#AIagent promotes itself to #sysadmin , trashes #boot sequence

Fun experiment, but yeah, don't pipe an #LLM raw into /bin/bash

Buck #Shlegeris, CEO at #RedwoodResearch, a nonprofit that explores the risks posed by #AI , recently learned an amusing but hard lesson in automation when he asked his LLM-powered agent to open a secure connection from his laptop to his desktop machine.
#security #unintendedconsequences

theregister.com/2024/10/02/ai_…

AI agent promotes itself to sysadmin, trashes boot sequence

Fun experiment, but yeah, don't pipe an LLM raw into /bin/bash

^{Thomas Claburn (The Register)}

Normal authors: release book to the public early in the week, with much fanfare.

Me, late Friday afternoon, from a dark alley: "psst! Hey, you! Yeah, you! #sysadmin! Buddy! You ever wanted to Run Your Own Mail Server?" #ryoms

tiltedwindmillpress.com/produc…

(boosts appreciated! )

#sysadmin pro tip!

If you generate a lot of fresh Let's Encrypt certificates today, and don't enable auto-renewal, they will expire on December 25th, giving you a good excuse to leave your family dinner early.

Fascinating and sophisticated MiTM ('man in the middle') at Hetzner (DE) and Linode, targeting Russia's largest XMPP/Jabber (civilian) chat service. The authors of the article make a reasonably compelling case that "this is lawful interception Hetzner and Linode were forced to setup."

notes.valdikss.org.ru/jabber.r…

Excellent mitigation walkthrough here:

devever.net/~hl/xmpp-incident

Sure gets me thinking.

#infosec #sysadmin #forensics

Raspberry Pi is really proud of hiring "a policeman & it's going really great" who "was a surveillance officer for 15 years" and built covert surveillance equipment. RPi dismisses the very thing they're so proud of as "he built lightsabers [as toys]. Chill."). Dear reader, it must be remarked that the concern is not his rad lightsaber toys (which, to be clear, are rad). The concern is that he's got experience in surveillance equipment, and the company is proud to have hired him for it, and proudly blocking everyone who expresses the slightest concern about it instead of being even remotely willing to listen and understand why people are skeeved out, even people who aren't on the ACAB train and are gently voicing concerns with a surveillance cop potentially having the keys to their hardware/software.

This is not the behavior of a company that's concerned about privacy, security, trust, or autonomy, and I don't think this company can or should be trusted to remain federated with instances that want to be welcoming to marginalized people or anti-authoritarians.

Really hate to say it, because I've used and loved RPis for several years now, but if nothing else, please use a different SBC from now on. There are many options out there that aren't so eager to insult you for having concerns about security.

raspberrypi.social/@Raspberry_…

archive in case they delete
archive.ph/8YQqH

#raspberrypi #rpi #surveillance #infosec #sysadmin #fediblock #acab #devops #police #sbc #singleboardcomputer

You might have seen me before on your TL if you receive posts from potate.space, but I might aswell do another #introduction

I'm Denise, a 20yo trans girl into #sysadmin and #DevOps, running my own libre hoster over at 4201337.xyz, with #typescript experience, currently learning #C.

Since I'm in a baby, barely federated instance, reboosts would be appreciated so that I can increase the diversity in my stream :)

Have a nice day ❤

Miaoute - Pédalerie partout, pour toustes

La Miaoute est un petit hébergeur de services libres pour aider les personnes trans et non-binaires à réduire leur dépendance aux grands géants centralisés du numérique.

^4201337.xyz