Stefano Zanero
@raistolo.bsky.social
Tinkerer, security geek, recovering entrepreneur, full professor at www.polimi.it, frequent flyer, private pilot, and generic pundit. He/Him 🏳️🌈
For aviation follow me on Instagram, same id!
For aviation follow me on Instagram, same id!
Reposted by Stefano Zanero
"In a text message recovered by the plaintiff’s attorneys, for instance, Zuckerberg allegedly said child safety wasn’t his top concern “when I have a number of other areas I’m more focused on, like building the metaverse.”"
futurism.com/future-socie...
futurism.com/future-socie...
Mark Zuckerberg Said Child Safety Was Less Important Than "Building the Metaverse"
According to a lawsuit, Mark Zuckerberg allegedly directed his company to prioritize the metaverse over youth safety, among other violations.
futurism.com
November 25, 2025 at 7:57 AM
"In a text message recovered by the plaintiff’s attorneys, for instance, Zuckerberg allegedly said child safety wasn’t his top concern “when I have a number of other areas I’m more focused on, like building the metaverse.”"
futurism.com/future-socie...
futurism.com/future-socie...
Reposted by Stefano Zanero
📢 Announcing hacklore.org 📢
It’s time to retire outdated cyber advice! More than 80 cybersecurity veterans have signed an open letter urging a shift from folklore to guidance that actually helps people avoid the most common attacks. 🔐
Blog: medium.com/@boblord/let...
Site: www.hacklore.org
It’s time to retire outdated cyber advice! More than 80 cybersecurity veterans have signed an open letter urging a shift from folklore to guidance that actually helps people avoid the most common attacks. 🔐
Blog: medium.com/@boblord/let...
Site: www.hacklore.org
Stop Hacklore!
hacklore.org
November 24, 2025 at 3:05 PM
📢 Announcing hacklore.org 📢
It’s time to retire outdated cyber advice! More than 80 cybersecurity veterans have signed an open letter urging a shift from folklore to guidance that actually helps people avoid the most common attacks. 🔐
Blog: medium.com/@boblord/let...
Site: www.hacklore.org
It’s time to retire outdated cyber advice! More than 80 cybersecurity veterans have signed an open letter urging a shift from folklore to guidance that actually helps people avoid the most common attacks. 🔐
Blog: medium.com/@boblord/let...
Site: www.hacklore.org
Seventeen.
Instagram’s former head of safety and well-being Vaishnavi Jayakumar testified the company had a “17x” strike policy for accounts that engaged in the trafficking of humans for sex.
“You could incur 16 violations and upon the 17th violation, your account would be suspended"
time.com/7336204/meta...
“You could incur 16 violations and upon the 17th violation, your account would be suspended"
time.com/7336204/meta...
7 Allegations Against Meta in Newly Unsealed Filings
Court filings allege Meta tolerated sex trafficking, hid harms to teens, and prioritized growth over user safety for years.
time.com
November 24, 2025 at 8:21 AM
Seventeen.
Reposted by Stefano Zanero
Journalist challenge: Use “Machine Learning” when you mean machine learning and “LLM” when you mean LLM. Ditch “AI” as a catch-all term, it’s not useful for readers and it helps companies trying to confuse the public by obscuring the roles played by different technologies. 🧪
November 22, 2025 at 4:50 PM
Journalist challenge: Use “Machine Learning” when you mean machine learning and “LLM” when you mean LLM. Ditch “AI” as a catch-all term, it’s not useful for readers and it helps companies trying to confuse the public by obscuring the roles played by different technologies. 🧪
Not even a small scale election run by and for cryptographers can be held online without complexity rearing its ugly head.
Go figure a general election!
Go figure a general election!
The International Association for Cryptologic Research has used heliosvoting.org – my online voting system – for a number of years.
This year, a trustee lost their secret key. The election has to be re-run.
Below, a few thoughts that didn't fit in the NYT piece.
www.nytimes.com/2025/11/21/w...
This year, a trustee lost their secret key. The election has to be re-run.
Below, a few thoughts that didn't fit in the NYT piece.
www.nytimes.com/2025/11/21/w...
Cryptographers Held an Election. They Can’t Decrypt the Results.
www.nytimes.com
November 22, 2025 at 10:15 AM
Not even a small scale election run by and for cryptographers can be held online without complexity rearing its ugly head.
