This article on fines for major banks whose employees used “personal messaging apps to discuss deals, trades and other business” is a good reminder to know and follow the laws and regulations for your industry.
Now if we can get folks to stop texting and driving too!
US regulators fine Wall Street firms $549 mln in latest texting probe
An interesting article giving yet another example of why you should not use a personal email for work correspondence!
Wired recently published a piece on API vulnerabilities in the Points platform used by many hotels, airlines, and banks. One of the researchers pointed out the vulnerabilities would have had “a cascading effect to every company utilizing their loyalty backend”.
“It takes a lifetime to build a good reputation, but you can lose it in a minute.” ~ Will Rogers
Bruce Schneier has hit the nail on the head in his recent post on AI prompt injection attacks. Schneier feels it’s not possible to fully secure large language models (LLMs) against this kind of attack. Essentially, you can use AI to generate injection prompts, but read the article to learn more.
“I can do things you cannot, you can do things I cannot; together we can do great things.” ~ Mother Teresa
Did you take your team on vacation with you? Did they go with you on your hike? Were they floating on the lazy river next to you? No?
Another example of why security through obscurity does not work. Radio systems used by police and military outside the US have vulnerabilities that have existed since the 1990s.
The system is also used within “pipelines, railways, the electric grid, mass transit, and freight trains” in many countries, including the U.S.
Do you agree that security through obscurity is not effective?
The ACM Technology Policy Council has published principles for generative AI. While good governance may not be as exciting as delivering new features, it is crucial for practitioners to act responsibly and thoughtfully in their work.
A security.txt file on your website helps security researchers report security vulnerabilities.
I want to talk a little about code generation.
One example of code generation is this blog. It is hosted on Github Pages and originally used a tool called Jekyll to render simple Markdown documents as static webpages.
“Seek simplicity and distrust it.” ~ Alfred Whitehead
As an example of something simple that you might want to distrust, let us look at default error handling in bash.