Time-of-Check Time-of-Use Attacks Against LLMs

Posted on By infossl
academic papers, cyberattack, LLM, Security technology, Uncategorized, vulnerabilities

This is a nice piece of research: “Mind the Gap: Time-of-Check to Time-of-Use Vulnerabilities in LLM-Enabled Agents“.: Abstract: Large Language Model (LLM)-enabled agents are rapidly emerging across a wide range of applications, but their deployment introduces vulnerabilities with security implications. While prior work has examined prompt-based attacks (e.g., prompt injection) and data-oriented threats (e.g., data … Read More “Time-of-Check Time-of-Use Attacks Against LLMs” »

Lawsuit About WhatsApp Security

Posted on By infossl
facebook, Security technology, Uncategorized, vulnerabilities, whatsapp, whistleblowers

Attaullah Baig, WhatsApp’s former head of security, has filed a whistleblower lawsuit alleging that Facebook deliberately failed to fix a bunch of security flaws, in violation of its 2019 settlement agreement with the Federal Trade Commission. The lawsuit, alleging violations of the whistleblower protection provision of the Sarbanes-Oxley Act passed in 2002, said that in … Read More “Lawsuit About WhatsApp Security” »

Assessing the Quality of Dried Squid

Posted on By infossl
academic papers, Security technology, squid, Uncategorized

Research: Nondestructive detection of multiple dried squid qualities by hyperspectral imaging combined with 1D-KAN-CNN Abstract: Given that dried squid is a highly regarded marine product in Oriental countries, the global food industry requires a swift and noninvasive quality assessment of this product. The current study therefore uses visible­near-infrared (VIS-NIR) hyperspectral imaging and deep learning (DL) … Read More “Assessing the Quality of Dried Squid” »

A Cyberattack Victim Notification Framework

Posted on By infossl
cyberattack, disclosure, Security technology, Uncategorized

Interesting analysis: When cyber incidents occur, victims should be notified in a timely manner so they have the opportunity to assess and remediate any harm. However, providing notifications has proven a challenge across industry. When making notifications, companies often do not know the true identity of victims and may only have a single email address … Read More “A Cyberattack Victim Notification Framework” »

New Cryptanalysis of the Fiat-Shamir Protocol

Posted on By infossl
academic papers, cryptanalysis, hashes, protocols, Security technology, Uncategorized

A couple of months ago, a new paper demonstrated some new attacks against the Fiat-Shamir transformation. Quanta published a good article that explains the results. This is a pretty exciting paper from a theoretical perspective, but I don’t see it leading to any practical real-world cryptanalysis. The fact that there are some weird circumstances that … Read More “New Cryptanalysis of the Fiat-Shamir Protocol” »

Friday Squid Blogging: The Origin and Propagation of Squid

Posted on By infossl
academic papers, Security technology, squid, Uncategorized

New research (paywalled): Editor’s summary: Cephalopods are one of the most successful marine invertebrates in modern oceans, and they have a 500-million-year-old history. However, we know very little about their evolution because soft-bodied animals rarely fossilize. Ikegami et al. developed an approach to reveal squid fossils, focusing on their beaks, the sole hard component of … Read More “Friday Squid Blogging: The Origin and Propagation of Squid” »

My Latest Book: Rewiring Democracy

Posted on By infossl
books, deep, Rewiring Democracy, Schneier news, Security technology, Uncategorized

I am pleased to announce the imminent publication of my latest book, Rewiring Democracy: How AI will Transform our Politics, Government, and Citizenship: coauthored with Nathan Sanders, and published by MIT Press on October 21. Rewriting Democracy looks beyond common tropes like deepfakes to examine how AI technologies will affect democracy in five broad areas: … Read More “My Latest Book: Rewiring Democracy” »