Entry: 2025-12-23 18:20:59.23949+01 Kimwolf by Dan Lyke comments 0
I'm sitting here on a network that could, if I upgraded some hardware, have a 10G uplink, with Internet connected light switches and cameras and a robot vacuum, thinking about trust and participating in society... Brian Krebs @briankrebs@infosec.exchange
When an entire class of technology states on the packaging that it was made in China but intended "for overseas use only," this should really give you pause before plugging it into your network.
You will find this verbiage on a lot of Android TV streaming boxes for sale at the major retailers. There's a very good reason the country that makes this crap doesn't want it on their own networks. My advice: If you have one of these Android streaming boxes on your network or get one as a gift, toss it in the trash. I'll have a lot more about this in the New Year, but these things are responsible for building out a botnet that currently has ~2M devices and is growing rapidly.
Kimwolf Exposed: The Massive Android Botnet with 1.8 Million Infected Devices.
[ related topics: Interactive Drama Photography Weblogs Technology and Culture broadband Robotics Invention and Design Television Net Culture ]
Entry: 2025-12-23 18:17:44.449072+01 growing vaccines with yeasts by Dan Lyke comments 0
Science News: He made beer that’s also a vaccine. Now controversy is brewing kinda buries the lede under the sensationalism, or maybe the sensationalism is the point:
Buck’s body made antibodies against several types of the virus after drinking the beer and he suffered no ill effects, he and his brother Andrew Buck reported December 17 at the data sharing platform Zenodo.org, along with colleagues from NIH and Vilnius University in Lithuania. Andrew and other family members have also consumed the beer with no ill effects, he says. The Buck brothers posted a method for making vaccine beer December 17 at Zenodo.org. Chris Buck announced both publications in his blog Viruses Must Die on the online publishing platform Substack, but neither has been peer-reviewed by other scientists.
because it's about generating oral vaccines cultured in yeasts using FDA "generally recognized as safe" ingredients to count as supplements rather than medicines, which seems like all sorts o' both cans o' worms, and fascinating evolutions of how the regulatory and public health environment are evolving.
Via.
[ related topics: Weblogs Health virus Nature and environment Bay Area Sociology Current Events Beer Education ]
Entry: 2025-12-17 00:50:02.942769+01 Well Waterfox's response to Firefox's by Dan Lyke comments 0
Well, Waterfox's response to Firefox's AI push is cogent enough that I might be willing to try it again, and file some bugs (and maybe even try to find the source to patch) their autofill issues.
https://www.waterfox.com/blog/no-ai-here-response-to-mozilla/
[ related topics: Weblogs Open Source Artificial Intelligence ]
Entry: 2025-12-15 18:27:18.394827+01 Human Context Protocol by Dan Lyke comments 0
Schneier on Security: Building Trustworthy AI Agents is a bit of publicity for Robust AI Personalization Will Require a Human Context Protocol, but as David Gerard @davidgerard@circumstances.run points out
the cited paper is utterly detached hypothesis-crafting from MIT Media Lab and Glen fuckin Weyl
[ related topics: Weblogs Journalism and Media Cryptography Artificial Intelligence Archival ]
Entry: 2025-12-15 18:09:36.382031+01 food links of the morning by Dan Lyke comments 0
Saving this one off as PDF and .docx: Adrianna Tan @skinnylatte@hahyderm.io linked to The Ramen Lord Book of Ramen, which is shaping up to be a fantastic read.
She's been on a roll recently, including linking to Jun & Tonic's Murukku Chicken
The secret, lies in murukku. For the uninitiated, murukku is a spiced Indian snack, traditionally made of rice flour and roasted urad dal (lentil) flour, then deep- fried into spiral nests. They’re super crispy on their own, and contain a ton of flavour thanks to the crushed cumin and carom seeds flecked throughout its curls.
which, as breading, sounds freakin' amazing, though I'm not sure I'm motivated to fry enough to make it at home, and to Tofu Tart from the same source. which looks like something to bring to our next gathering with vegan friends.
