Ian Holmes, CISSP
@ianholmescissp.bsky.social
Systems Architect | Security Propagandist | Vanquisher of Tech Bros. Consulting will cost you, but the sarcasm is free!
This is insane. They're intentionally weaking our cybesecurity posture so that Russia, can exploit it.
Homeland Security funding for CVE program expires
: Because vulnerability management has nothing to do with national security, right?
www.theregister.com
April 16, 2025 at 3:57 PM
This is insane. They're intentionally weaking our cybesecurity posture so that Russia, can exploit it.
Very illuminating video from Computerphile on "Indirect Prompt Injection" - described by NIST as "Generative AI's Greatest Flaw." #AI #security
Generative AI's Greatest Flaw - Computerphile
YouTube video by Computerphile
www.youtube.com
March 31, 2025 at 10:02 PM
hey I am trendy too
March 29, 2025 at 1:44 AM
hey I am trendy too
One aspect of #AI that we generally don't talk about is how easy it is to poison it with propaganda. Garbage in, garbage out is the oldest problem in computing. AI Safety needs to include vetting input - and that task is probably impossible without AI tools built to detect disinformation campaigns.
Russian propaganda web tricks 33% of AI responses in 49 states
The Kremlin's propaganda network flooded the web with 3.6 million fake articles in 2024 to deceive the top 10 AI models, a report reveals.
euromaidanpress.com
March 28, 2025 at 8:50 PM
One aspect of #AI that we generally don't talk about is how easy it is to poison it with propaganda. Garbage in, garbage out is the oldest problem in computing. AI Safety needs to include vetting input - and that task is probably impossible without AI tools built to detect disinformation campaigns.
Is this good publicity for #Signal - it's being used as an illegal back channel communication system by the Pentagon - but the people using it are so incompetent it's almost guilt by association. Honestly can't tell.
March 25, 2025 at 9:03 PM
Is this good publicity for #Signal - it's being used as an illegal back channel communication system by the Pentagon - but the people using it are so incompetent it's almost guilt by association. Honestly can't tell.
Just made the jump to GrapheneOS. It's a good time to evaluate your privacy and security decisions. Google's "Don't be Evil" was never actually an official motto, but they've been much less idealistic in recent years. Android is a great OS, even better without Google. #grapheneos #android #pixel
March 13, 2025 at 11:41 PM
Just made the jump to GrapheneOS. It's a good time to evaluate your privacy and security decisions. Google's "Don't be Evil" was never actually an official motto, but they've been much less idealistic in recent years. Android is a great OS, even better without Google. #grapheneos #android #pixel
Claude Code is scary good. Embarassing for Github Copilot how far behind it is. #anthropic #ai #claude #copilot
March 7, 2025 at 1:44 AM
Claude Code is scary good. Embarassing for Github Copilot how far behind it is. #anthropic #ai #claude #copilot
That feeling, after you're a new position and have been wondering if you're in over your head, when all the sudden you are knee deep in the work and realize you're kicking high degrees of ass at it, that is a great feeling.
March 5, 2025 at 4:58 PM
That feeling, after you're a new position and have been wondering if you're in over your head, when all the sudden you are knee deep in the work and realize you're kicking high degrees of ass at it, that is a great feeling.
From a cybersecurity perspective, this is actually insane. It confirms Donald Trump has been compromised, a fact I've known since 2016. It's obvious if you look for it. #cybersecurity #russia
Shock as U.S. Caves to Russia in Cybersecurity Fight
The Cybersecurity and Infrastructure Security Agency has reportedly received a new list of directives which exclude Russia as a threat.
www.thedailybeast.com
March 3, 2025 at 6:27 PM
From a cybersecurity perspective, this is actually insane. It confirms Donald Trump has been compromised, a fact I've known since 2016. It's obvious if you look for it. #cybersecurity #russia
February 28, 2025 at 7:07 PM
One of my favorite fun facts about AI is the dumber you are the dumber your answers will be. It's a system of biases, you're subtly prompting it with your own ignorance.
February 27, 2025 at 9:21 PM
One of my favorite fun facts about AI is the dumber you are the dumber your answers will be. It's a system of biases, you're subtly prompting it with your own ignorance.