Go figure a general election!
Go figure a general election!
Reposted by Stefano Zanero
Scoop di @faffa42.bsky.social per @wired.it Questa mattina i lavoratori del Garante della privacy hanno chiesto al collegio di dimettersi dopo la bufera che incombe sull’autorità. Alle 15 è programmata una riunione del collegio del Garante www.wired.it/article/gara...
I lavoratori del Garante della privacy hanno chiesto al collegio di dimettersi
Dall'assemblea del personale la richiesta di un passo indietro ai vertici dell'Autorità a protezione dei dati personali. Che non è vincolante ma aumenta il clima di sfiducia dentro l'ente
www.wired.it
November 20, 2025 at 1:13 PM
Scoop di @faffa42.bsky.social per @wired.it Questa mattina i lavoratori del Garante della privacy hanno chiesto al collegio di dimettersi dopo la bufera che incombe sull’autorità. Alle 15 è programmata una riunione del collegio del Garante www.wired.it/article/gara...
Reposted by Stefano Zanero
An LLM can NEVER be used when both "receives untrusted input" and "can do a bad thing" are both true.
This means that "AI agents" can NEVER be made safe. This is Microsoft hackery broken sandboxing and blame the user security for a feature that shouldn't exist at all.
This means that "AI agents" can NEVER be made safe. This is Microsoft hackery broken sandboxing and blame the user security for a feature that shouldn't exist at all.
Whoops! Microsoft’s new Windows AI agent platform lets in malware
and you thought Windows was supposed to run software
www.youtube.com/watch?v=tAeN... - video
pivottoai.libsyn.com/20251119-who... - podcast
time: 4 min 27 sec
and you thought Windows was supposed to run software
www.youtube.com/watch?v=tAeN... - video
pivottoai.libsyn.com/20251119-who... - podcast
time: 4 min 27 sec
November 20, 2025 at 1:20 PM
An LLM can NEVER be used when both "receives untrusted input" and "can do a bad thing" are both true.
This means that "AI agents" can NEVER be made safe. This is Microsoft hackery broken sandboxing and blame the user security for a feature that shouldn't exist at all.
This means that "AI agents" can NEVER be made safe. This is Microsoft hackery broken sandboxing and blame the user security for a feature that shouldn't exist at all.
Reposted by Stefano Zanero
The #SocialMediaBan (or #SocialMediaDelay if you prefer) just got very real for hundreds of thousands of Australian teens under 16 who got messages in the last 24hours saying their Instagram (or, for a few, Facebook/Threads) accounts are flagged to be deactivated in the coming weeks.
November 20, 2025 at 1:59 AM
The #SocialMediaBan (or #SocialMediaDelay if you prefer) just got very real for hundreds of thousands of Australian teens under 16 who got messages in the last 24hours saying their Instagram (or, for a few, Facebook/Threads) accounts are flagged to be deactivated in the coming weeks.
The most surprising thing to me is that Mastodon had a CEO…
Mastodon CEO steps down with €1M payout and a deep sigh
Mastodon CEO steps down with €1M payout and a deep sigh
Burnout and slowing growth push Eugen Rochko into an advisory role after nearly a decade in charge
Eugen Rochko, CEO and founder of decentralized social network Mastodon, is stepping down after nearly a decade at the helm and walking away with a sizable exit payment.…
dlvr.it
November 19, 2025 at 2:25 PM
The most surprising thing to me is that Mastodon had a CEO…
Reposted by Stefano Zanero
Circa 1993, Vernor Vinge wrote that the first working AI would be the last thing that humanity ever invented.
We don't *have* a first working AI, and at this rate—shifting the global economy to run atop spicy autocomplete trained on 4chan—we never will.
But Vernor was right. Just forget "working".
We don't *have* a first working AI, and at this rate—shifting the global economy to run atop spicy autocomplete trained on 4chan—we never will.
But Vernor was right. Just forget "working".
November 19, 2025 at 9:51 AM
Circa 1993, Vernor Vinge wrote that the first working AI would be the last thing that humanity ever invented.
We don't *have* a first working AI, and at this rate—shifting the global economy to run atop spicy autocomplete trained on 4chan—we never will.