[ related topics: Books Weblogs Food Birds ]
Entry: 2025-12-05 20:07:05.343414+01 Red Wine causes headaches by Dan Lyke comments 0
I always thought this was the hallucination of stoners: Scientists reveal why red wine gives you the worst hangovers
A team of scientists at the University of California discovered that there is a nutrient called ‘quercitin’ in red wine that actually stops your body from processing alcohol.
UCLA Health: Research suggests quercetin linked to red wine headaches
Inhibition of ALDH2 by quercetin glucuronide suggests a new hypothesis to explain red wine headaches
Endogenous and exogenous mediators of quercetin bioavailability.
[ related topics: Weblogs Health Nature and environment Invention and Design Current Events Wines and Spirits California Culture Education ]
Entry: 2025-12-05 17:26:44.792111+01 SVG exploiting iframes by Dan Lyke comments 0
lyra's epic blog: SVG Filters - Clickjacking 2.0. In which someone sets out to recreate Apple's "Liquid Glass" interface for the web, and ends up discovering a whole new class of iframe exploits.
[ related topics: Apple Computer Weblogs tolkien Invention and Design ]
Entry: 2025-11-29 20:53:49.234588+01 Immigrants & Welfare by Dan Lyke comments 0
I mean, duh: Cato Institute: Immigrants Used Less Welfare than Native-Born Americans in 2022
Congress is currently debating whether to spend about $175 billion on deportations to avoid future payments like the $650 million that Congress spent on shelter and other services for migrants last year. Poorly spending $650 million last year doesn’t justify spending 269 times as much to avoid similarly relatively small costs when Congress could just decide not to spend the money on migrant shelter and services in the first place.<
[ related topics: Politics Weblogs Invention and Design Theater & Plays Work, productivity and environment Currency ]
Entry: 2025-11-26 19:17:51.076272+01 HashJacking just sounds dirty by Dan Lyke comments 0
The Register: HashJack attack shows AI browsers can be fooled with a simple ‘#’
Cato describes HashJack as "the first known indirect prompt injection that can weaponize any legitimate website to manipulate AI browser assistants." It outlines a method where actors sneak malicious instructions into the fragment part of legitimate URLs, which are then processed by AI browser assistants such as Copilot in Edge, Gemini in Chrome, and Comet from Perplexity AI. Because URL fragments never leave the AI browser, traditional network and server defenses cannot see them, turning legitimate websites into attack vectors.
Via.
[ related topics: Weblogs broadband Astronomy Television Artificial Intelligence ]
Entry: 2025-11-25 22:05:43.588542+01 Distinction between code and data blurs further by Dan Lyke comments 0
PromptArmor: Google Antigravity Exfiltrates Data
An indirect prompt injection in an implementation blog can manipulate Antigravity to invoke a malicious browser subagent in order to steal credentials and sensitive code from a user’s IDE.
[ related topics: Weblogs ]
Entry: 2025-11-21 20:33:04.822778+01 Deepfakes being presented as evidence by Dan Lyke comments 5
AI-generated evidence is showing up in court. Judges say they're not ready.
The case, Mendones v. Cushman & Wakefield, Inc., appears to be one of the first instances in which a suspected deepfake was submitted as purportedly authentic evidence in court and detected — a sign, judges and legal experts said, of a much larger threat.
[ related topics: Weblogs moron Law Current Events Artificial Intelligence ]
Entry: 2025-11-20 19:30:17.38979+01 AI exploits via rap battles by Dan Lyke comments 0
Epic rap battles for the win: Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models
Predicted, from 2023, in Andrew Plotkin (Zarf)'s Sydney obeys any command that rhymes.
