Skip to content

Index

Stop It!

An interesting article giving yet another example of why you should not use a personal email for work correspondence!

Reputation Risk

Wired recently published a piece on API vulnerabilities in the Points platform used by many hotels, airlines, and banks. One of the researchers pointed out the vulnerabilities would have had “a cascading effect to every company utilizing their loyalty backend”.

“It takes a lifetime to build a good reputation, but you can lose it in a minute.” ~ Will Rogers

AI Prompt Injection Attacks

Bruce Schneier has hit the nail on the head in his recent post on AI prompt injection attacks. Schneier feels it’s not possible to fully secure large language models (LLMs) against this kind of attack. Essentially, you can use AI to generate injection prompts, but read the article to learn more.

Automatically Finding Prompt Injection Attacks

Team Dynamics on Vacation

“I can do things you cannot, you can do things I cannot; together we can do great things.” ~ Mother Teresa

Did you take your team on vacation with you? Did they go with you on your hike? Were they floating on the lazy river next to you? No?

Security Through Obscurity

Another example of why security through obscurity does not work. Radio systems used by police and military outside the US have vulnerabilities that have existed since the 1990s.

The system is also used within “pipelines, railways, the electric grid, mass transit, and freight trains” in many countries, including the U.S.

Do you agree that security through obscurity is not effective?

Code Kept Secret for Years Reveals Its Flaw—a Backdoor

AI Principles

The ACM Technology Policy Council has published principles for generative AI. While good governance may not be as exciting as delivering new features, it is crucial for practitioners to act responsibly and thoughtfully in their work.