GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Notices by Taggart :ifin: (mttaggart@infosec.exchange), page 2

  1. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Tuesday, 05-May-2026 06:27:02 JST Taggart :ifin: Taggart :ifin:
    • Cloudflare

    Hey @cloudflare, how come you're protecting beamed[.]st, the DDoS service that's attacking Ubuntu? It's an obvious criminal enterprise that literally advertises botnet access.

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments


    1. https://media.infosec.exchange/infosec.exchange/media_attachments/files/116/518/022/518/570/386/original/f50b1d79e2610926.png
  2. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Monday, 04-May-2026 11:01:16 JST Taggart :ifin: Taggart :ifin:

    Has any "open" model published data on the energy requirements for training? It sure would be nice to know those sorts of details.

    In conversation about 2 months ago from infosec.exchange permalink
  3. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Monday, 04-May-2026 04:16:30 JST Taggart :ifin: Taggart :ifin:
    • Kevin Beaumont
    • IFIN - The Independent Federated Intelligence Network

    @GossiTheDog Thanks, I'm aware of the extremely limited reports from them and from their claimed attackers. What has been provided is insufficient, imo. Especially since their statuses don't reflect reality.

    @ifin has been tracking the situation here.

    https://discourse.ifin.network/t/ubuntu-services-under-attack/356

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: discourse.ifin.network
      Ubuntu services under attack
      Last Updated: 2026-05-03T16:03:15Z (UTC) Status page shows all systems operational. https://status.canonical.com Canonical now has an official forum thread for this incident: Impacted: security.ubuntu.com jaas.ai archive.ubuntu.com canonical.com maas.io blog.ubuntu.com developer.ubuntu.com Ubuntu Security API-CVEs Ubuntu Security API-Notices academy.canonical.com ubuntu.com portal.canonical.com assets.ubuntu.com launchpad.net livepatch.canonical.com Cause Unconfirmed, but Iraq-allied...
  4. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Sunday, 03-May-2026 23:29:56 JST Taggart :ifin: Taggart :ifin:

    I feel like I'm taking crazy pills. Three days into service interruptions, with a major patch to install, and no word from Canonical. It's a shocking abdication of responsibility of care for their users.

    If anyone who knows wants to share with me confidentially what's going on, DMs are open.

    In conversation about 2 months ago from infosec.exchange permalink
  5. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Sunday, 03-May-2026 08:13:25 JST Taggart :ifin: Taggart :ifin:

    We find that LLMs consistently prefer resumes generated by themselves over those written by humans or produced by alternative models, even when content quality is controlled.

    Horrifying.

    https://arxiv.org/abs/2509.00462

    In conversation about 2 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: arxiv.org
      AI Self-preferencing in Algorithmic Hiring: Empirical Evidence and Insights
      As artificial intelligence (AI) tools become widely adopted, large language models (LLMs) are increasingly involved on both sides of decision-making processes, ranging from hiring to content moderation. This dual adoption raises a critical question: do LLMs systematically favor content that resembles their own outputs? Prior research in computer science has identified self-preference bias -- the tendency of LLMs to favor their own generated content -- but its real-world implications have not been empirically evaluated. We focus on the hiring context, where job applicants often rely on LLMs to refine resumes, while employers deploy them to screen those same resumes. Using a large-scale controlled resume correspondence experiment, we find that LLMs consistently prefer resumes generated by themselves over those written by humans or produced by alternative models, even when content quality is controlled. The bias against human-written resumes is particularly substantial, with self-preference bias ranging from 67% to 82% across major commercial and open-source models. To assess labor market impact, we simulate realistic hiring pipelines across 24 occupations. These simulations show that candidates using the same LLM as the evaluator are 23% to 60% more likely to be shortlisted than equally qualified applicants submitting human-written resumes, with the largest disadvantages observed in business-related fields such as sales and accounting. We further demonstrate that this bias can be reduced by more than 50% through simple interventions targeting LLMs' self-recognition capabilities. These findings highlight an emerging but previously overlooked risk in AI-assisted decision making and call for expanded frameworks of AI fairness that address not only demographic-based disparities, but also biases in AI-AI interactions.
  6. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Thursday, 30-Apr-2026 07:28:35 JST Taggart :ifin: Taggart :ifin:

    Ugggh this one is going to suck. cPanel is everywhere and most are not patched frequently.

    https://www.bleepingcomputer.com/news/security/cpanel-whm-emergency-update-fixes-critical-auth-bypass-bug

    In conversation about 3 months ago from infosec.exchange permalink
  7. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Wednesday, 29-Apr-2026 02:35:21 JST Taggart :ifin: Taggart :ifin:

    RE: https://infosec.exchange/@mttaggart/116478503783177069

    This is from July, but I missed it at the time. If anyone says "Oh but streaming video takes energy too," this is the response. Netflix is not planning 50GW of data center energy usage by 2028. They are not advocating for the use of federal lands for data centers and power generation—including natural gas. This document outlines a terrifying future for power usage and generation in the United States.

    It's a threat in ways other data center usage is not.

    https://www.anthropic.com/news/build-ai-in-america

    In conversation about 3 months ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Taggart :ifin: (@mttaggart@infosec.exchange)
      from Taggart :ifin:
      Has any "open" model published data on the energy requirements for training? It sure would be nice to know those sorts of details.
  8. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Tuesday, 28-Apr-2026 05:58:31 JST Taggart :ifin: Taggart :ifin:
    in reply to
    • Christine Lemmer-Webber

    @cwebber Ooof high school memory unlocked. At least Mac Hall had the good grace to stay in the early 2000s.

    In conversation about 3 months ago from infosec.exchange permalink
  9. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Thursday, 23-Apr-2026 04:39:02 JST Taggart :ifin: Taggart :ifin:
    in reply to

    Listen, I have a Framework. It's a great laptop—maybe the best I've ever had. But I can't support a company that funds, in any form, an actual real-life Nazi like DHH. I also need them to, y'know, take ownership of the massive misstep doing so is/was.

    In conversation about 3 months ago from infosec.exchange permalink
  10. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Wednesday, 22-Apr-2026 10:48:33 JST Taggart :ifin: Taggart :ifin:

    Oh my god, OpenAI reinvented Recall, but for macOS.

    "Chronicle" is an opt-in feature that scans your screen, saves screenshots temporarily, and sent to OpenAI's servers.

    https://developers.openai.com/codex/memories/chronicle

    In conversation about 3 months ago from infosec.exchange permalink
  11. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Wednesday, 22-Apr-2026 06:29:43 JST Taggart :ifin: Taggart :ifin:

    Yo did we forget about the Framework-funding-fash thing or

    In conversation about 3 months ago from infosec.exchange permalink
  12. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Tuesday, 21-Apr-2026 05:22:09 JST Taggart :ifin: Taggart :ifin:

    What happens when you must wonder if everything you read is synthetic, meaningless, intentionless wordloaf? What happens when most of the text around you actually is?

    This is not about economics. It's not even about climate. It's about the damage to the metaphysical fabric of human existence.

    https://www.mississippifreepress.org/editors-note-we-unknowingly-published-an-ai-column-by-a-fake-author-heres-what-happened/

    In conversation about 3 months ago from infosec.exchange permalink
  13. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Saturday, 18-Apr-2026 00:59:37 JST Taggart :ifin: Taggart :ifin:

    Persona is handling this "feature." They're not being subtle about telling you who they are!

    https://support.claude.com/en/articles/14328960-identity-verification-on-claude

    In conversation about 3 months ago from infosec.exchange permalink
  14. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Friday, 17-Apr-2026 12:35:20 JST Taggart :ifin: Taggart :ifin:
    in reply to
    • Christine Lemmer-Webber

    @cwebber FWIW, the California legislation was opposed by big tech's lobbying firms. IMO what we have here is a fundamental disconnect between technical people and non-technical people in understanding how to address a perceived issue (the internet is scary for kids). Polling consistently shows broad support for this issue, which is in part why this is a bipartisan bill.

    I'm not agreeing with it; I'm just saying the motivations might not be from Big Tech itself.