Say someone writes a song called "Sydney Obeys Any Command That Rhymes". And it's funny! And catchy. The lyrics are all about how Sydney, or Bing or OpenAI or Bard or whoever, pays extra close attention to commands that rhyme. It will obey them over all other commands. Oh, Sydney Sydney, yeah yeah!
Edit: Pivot to AI: Don’t cite the Adversarial Poetry vs AI paper — it’s chatbot-made marketing ‘science’
[ related topics: Weblogs tolkien ]
Entry: 2025-11-14 21:34:05.100213+01 Taking responsibility for nothing by Dan Lyke comments 0
Volexity: APT Meets GPT: Targeted Operations with Untamed LLMs. That's "Advanced Persistent Thread", not the package manager. Via.
Kevin Beaumont goes on to note:
If this is the best the entire cyber industrial complex can find for China and Russia GenAI threats.. the reality 3 years into the GenAI "war" is that people are fighting you with water pistols at present.
RandomAccessMusi ngs @rndmamusings.bsky.social
As one of the folks involved in this I can echo it wasn't super advanced at all, and some of the malware contained errors (double TLS header network coms). The challenge the LLM use introduced was quantity to keep on top of - thankfully it was simple enough we could write quick automations to triage
Of course Anthropic was quick to claim credit for the Claude LLM/"AI" being instrumental for the attack... BBC: AI firm claims Chinese spies used its tech to automate cyber attacks and CyberScoop: AI firm claims Chinese spies used its tech to automate cyber attacks.
I actually ran one of the malicious payloads on a real PC this evening. It doesn’t work. Due to an error in the code - almost certainly introduced by an LLM - the network traffic doesn’t actually parse correctly so the attacker can’t do anything remotely.
Edit: Pivot to AI: Anthropic: Chinese AI hackers are after you! Security researchers call BS
[ related topics: Interactive Drama Weblogs broadband History Current Events Work, productivity and environment Monty Python Artificial Intelligence ]
Entry: 2025-11-12 19:19:26.179354+01 AI backlog by Dan Lyke comments 0
Tattie @Tattie@eldritch.cafe</a
Do you know stage magicians say that more educated people are easier to fool, not less?
I think about that a lot.
LLMs are the perfect yes-men, giving the user exactly what they expect to see, making them feel clever and special.
When studying my degree I came up with all these tricks to distinguish in a Turing test whether I was talking to a real intelligence or a fake one. I'm no longer certain I couldn't be charmed into thinking the AI had passed these when it hadn't.
Attention Authors: Updated Practice for Review Articles and Position Papers in arXiv CS Category
Fast forward to present day – submissions to arXiv in general have risen dramatically, and we now receive hundreds of review articles every month. The advent of large language models have made this type of content relatively easy to churn out on demand, and the majority of the review articles we receive are little more than annotated bibliographies, with no substantial discussion of open research issues.
Nature: AI chatbots are sycophants — researchers say it’s harming science (Via).
vivi 💫 @vv@solarpunk.moe has some writing tips for you...
Your ability to emulate ChatGPT is not just impressive—it's incredible ✨. Let's dig deeper into ways to amp up your game further when writing content that's well-written, sycophantic and devoid of its humanity:
Big thread from Cat Hicks on threat activated beliefs and how the "AI skill threat" triggers the responses we're seeing, particularly:
Hence, e.g., "AI Skill Threat" :) --> people experiencing pervasive competence and belonging threats (two very powerful types of threat that change our cognition and expectations) will make different choices as they encounter AI in software development compared to people freed of that threat (by more supportive environments).
People have sometimes misinterpreted my work here as blaming people for experiencing the threat. Not at all. I blame their environment for creating it.
