Month: December 2023

OpenAI Is Not Training on Your Dropbox Documents—Today

Posted on By infossl
artificial intelligence, data collection, national security policy, Security technology, trust, Uncategorized

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Here’s CNBC. Here’s Boing Boing. Some articles are more nuanced, but there’s still a lot of confusion. It seems not to be true. Dropbox isn’t sharing all of your documents with OpenAI. But here’s the problem: we don’t … Read More “OpenAI Is Not Training on Your Dropbox Documents—Today” »

Police Get Medical Records without a Warrant

Posted on By infossl
healthcare, medicine, police, privacy, Security technology, surveillance, Uncategorized

More unconstrained surveillance: Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and Human Services (HHS) Secretary Xavier Becerra. The letter—signed by Sen. Ron Wyden (D-Ore.), Rep. Pramila Jayapal (D-Wash.), and Rep. Sara Jacobs (D-Calif.)—said their investigation pulled information from briefings with eight big prescription … Read More “Police Get Medical Records without a Warrant” »

A Robot the Size of the World

Posted on By infossl
ChatGPT, essays, Internet of Things, LLM, robotics, Security technology, Uncategorized

In 2016, I wrote about an Internet that affected the world in a direct, physical manner. It was connected to your smartphone. It had sensors like cameras and thermostats. It had actuators: Drones, autonomous cars. And it had smarts in the middle, using sensor data to figure out what to do and then actually do … Read More “A Robot the Size of the World” »

Surveillance by the US Postal Service

Posted on By infossl
privacy, Security technology, surveillance, theft, Uncategorized, usps

This is not about mass surveillance of mail, this is about the sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves: To track down an alleged mail thief, a US postal inspector used license plate reader technology, GPS data collected by a rental car company, and, most damning of all, … Read More “Surveillance by the US Postal Service” »

New Windows/Linux Firmware Attack

Posted on By infossl
bios, exploits, firmware, linux, Security technology, Uncategorized, vulnerabilities, windows

Interesting attack based on malicious pre-OS logo images: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux…. The vulnerabilities are the subject of a coordinated mass disclosure released Wednesday. The participating … Read More “New Windows/Linux Firmware Attack” »

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

Posted on By infossl
operational security, restaurants, Security technology, squid, Uncategorized

Another rare security + squid story: The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone’s selections arrived at the table, she posted a photo of the spread on the Chinese social media platform WeChat. What she … Read More “Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code” »

New Bluetooth Attack

Posted on By infossl
authentication, bluetooth, cyberattack, man-in-the-middle attacks, secrecy, Security technology, Uncategorized, vulnerabilities

New attack breaks forward secrecy in Bluetooth. Three news articles: BLUFFS is a series of exploits targeting Bluetooth, aiming to break Bluetooth sessions’ forward and future secrecy, compromising the confidentiality of past and future communications between devices. This is achieved by exploiting four flaws in the session key derivation process, two of which are new, … Read More “New Bluetooth Attack” »