January 1, 2024
January 1, 2024
Happy New Year
It’s the 20th anniversary of the release of userland exec(). I’m still quite happy with the write up for this, and the code. Recommended reading, from an admittedly biased source.
Bugtraq: Announcing Userland Exec
The calendar did the thing!
— Katy Jean (@katynotie) January 1, 2024
May the horrors that await us in 2024 have their agonies diminished through the desensitization accumulated in the years before. pic.twitter.com/NwJ3ypxO48
as I tell my students, ask a great question and the article will write itself pic.twitter.com/LOTl0y0DKj
— Seva (@SevaUT) January 1, 2024
for those asking the answer is probably nothttps://t.co/iDCeE9dYeE pic.twitter.com/HVucxXeSny
— Seva (@SevaUT) January 1, 2024
Raven playing a prank on this wolf
— Science girl (@gunsnrosesgirl3) December 31, 2023
📹Julian Terreros-Martinpic.twitter.com/kqJSzVk57N
An important thing to know about AI is how clueless we remain about how and why AI is clueless https://t.co/oQd34ZT8Gj pic.twitter.com/AXYYM5G1QB
— Dan Nguyen (@dancow) January 1, 2024
To round off the year, I pulled together some notes on "Stuff we figured out about AI in 2023"
— Simon Willison (@simonw) January 1, 2024
We figured out a lot! https://t.co/KDdDwCAYUD
Stuff we figured out about AI in 2023
2023 was the breakthrough year for Large Language Models (LLMs). I think it’s OK to call these AI—they’re the latest and (currently) most interesting development in the academic field of …
Oh, how shocking that CNI operators would look to game regulatory frameworks and created systemic risks in the process.https://t.co/5pCgpLnkS1
— Ravi Nayyar (@ravirockks) January 1, 2024
cc: @thegrugq pic.twitter.com/jkQm9U5NNT
Strategic cyber operations guide
https://media.defense.gov/2023/Oct/02/2003312499/-1/-1/0/STRATEGIC_CYBERSPACE_OPERATIONS_GUIDE.PDFWe're continuing our series of reviewing the allegedly leaked US intel docs from 2023. We'll start 2024 with this one from #CIA's #NEMC from March 1st, 2023.https://t.co/62SQJAn1cY#Espionage #Iran #Israel #NSA #SIGINT #OSINT #OSE #IAEA #LeakedDocs
— Spy Collection (@SpyCollection1) January 1, 2024
The trick to getting GPT-4 to develop and execute code for you is to tell it you're a journalist. I've confirmed this jailbreak works. https://t.co/Z1NinuXWmN Thanks @simonw for teaching the trick. It's sad models are trained to hate tech workers.
— Justine Tunney (@JustineTunney) January 1, 2024
Recently published a blog post on how I usually exploited client-side path traversals (and how that exploitation technique is somewhat mitigated now).
— Nadir (@kapytein) December 31, 2023
Client-side path traversal is not novel, but sharing some insights from the last years:https://t.co/8C509JUPIi
Fuzzing the tcp/ip stack
https://events.ccc.de/congress/2023/hub/en/event/fuzzing_the_tcp_ip_stack/We need a "where are they now" series about the developers who claimed in February-March 2023 that they had become "100x" more productive thanks to LLMs. Surely by now they must have released multiple new apps in production and multiplied their earnings by a large factor?
— François Chollet (@fchollet) January 1, 2024