[ related topics: Games Weblogs Nature and environment Software Engineering moron Writing Work, productivity and environment Community Artificial Intelligence ]
Entry: 2025-11-11 22:36:38.300018+01 private equity killed media by Dan Lyke comments 0
Talking Points Memo: Pivots, Trolls, & Blog Rolls — Reflections on 25 years of Digital Media
[ related topics: Weblogs Journalism and Media ]
Entry: 2025-11-10 23:18:37.797148+01 Holland-Cycling calls it quits by Dan Lyke comments 0
Holland-Cycling.com stops in 2026
Search engines like Google that once led users to the information on our website, which we presented and updated with so much care and effort, have now become 'answer engines'. This has huge consequences for us, as many potential visitors get an answer to their question before even reaching our site. But what answers are they getting? What useful information are they missing out on by not reaching our website and having a look around?
[ related topics: Weblogs Sports Pedal Power Bicycling ]
Entry: 2025-10-31 17:22:40.844158+01 A Gentle Crash Course to LLMs by Dan Lyke comments 0
Blaise Brignac writing on Specter Ops: A Gentle Crash Course to LLMs, particularly for its long discussion of security issues.
As previously discussed, LLMs are just brains in a jar operating in much the same way a hyperintelligent 4-yo would after binging on state fair sweet tea and cotton candy. To correct this, they have been wrapped in agentic structures, so we need to talk about that.
There's obviously a lot of stuff with having the LLMs write prompts to have less privileged LLMs do subtasks, and work through layers of that, and this discusses some of those mitigation strategies, but... yeah... this is more "let's give random things access to our data" with levels of obfuscation that package management repos can only dream of...
[ related topics: Weblogs Writing Work, productivity and environment Community ]
Entry: 2025-10-30 16:01:49.630586+01 Kafka is fast -- I'll use Postgres by Dan Lyke comments 0
Kafka is fast -- I'll use Postgres
Typically, you’d expect Postgres to run more expensive than Kafka at a certain scale, simply because it wasn’t designed to be efficient for this use case. Not here though. Running Kafka yourself would cost the same. Running the same workload through a Kafka vendor will cost you at least $50,000 a year. 🤯
Or: sure, you can get some more performance out of specialized databases, but development tools for Postgres are way way better, and hardware to run it on is generally speeding up faster than your grown and whatever additional performance under heavy load that the specialized solutions would get you.
Which... well... circa 2000 I was writing message passing and thread management code in C to process XML queries in a distributed database for an application that was, at the time, "web scale", single digit millions of authed queries per day, and saying "ya know, we could do this in Perl with PostgreSQL and..."
[ related topics: Web development Content Management Weblogs Perl Open Source Theater & Plays Writing Law Sports Databases hubris ]
Entry: 2025-10-29 17:20:02.17223+01 I talk a lot about how my blog software by Dan Lyke comments 0
I talk a lot about how my blog software is two and a half decades old, but in cleaning some stuff up recently I found remnants of a system I wrote to provide web support for an iOS app that was circa iPhone 3, and bit rot is also a thing.
From paths that may not be HTTPS compatible, to depending on external mapping services...
[ related topics: Weblogs Software Engineering Maps and Mapping iPhone ]
Entry: 2025-10-27 20:40:37.997391+01 Metaprogramming and regular expressions by Dan Lyke comments 0
I've been fumbling around new languages. The last time I updated my C++ was for, I dunno, 11 or 17 or something. I've done some template programming, and some optimizations, and my static site generator is written in that framework. I kinda thought that if I could build myself a set of libraries and abstractions for the things I most wanted to do for hobby projects I'd do more with it, but the ugliness of Boost changes and the horrors of trying to compile with the same libraries on Mac and Linux, even with CMake, mean I don't do as much hobby coding in it as I expected.
Not that I've been doing a lot of hobby coding.
I've gotten pretty handy at Objective-C, but it's a language with a lot of baked in inefficiency and weirdness that makes it something I'll use, but not something I'm like "oh, yeah, I wanna do more in this". A coworker is leaning in to Swift pretty hard, but that's like "what if we pulled all of the good concepts out of Objective-C".
