Notices by Alex Stamos (alex@cybervillains.com)

Microsoft just announced that they were breached by the SVR, the same Russian intelligence agency that broke into Solarwinds.

This is a big deal, and Microsoft owes all of us a much more detailed description of what happened.

https://msrc.microsoft.com/blog/2024/01/microsoft-actions-following-attack-by-nation-state-actor-midnight-blizzard/

This entire video is worth a watch for anybody interested in the cutting edge of mobile exploitation. Impressive work by Kaspersky analyzing an incredible exploit chain and malware platform.

https://youtu.be/1f6YyH62jFE?feature=shared

How does Stable Diffusion 1.5 know how to create CSAM? It turns out it was trained on thousands of illegal images contained in the extremely popular LAION-5B image set.
I’m so incredibly proud of my friend and colleague @det

Story:
https://www.404media.co/laion-datasets-removed-stanford-csam-child-abuse/

Paper:
https://stacks.stanford.edu/file/druid:kh752sm9123/ml_training_data_csam_report-2023-12-20.pdf

Lots of people have worried about CSAM in training sets, including the LAION team themselves, but David actually created a novel mechanism to detect it.
Hopefully this will change the way these training sets are created in the future.

@det

@rhaksw @evelyndouek Yoel's testimony specifically talked about moderation transparency, and you are apparently not familiar with my work as I've been championing such things for years. https://youtu.be/ATmQj787Jcc?t=1823

I can't believe I'm saying this, but with today’s update Mastodon beat Threads to full-text search.

The latest Moderated Content podcast with @evelyndouek and me is up.

This includes a long discussion of safety issues with the Fediverse, how Meta might deal with them, and some potential solutions to get ready for the challenges without Meta effectively calling the cops on a huge number of instances.

Have a listen:

https://law.stanford.edu/podcasts/mc-weekly-update-why/

Here are meta-results: the engagement on Twitter, Threads and Mastodon for my last post about engagement on Twitter, Threads and Mastodon. Now with more Excel features!

Threads is the winner by a mile.

I find the arguments against officially supported Fediverse search pretty tedious, as you have to be really naive to believe that a bunch of bad-faith actors aren’t already quietly archiving everything.

Much better to positively engage with people trying to provide a service that is clearly in demand than to bikeshed every public discussion while Prigozhin, Palantir, and a dozen GenZ Alexander Kogans archive everything.

https://mastodon.adida.net/@ben/109605040983358553

The greater Fediverse community is in store for a hard transition as the greater network transitions from “too small for anybody to care” to “financially worthwhile for professional disinfo trolls, spam farms, Grey-market adtech, and organized CSE groups.”

This claim is false.

Law enforcement has the ability to get stored communications from companies like Twitter under 18 USC 2703(d). This is a famous "d-order" that has to be signed by a judge.

Companies can demand reimbursement under 2706. You can argue that 2703 should have a higher standard, but if the government can get to user data should it be free or should the companies ask for a nominal cost?

This is absolutely nothing to do with content moderation.