I vastly prefer the terms "machine learning" or "gen text" etc to this stupid moniker of "AI". Intelligence implies cognition. Even apps that use text generation for decision making are not performing cognition, it's correlating text relationships, and then iterating. Not thinking. #ai
February 24, 2025 at 8:34 PM
I vastly prefer the terms "machine learning" or "gen text" etc to this stupid moniker of "AI". Intelligence implies cognition. Even apps that use text generation for decision making are not performing cognition, it's correlating text relationships, and then iterating. Not thinking. #ai
Using outdated paradigms is a form of tech debt. Organizations should consider this when they build out new deployments with ancient architectural concepts. Infrastructure as Code, Config Management, Zero Trust - it's one thing to run legacy systems, but come on get modern, stop deploying them!
February 1, 2025 at 1:32 AM
Using outdated paradigms is a form of tech debt. Organizations should consider this when they build out new deployments with ancient architectural concepts. Infrastructure as Code, Config Management, Zero Trust - it's one thing to run legacy systems, but come on get modern, stop deploying them!
This blows my mind.
20 years ago, I worked at the Titusville Staples. We used to sell 32 megabyte flash drives. I remember describing them to people at the time "the capacity of 20 floppy disks."
I now have a ONE TERABYTE microSD card. Thats SEVEN HUNDRED THOUSAND FLOPPY DISKS. #tech #computers
20 years ago, I worked at the Titusville Staples. We used to sell 32 megabyte flash drives. I remember describing them to people at the time "the capacity of 20 floppy disks."
I now have a ONE TERABYTE microSD card. Thats SEVEN HUNDRED THOUSAND FLOPPY DISKS. #tech #computers
January 17, 2025 at 2:46 AM
This blows my mind.
20 years ago, I worked at the Titusville Staples. We used to sell 32 megabyte flash drives. I remember describing them to people at the time "the capacity of 20 floppy disks."
I now have a ONE TERABYTE microSD card. Thats SEVEN HUNDRED THOUSAND FLOPPY DISKS. #tech #computers
20 years ago, I worked at the Titusville Staples. We used to sell 32 megabyte flash drives. I remember describing them to people at the time "the capacity of 20 floppy disks."
I now have a ONE TERABYTE microSD card. Thats SEVEN HUNDRED THOUSAND FLOPPY DISKS. #tech #computers
It's interesting there are so many courses on using AI. If it works so well why not ask AI how to use it, who needs a middle man?
January 10, 2025 at 7:19 PM
It's interesting there are so many courses on using AI. If it works so well why not ask AI how to use it, who needs a middle man?
I wonder what percentage of private keyfiles have a password of 1234 🤔
January 10, 2025 at 12:42 AM
I wonder what percentage of private keyfiles have a password of 1234 🤔
Reposted by Ian Holmes, CISSP
The classic IT dilemma:
Everything works- what are we paying you for?
Something breaks- what are we paying you for?
Everything works- what are we paying you for?
Something breaks- what are we paying you for?
January 9, 2025 at 8:52 PM
The classic IT dilemma:
Everything works- what are we paying you for?
Something breaks- what are we paying you for?
Everything works- what are we paying you for?
Something breaks- what are we paying you for?
Reposted by Ian Holmes, CISSP
Google's AI Overview Tells Adults to Use 'Magic Wand' With Kids #cybersecurity #hacking #news #infosec #security #technology #privacy www.404media.co/goog...
January 9, 2025 at 8:18 PM
Google's AI Overview Tells Adults to Use 'Magic Wand' With Kids #cybersecurity #hacking #news #infosec #security #technology #privacy www.404media.co/goog...
Reposted by Ian Holmes, CISSP
Just a heads up, some companies are starting to block SVG attachments as there are ways to evade malware detection by Anti-Virtus and such. If you are using SVG images in emails, switch to PNG or JPG to help reduce chances of being blocked
www.bleepingcomputer...
#Infosec #Cybersecurity
www.bleepingcomputer...
#Infosec #Cybersecurity
Phishing emails increasingly use SVG attachments to evade detection
Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection.
www.bleepingcomputer.com
November 18, 2024 at 9:12 PM
Just a heads up, some companies are starting to block SVG attachments as there are ways to evade malware detection by Anti-Virtus and such. If you are using SVG images in emails, switch to PNG or JPG to help reduce chances of being blocked
www.bleepingcomputer...
#Infosec #Cybersecurity
www.bleepingcomputer...
#Infosec #Cybersecurity