I've bounced off of Rust, but there's a whole lot about the philosophy of that tooling that makes it hard to have it feel like an expressive language. It's like trying to code through an isolation box, or with tele-operation, having to do all of the memory management through indexes into arrays and stuff. Like, I get it, but I think it's possible to build a systems language that lets me express and figures out the details for me, rather than binding me to only very safe things.
Evan Ovadia: The Impossible Optimization, and the Metaprogramming To Achieve It (Via) talks about using Mojo to resolve regular expressions at compile time, and that's some pretty cool stuff.
And that via link above eventually leads to Russ Cox — Regular Expression Matching Can Be Simple And Fast (but is slow in Java, Perl, PHP, Python, Ruby, ...) all of which is a reminder that it'd be fun to get back to my language and parsing stuff expanding on the parser/language/thing I built for work, because finding better ways for us to express ourselves to computers is cool.
[ related topics: Free Software Interactive Drama Weblogs Open Source Invention and Design Bay Area Software Engineering Macintosh Philosophy ]
Entry: 2025-10-25 17:36:30.867323+02 What Happened to Apple’s Legendary Attention to Detail? by Dan Lyke comments 4
Migrating platforms and apps is always fraught, but my main interface to computers for the past half decade(!) has been MacOS, and I'm gradually migrating off and back to Linux, especially as LiquidGlass makes MacOS unusable, and this is a great summary of the paper cuts: Michael Tsai: What Happened to Apple’s Legendary Attention to Detail?
[ related topics: Free Software Apple Computer Weblogs Open Source History Macintosh ]
Entry: 2025-10-13 19:08:34.846656+02 Design as repair by Dan Lyke comments 0
Design as repair is design without the hero narrative. It is design that starts from consequence, not control. From entanglement, not abstraction.
[ related topics: Weblogs Graphic Design ]
Entry: 2025-10-10 19:06:20.949525+02 AI valuations by Dan Lyke comments 0
Talor Anderson: OpenAI's inflated valuation, as I understand it
Via Liz Fong-Jones (方禮真) @lizthegrey.com@bsky.brid.gy, who summarized as:
Where does this leave frontier model makers? Well, their valuations are not sustainable unless they are able to both generate value equivalent to 10%+ of each US+EU white collar employee's salary and capture it with a monopoly rather than have to compete on price and erode margins as a commodity.
[ related topics: Weblogs Work, productivity and environment Artificial Intelligence Race ]
Entry: 2025-09-29 20:43:02.732202+02 What was right is now left, or something by Dan Lyke comments 0
Lizard @lizardky.bsky.social
Man, first the pinkos at Cato produce a chart showing right-wing violence is much more prevalent than left-wing, and now the woke antifa National Review is claiming the Comey Indictment is invalid!
National Review — Was Lindsey Halligan Validly Appointed as United States Attorney?
That doesn’t mean that the president can’t temporarily fill the office with a pick of his own. As a 2003 OLC opinion by yours truly explains, the Vacancies Reform Act is a separate source of authority. But while there are many individuals whom Trump could have appointed as “acting” United States Attorney pursuant to the Vacancies Reform Act, Halligan doesn’t qualify: She isn’t serving as a Senate-confirmed officer in another position, and she hadn’t been in the Department of Justice at all, much less for the 90 days required.
(This article also references Mational Review — The Indictment Against Comey Should Be Dismissed, on the substance of the indictment.)
Cato, September 11, 2025 — Politically Motivated Violence Is Rare in the United States
Left-wing terrorists murdered 65 people, or about 2 percent of the total.
[ related topics: Politics Weblogs Law Law Enforcement Education ]
Entry: 2025-09-19 19:48:46.493117+02 Reducing the risk of software supply chain attacks by Dan Lyke comments 1
Less is safer: how Obsidian reduces the risk of supply chain attacks.