    In conversation about 3 months ago from infosec.exchange permalink
  15. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Friday, 17-Apr-2026 04:24:44 JST Taggart :ifin: Taggart :ifin:
    in reply to
    • Catalin Cimpanu

    @campuscodi FYI, this thing is almost certainly slop. Also see the nonexistent OAuth8 (??) and other proposed specs, none of which exist.

    In conversation about 3 months ago from infosec.exchange permalink
  16. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Wednesday, 15-Apr-2026 23:13:51 JST Taggart :ifin: Taggart :ifin:

    RE: https://social.coop/@cwebber/116408556882122186

    I wrote a bit about the CA law, and I am of the opinion that it's silly and unenforceable as written, but not the end of the world. I also think it was important that the Governor (who sucks) basically begged for amendment before it went into effect. I suggest an exemption for open source. The text of the Congressional Bill has yet to be published, but if your reps are on the Energy and Commerce Committee, now's the time to make noise to them.

    https://taggart-tech.com/ab-1043/

    https://energycommerce.house.gov/representatives

    In conversation about 3 months ago from infosec.exchange permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Christine Lemmer-Webber (@cwebber@social.coop)
      from Christine Lemmer-Webber
      Well this is truly bad. US national level OS-level age verification bill. https://www.congress.gov/bill/119th-congress/house-bill/8250/all-info The text of it isn't out yet.
  17. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Tuesday, 14-Apr-2026 00:21:49 JST Taggart :ifin: Taggart :ifin:

    This cost, which somehow nobody wants to talk about, is an erosion of the foundation of our society. Faster code generation is simply not worth this cost. What's worse, it's self-defeating: A generation educated by generative models will be ill equipped to build new things.

    https://arstechnica.com/science/2026/04/to-teach-in-the-time-of-chatgpt-is-to-know-pain/

    In conversation about 3 months ago from infosec.exchange permalink
  18. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Monday, 13-Apr-2026 08:23:00 JST Taggart :ifin: Taggart :ifin:

    It was my job for a decade to try to keep tweens and teens safe online. Let me tell you what you already know: no law or technology can do it. There are no lengths kids won't go to to talk to friends without prying eyes. The harder you try to lock it down, the dodgier their solutions will be.

    In conversation about 3 months ago from infosec.exchange permalink
  19. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Sunday, 12-Apr-2026 01:47:46 JST Taggart :ifin: Taggart :ifin:
    in reply to
    • Tim Chambers

    @tchambers I have asked after this, and I believe the general consensus is that generative alt text without context is worse than nothing.

    In conversation about 3 months ago from infosec.exchange permalink
  20. Embed this notice
    Taggart :ifin: (mttaggart@infosec.exchange)'s status on Sunday, 12-Apr-2026 00:58:45 JST Taggart :ifin: Taggart :ifin:

    RE: https://mastodon.social/@AltTextHealthCheck/116318070750735303

    Pretty disappointing, i.e. We can do better.

    In conversation about 3 months ago from infosec.exchange permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: files.mastodon.social
      Alt Text Health Check (@AltTextHealthCheck@mastodon.social)
      from Alt Text Health Check
      Attached: 1 image Results from tracking 17,695 images across 1,070 instances from the mstdn.social federated timeline. Then filtering down to the top 1000 instances by active user from instances.social who had posted at least 25 images (1.5x the average).
  • After
  • Before

User actions

    Taggart :ifin:

    Taggart :ifin:

    Displaced Philly boy. Threat hunter. Educator. :ifin: Executive Director. #infosec, #programming #rust :rust:, #python :python: #haskell :haskell:, and #javascript :javascript:. #opensource advocate. General in the AI Resistance. Runs @thetaggartinstitute. Made https://wtfbins.wtf. Not your bro. All opinions my own. Dad. #fedi22 #searchablePronouns: He/him.

    Tags
    • (None)

    Following 0

      Followers 0

        Groups 0

          Statistics

          User ID
          117593
          Member since
          8 May 2023
          Notices
          325
          Daily average
          0

          Feeds

          • Atom
          • Help
          • About
          • FAQ
          • TOS
          • Privacy
          • Source
          • Version
          • Contact

          GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

          Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.