec, #programming #rust :rust:, #python :python: #haskell :haskell:, and #javascript :javascript:. #opensource advocate. General in the AI Resistance. Runs @thetaggartinstitute. Made https://wtfbins.wtf. Not your bro. All opinions my own. Dad. #fedi22 #searchablePronouns: He/him.

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          117593
          Member since
          8 May 2023
          Notices
          325
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.