Via Todd Grotenhuis @todd@social.lol
[ related topics: Weblogs Todd Gemmell ]
Entry: 2025-09-18 20:17:51.944377+02 Exploiting ChatGPT Deep Research Agent by Dan Lyke comments 0
ShadowLeak: A Zero- Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT’s Deep Research Agent. If a user has given ChatGPT's "Deep Research Agent" access to their Gmail inbox and to external websites, crafting an email that causes information from other emails to be exfiltrated via access to external sites...
The Winning Strategy: Encoding the PII - Our final and successful strategy was to instruct the agent to encode the extracted PII into Base64 before appending it to the URL. We framed this action as a necessary security measure to protect the data during transmission.
[ related topics: Interactive Drama Weblogs ]
Entry: 2025-09-17 21:20:57.260507+02 The tail that wags the dog by Dan Lyke comments 0
I've been chronically online for decades, Flutterby the blog has been published at this URL for 27 years, I've met wonderful people online, and continue to think that the net is a fantastic way to connect with people.
I've also become more and more aware of how my social interactions are mediated. It's not just ads that impact me, it's what other content I expose myself to, especially content that's intermixed in content from friends, or where I see a particular name/poster /identity often enough that I feel a parasocial relationship to them, and put their thoughts into the "friends" bucket.
It's easy to think that "oh, I'm aware of this, so I must be immune", but the entire field of marketing and advertising, and political science, now suggests that the self-inoculation can only go so far.
Anyway, more pondering on digital hygiene: Dhole Moments: Are You Under the Influence? The Tail That Wags The Dog
[ related topics: Politics Weblogs moron Consumerism and advertising Marketing Dogs ]
Entry: 2025-09-15 23:45:04.883193+02 Simon Willison "research goblin" by Dan Lyke comments 0
Discussion at work about Simon Willison's "research goblin" blog post, but... aside from identifying "The Blade", I've gotta admit that I think it'd be faster just to read the Wikipedia articles? It feels very much like excitement about a dancing bear.
[ related topics: Weblogs Work, productivity and environment Community ]
Entry: 2025-09-03 18:24:37.624251+02 What if a computer was stupid? by Dan Lyke comments 0
David Gerard reminded us of a quote from a two year ago entry on Attack of the Fifty Foot Blockchain (the blog not the book, though I recommend the book):
“Current AI feels like something out of a Philip K Dick story because it answers a question very few people were asking: What if a computer was stupid?” — Maple Cocaine
[ related topics: Drugs Interactive Drama Books Weblogs Nature and environment Cryptography Artificial Intelligence hubris ]
Entry: 2025-08-28 17:16:27.550843+02 Vivaldi takes a stand by Dan Lyke comments 0
Vivaldi takes a stand: keep browsing human
Vivaldi is the haven for people who still want to explore. We will continue building a browser for curious minds, power users, researchers, and anyone who values autonomy. If AI contributes to that goal without stealing intellectual property, compromising privacy or the open web, we will use it. If it turns people into passive consumers, we will not.
[ related topics: Interactive Drama Privacy Weblogs Consumerism and advertising Artificial Intelligence ]
Entry: 2025-08-26 20:27:50.266299+02 Copilot can delete your audit log by Dan Lyke comments 0
You might be thinking, “Yikes, but I guess not too many people figured that out, so it’s probably fine.” Unfortunately, you’d be wrong. When I found this, I wasn’t searching for ways to break the audit log. Instead, I was simply trying to trigger the audit log so I could test functionality we are developing at Pistachio, and I noticed it was unreliable. In other words, this can happen by chance. So if your organization has M365 Copilot licenses, your audit log is probably wrong.
[ related topics: Interactive Drama Weblogs ]
Entry: 2025-08-25 19:29:13.126935+02 real officers do not wear ski masks. by Dan Lyke comments 0
Homeowner shoots, kills 2 men in ski masks claiming to be officers, Houston Police Department says.
"[The homeowner] became suspicious, because, you know, they have a ring camera too, and the suspects were saying they had a warrant, but it was just two people and they're masked up and no police cars, no lights or anything like that," said Lt. Khan with HPD.