But Vernor was right. Just forget "working".
We don't *have* a first working AI, and at this rate—shifting the global economy to run atop spicy autocomplete trained on 4chan—we never will.
But Vernor was right. Just forget "working".
Reposted by Stefano Zanero
So tempted to write a troll thread on how this incident shows Rust has bad error handling and wouldn’t have happened in Go, where we actually handle errors 🫣🫢😜
blog.cloudflare.com/18-november-...
blog.cloudflare.com/18-november-...
Cloudflare outage on November 18, 2025
Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.
blog.cloudflare.com
November 19, 2025 at 10:14 AM
So tempted to write a troll thread on how this incident shows Rust has bad error handling and wouldn’t have happened in Go, where we actually handle errors 🫣🫢😜
blog.cloudflare.com/18-november-...
blog.cloudflare.com/18-november-...
One of those mornings that start with the dreaded “we’re sorry” message from the airline…
November 18, 2025 at 4:29 AM
One of those mornings that start with the dreaded “we’re sorry” message from the airline…
Aaaaaaand here we go again:
csa-scientist-open-letter.org/Nov2025
csa-scientist-open-letter.org/Nov2025
csa-scientist-open-letter.org
November 17, 2025 at 12:36 PM
Aaaaaaand here we go again:
csa-scientist-open-letter.org/Nov2025
csa-scientist-open-letter.org/Nov2025
Reposted by Stefano Zanero
Altman, and all these folks don't make predictions in order to predict the future, they make them to a) justify an overclocked corporate valuation, and b) argue for undoing regulations and receiving government support.
November 14, 2025 at 1:43 AM
Altman, and all these folks don't make predictions in order to predict the future, they make them to a) justify an overclocked corporate valuation, and b) argue for undoing regulations and receiving government support.
Oh.
Twitter totally botched the security key enrollment
Everyone's stuck in a loop
Everyone's stuck in a loop
November 12, 2025 at 9:29 PM
Oh.
Reposted by Stefano Zanero
OpenAI’s viability called into question by reported inference spending with Microsoft
OpenAI’s viability called into question by reported inference spending with Microsoft
Microsoft internal financials also suggest AI flag bearer is nowhere close to $13 billion in revenues
OpenAI may be burning far more capital serving its GPT-family of models than previously thought. Leaked documents show the company paying more than $12 billion to Microsoft for compute power since 2024 and suggest much weaker revenue than it needs to pay for all those expenses.…
dlvr.it
November 12, 2025 at 9:06 PM
OpenAI’s viability called into question by reported inference spending with Microsoft
Jeez.
The British government admits it is now monitoring VPNs use by UK residents. Regulator Ofcom has contracted with an AI-powered surveillance service to detect the number of citizens using VPNs to evade the Online Safety Act.
The UK tech minister has said a VPN ban is on the table.
The UK tech minister has said a VPN ban is on the table.
Exclusive: Ofcom is monitoring VPNs following Online Safety Act. Here's how
Ignoring VPNs risks creating ineffective laws, but tracking them threatens people's privacy
www.techradar.com
November 12, 2025 at 1:27 PM
Jeez.
Reposted by Stefano Zanero
ICYMI: Microsoft’s charge “implies a more than $12 billion quarterly loss at OpenAI, said Firoz Valliji, an analyst at Bernstein.”
That “would mark one of the largest single-quarter losses for a tech company in history.”
@jessefelder.bsky.social $MSFT
www.wsj.com/livecoverage...
That “would mark one of the largest single-quarter losses for a tech company in history.”
@jessefelder.bsky.social $MSFT
www.wsj.com/livecoverage...
November 7, 2025 at 7:17 PM
ICYMI: Microsoft’s charge “implies a more than $12 billion quarterly loss at OpenAI, said Firoz Valliji, an analyst at Bernstein.”
That “would mark one of the largest single-quarter losses for a tech company in history.”
@jessefelder.bsky.social $MSFT
www.wsj.com/livecoverage...
That “would mark one of the largest single-quarter losses for a tech company in history.”
@jessefelder.bsky.social $MSFT
www.wsj.com/livecoverage...
