Apologies for the tardiness, when I started this set of posts, I squarely aimed to do this once a week. Of course, I never fully committed to that, it was more of a weakly held belief that I would hold out. So, unfortunately dead reader, I’ve failed. I didn’t have enough control over my schedule and before I know it some weeks have passed. Let’s fix that. In this edition we’re looking at control failures.

It’s been a busy few weeks in security. You wait for ages for a local privilege escalation vulnerability and then two come along at the same time. We find out that just because it’s rust, doesn’t mean it’s secure. GitHub security was bypassed and Gemini scored a perfect 10. Let’s dive in. Copy Fail Copy Fail is probably something that if you’ve been remotely interested in security you couldn’t fail to miss.

This week we’re linking together links that give a bit of a picture of some stuttering in the AI world. We’ve got Firefox overhyping Mythos. We’ve got indications that GenAI vendors think they need to show some way of putting the right numbers on the balance sheet and look at simpler times. Both in the past and in the future. Let’s dive (no not delve) in. Days not numbered We start with a look at a Firefox blog post that caught people’s imagination.

A slightly delayed episode of the weakly link. This time, we have a bit of a special outlook on the future in security to do with Quantum and AI. There were a couple of links that really caught my eye and could make a compelling case for usage of the phrase “everchanging landscape…” - stop it Gerald - this is not AI generated! Let’s start with the big announcement: Anthropic announced how their latest Mythos model was so good at vulnerability research that they decided to keep it from the unwashed masses and just give access to select organisations and call it Project Glasswing.

This week we have a look at the current chaos. Be it political or technical, we’re going through some radical changes. And I can’t help but think, if this is what progress looks like, oh crap. Supply Chain Chaos We start by having a look at an article by Ian about the Mad Emperor. No prizes for guess who is meant there. From the outside in, it really looks like there’s no plan or no idea about the kind of problems the attack on Iran is causing.

This week it gets all too depressing. We start by the fact that AI didn’t in fact change everything but just made it more important to do the right thing. How politicians may not have the right kind of understanding to make decisions that actually make sense. How one (orange) politician doesn’t understand how the world actually works and how we can all laugh and point at McKinsey for when they predicted how essential it was to go all in on the metaverse.