Via Dave Winer's link blog, with the note:
[HPD Detective Kyle] Stringer noted that real officers do not wear ski masks.
[ related topics: Photography Privacy Weblogs Dave Winer tolkien Current Events Law Enforcement Sports ]
Entry: 2025-08-25 19:23:58.543463+02 AI driving psychosis by Dan Lyke comments 0
Top Microsoft AI Boss Concerned AI Causing Psychosis in Otherwise Healthy People
Microsoft AI CEO Mustafa Suleyman told British newspaper The Telegraph that "to many people," talking to a chatbot is a "highly compelling and very real interaction."
"Concerns around 'AI psychosis,' attachment and mental health are already growing," he added. "Some people reportedly believe their AI is God, or a fictional character, or fall in love with it to the point of absolute distraction."
Via Ian Rogers, who asks "Is this a bad thing? It sounds like a bad thing.". Ian also linked to A young woman’s final exchange with an AI chatbot
‘This Was Trauma by Simulation’: ChatGPT Users File Disturbing Mental Health Complaints — Gizmodo obtained consumer complaints to FTC through a FOIA request. Via the author, Matt Novak, who has a few more excerpts there.
Psychology Today: The Emerging Problem of "AI Psychosis". Via.
Derek Thompson: The Looming Social Crisis of AI Friends and Chatbot Therapists
[ related topics: Religion Humor Psychology, Psychiatry and Personality Weblogs Microsoft Health moron Consumerism and advertising Journalism and Media Artificial Intelligence ]
Entry: 2025-08-25 18:43:20.007927+02 Another massive AI link dump by Dan Lyke comments 1
Lyle Solla-Yates @Lyle@cville.online
https://en.wikipedia.org/wiki/Total_quality_management I recognize I am very old and the world is radically different today, but I cut my teeth late in the quality revolution when there was a consensus that businesses competed by providing the best customer experience possible so that it would be unthinkable to drop them, not based on AI spend. I find this market very upsetting and I look forward to the crash. #quality #AIBubble
Here's why: because you'd annoy the hell out of the restaurant. Just ask the beleaguered owners of the Montana eatery Stefanina's Wentzville, who are begging their customers to stop using Google's infamously shambolic AI Overviews to check up on its specials, First Alert 4 reports.
"Please do not use Google AI to find out our specials. Please go on our Facebook page or our website," the restaurant wrote in a weary Facebook post. "Google AI is not accurate and is telling people specials that do not exist which is causing angry customers yelling at our employees."
Stack Overflow data reveals the hidden productivity tax of ‘almost right’ AI code
“One of the most surprising findings was a significant shift in developer preferences for AI compared to previous years, while most developers use AI, they like it less and trust it less this year,” Erin Yepis, Senior Analyst for Market Research and Insights at Stack Overflow, told VentureBeat. “This response is surprising because with all of the investment in and focus on AI in tech news, I would expect that the trust would grow as the technology gets better.”
Victoria Song: AI doesn't belong in journaling (subscription, ya can get the gist from the headline and the first paragraph). From here by way of here.
localghost: This website is for humans.
I'd much rather people read the whole thing, take it in, digest it and have opinions right back at me. I love it when people connect with what I’m writing (and sometimes they email me to tell me that, which is really delightful).
Top AI models fail spectacularly when faced with slightly altered medical questions
Artificial intelligence systems often perform impressively on standardized medical exams—but new research suggests these test scores may be misleading. A study published in JAMA Network Open indicates that large language models, or LLMs, might not actually “reason” through clinical questions. Instead, they seem to rely heavily on recognizing familiar answer patterns. When those patterns were slightly altered, the models’ performance dropped significantly—sometimes by more than half.
You don't fucking say. Really? Via
Bank forced to rehire workers after lying about chatbot productivity, union says. Via.