Poi quando dici che le norme fatte per il contrasto al terrorismo (o alla pedopornografia, o altri reati esecrabili che sembrano meritare misure eccezionali) finiranno per essere usate anche per cose ordinarie, ti dicono che è la fallacia della china scivolosa…
milano.repubblica.it/cronaca/2025...
milano.repubblica.it/cronaca/2025...
Garlasco, i carabinieri:
E’ la richiesta del Nucleo investigativo di Milano alla procura di Brescia per acquisire le conversazioni telefoniche dalla metà del 2019 dei militari che cond…
milano.repubblica.it
November 2, 2025 at 1:37 PM
Poi quando dici che le norme fatte per il contrasto al terrorismo (o alla pedopornografia, o altri reati esecrabili che sembrano meritare misure eccezionali) finiranno per essere usate anche per cose ordinarie, ti dicono che è la fallacia della china scivolosa…
milano.repubblica.it/cronaca/2025...
milano.repubblica.it/cronaca/2025...
Giusto in tempo per passare a occuparci di filtri sull’età e altre idee geniali nostrane
La controversa proposta europea “Chat Control” è stata accantonata
La controversa proposta europea “Chat Control” è stata accantonata
Molto contestata per i possibili rischi per la privacy, era stata promossa dalla Danimarca che ora ha cambiato idea
ilpost.link
November 2, 2025 at 11:33 AM
Giusto in tempo per passare a occuparci di filtri sull’età e altre idee geniali nostrane
Reposted by Stefano Zanero
The games business is about games. If you’re in the games business, and somehow (as often happens) your company somehow is now focused on something else (AI, XR, “IP,” acquisitions, etc.) you’re in for a period of struggle. Everyone will wonder what’s wrong. But you know. It’s about games. Gameplay.
June 25, 2025 at 3:05 PM
The games business is about games. If you’re in the games business, and somehow (as often happens) your company somehow is now focused on something else (AI, XR, “IP,” acquisitions, etc.) you’re in for a period of struggle. Everyone will wonder what’s wrong. But you know. It’s about games. Gameplay.
The same websites that spent the last few years becoming an unreadable mess of pop ups and banners are now complaining that users will do literally anything including installing apps or believing AI slop summaries to avoid having to browse through them.
November 1, 2025 at 4:48 PM
The same websites that spent the last few years becoming an unreadable mess of pop ups and banners are now complaining that users will do literally anything including installing apps or believing AI slop summaries to avoid having to browse through them.
Quelli di AGCOM, non contenti degli incredibili successi di Piracy Shield, hanno pubblicato una lista di 48 siti porno (gli piace proprio fare delle liste di siti da bloccare), che dal 12 novembre dovranno verificare l’età degli utenti.
Hanno detto come? Pensato a un’infrastruttura? Ovviamente no.
Hanno detto come? Pensato a un’infrastruttura? Ovviamente no.
Dal 12 novembre i siti porno dovranno davvero accertare l’età degli utenti
Dal 12 novembre i siti porno dovranno davvero accertare l’età degli utenti
E per farlo l'AGCOM ha previsto un sistema che sembra piuttosto farraginoso, da ripetere a ogni accesso
ilpost.link
October 31, 2025 at 7:14 PM
Quelli di AGCOM, non contenti degli incredibili successi di Piracy Shield, hanno pubblicato una lista di 48 siti porno (gli piace proprio fare delle liste di siti da bloccare), che dal 12 novembre dovranno verificare l’età degli utenti.
Hanno detto come? Pensato a un’infrastruttura? Ovviamente no.
Hanno detto come? Pensato a un’infrastruttura? Ovviamente no.
Reposted by Stefano Zanero
TL;DR: Italy's Piracy Shield, an automated system for addressing streaming copyright infringement, continues to face serious issues as AGCOM extends its operation without resolving the existing problems.
Research: Italy’s Piracy Shield Is Just As Big A Disaster As Everyone Predicted
Walled Culture first wrote about Piracy Shield, Italy’s automated system for tackling alleged copyright infringement in the streaming sector, two years ago. Since then, we have written about&n…
www.techdirt.com
October 15, 2025 at 1:12 PM
TL;DR: Italy's Piracy Shield, an automated system for addressing streaming copyright infringement, continues to face serious issues as AGCOM extends its operation without resolving the existing problems.