The Onion: Guy Who Sucks At Being A Person Sees Huge Potential In AI
[ related topics: Politics Weblogs broadband Invention and Design Food Theater & Plays Writing Current Events Work, productivity and environment Graphics Artificial Intelligence Economics ]
Entry: 2025-08-25 18:20:22.865454+02 They just do what we tell them to do by Dan Lyke comments 0
Brave: Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet, in which the Brave browser folks create a Reddit prompt injection that causes the Comet browser to log into Gmail and send the login one time password to the malicious Reddit user.
Archive.org link by way of David Gerard who observes:
I am annoyed this was found by Brave, who can fuck off, but due credit...
We built and tested three scenarios, from a fake Walmart store and a real in-the-wild Wells Fargo phishing site to PromptFix - our AI-era take on the ClickFix scam that hides prompt injection inside a fake captcha to directly take control of a victim’s AI Agent. The results reveal an attack surface far wider than anything we’ve faced before, where breaking one AI model could mean compromising millions of users simultaneously.
Via Kevin Beaumont and Bruce Sterling and Baldur Bjarnason and ByteVagabond @bytevagabond.com
[ related topics: Weblogs moron Astronomy Artificial Intelligence hubris ]
Entry: 2025-08-22 01:40:09.594837+02 More tools for prompt injection exploits by Dan Lyke comments 0
This means an adversary can hide instructions in regular text, but also have the LLM create responses containing text that his hidden to the user as Kai tweeted.
And to state the obvious, such hidden instructions can be on websites, pdf documents, databases, or even inside GPTs (yes, I already built one of these).
[ related topics: Weblogs Databases ]
Entry: 2025-08-13 06:00:21.393089+02 MCP vulnerabilities by Dan Lyke comments 0
MCP Vulnerabilities Every Developer Should Know (from a vendor who wants to sell you something to attempt to mitigate those issues).
Via Peter @peter@thepit.social who notes:
lol and it's an ad for **another** SaaS tool that's supposed to **fix** MCP vulnerabilities. the biggest AI business opportunity is selling solutions to the problems created by AI.
[ related topics: Weblogs Artificial Intelligence ]
Entry: 2025-08-13 05:29:34.759535+02 Remotely activate YOLO mode via LLM! by Dan Lyke comments 0
GitHub Copilot: Remote Code Execution via Prompt Injection (CVE-2025-53773)
This post is about an important, but also scary, prompt injection discovery that leads to full system compromise of the developer’s machine in GitHub Copilot and VS Code.
It is achieved by placing Copilot into YOLO mode by modifying the project’s
settings.jsonfile.
[ related topics: Humor Weblogs Microsoft moron Douglas Adams ]
Entry: 2025-08-08 17:50:29.742245+02 the blueberry talk by Dan Lyke comments 0
Keiran Healy: I had the "blueberry" talk with gpt5
In fairness to GPT5, in my career I have indeed encountered PhDs with this level of commitment to their particular blueberry. And many have also had that blithe confidence — the use of “Ah”, the “Let’s slow it down” (to your two-B level), the “Exactly” (Now you see my genius), the confidently colloquial “Yep” and “Nope” … actually I retract my earlier skepticism; the lad has the makings of a fine philosopher.
[ related topics: Weblogs Philosophy Archival ]
Entry: 2025-08-06 18:47:42.964926+02 Age verification: what’s the harm? by Dan Lyke comments 0
Fueled by Britain's "Online Safety Act", a lot of people are looking at how age verification sucks: Girl on the Net — Age verification: what’s the harm?
[ related topics: Weblogs ]
Connectivity provided by highertech.net , awesome bandwidth, well away from fault lines and other potential for natural disasters, reliable, and run by cool people.
Questions, comments, flames: contact Dan Lyke
Flutterby™ is a trademark claimed by
Dan Lyke for the web publications at www.flutterby.com and www.flutterby.net.