I'm talking at a conference later this year (on UX+AI).

I just saw an ad for the conference with my photo and was like, wait, that doesn't look right.

Is my bra showing in my profile pic and I've never noticed...? That's weird.

I open my original photo.
No bra showing.

I put the two photos side by side and I'm like WTF...

Someone edited my photo to unbutton my blouse and reveal a made-up hint of a bra or something else underneath. 🤨

Immediately, I email the conference host.
(FYI he is a great, respectable guy with 5 kids at home.)

He is super apologetic and immediately looks into the issue.

He quickly reports back that the woman running their social media used a cropped square image from their website.

She needed it to be more vertical, so she used an AI expand image tool to make the photo taller.

AI invented the bottom part of the image (in which it believed that women's shirts should be unbuttoned further, with some tension around the buttons, and revealing a little hint of something underneath). 🤯

—

FYI the conference organizers were super apologetic and took down all of the content with that photo.

UndefinedBehaviorSanitizer’s unexpected behavior

https://daniel.haxx.se/blog/2024/10/17/undefinedbehaviorsanitizers-unexpected-behavior/

How often do you get a 75x speedup on a real workload in a compiler? Not often!

Here's the story of one in SpiderMonkey: https://spidermonkey.dev/blog/2024/10/16/75x-faster-optimizing-the-ion-compiler-backend.html

Fuck Microsoft and Fuck Nadella.

As expected, the 24H2 update installed 'Recall', it can't be uninstalled.

To disable the Microcoft spyware, run this as admin

C:\Windows\System32>Dism /Online /Disable-Feature /Featurename:Recall

Can't vouch that all the people you share your screen, code, IP, private details, will disable theirs. consider NOT sharing anything ever again.

Sandbox escape from extensions due to insufficent checks in chrome.devtools.inspectedWindow.reload and chrome://policy (reward: $20000) http://crbug.com/338248595

I'm amazed that there has been zero coverage of this:

EU's new Product Liability Directive got voted through last thursday.

No later than two years from now, software, stand-alone, cloud or embedded are subject to "no-fault liability" (ie: doesn't matter how or why, only that it is defective.)

Here's the directive:

https://data.consilium.europa.eu/doc/document/PE-7-2024-INIT/en/pdf

Gentlemen, start your panic…

PS: Yes, there is a FOSS exemption, but only "outside commercial activity". (Ie: The guy in Nebraska but not RedHat)

Breaking News: The threat actor known as "USDoD" (aka "EquationCorp" and other monikers") has been arrested by Brazilian Federal Police. USDoD is probably best known for his attacks on #InfraGard, Airbus, and his role in the recent National Public Data breach.

Media coverage indicates he was arrested this morning: https://g1.globo.com/politica/noticia/2024/10/16/pf-prende-hacker-de-33-anos-suspeito-de-invadir-sistemas-e-vazar-dados-de-policiais.ghtml

#databreach #hacker #USDoD #EquationCorp

@brett @campuscodi

So, how true is it?

Proud to start sharing Google's strategy for tackling our remaining memory safety challenges: https://security.googleblog.com/2024/10/safer-with-google-advancing-memory.html

It's high level, but it outlines the long-term strategy. We'll be sharing more detailed posts in this series.

#CPlusPlus #RustLang #CarbonLang

Google Chrome security advisory: Stable Channel Update for Desktop
New Google Chrome version 130.0.6723.58/.59 for Windows, Mac and 130.0.6723.58 for Linux has 17 security fixes, 13 externally reported. No mention of exploitation, and nothing sticks out.

#google #chrome #patchtuesday #vulnerability #CVE

Alternatives to @noscript for #chrome recommended by #google's store:
2 #adblockers and 2 trojans.🤨

https://chromewebstore.google.com/detail/doojmbjmlfjjnbmnoijecmcbfeoakpjm/related-recommendations

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
Hot off the press!

• CVE-2024-30088 (7.0 high) Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
• CVE-2024-9680 (9.8 critical) Mozilla Firefox Use-After-Free Vulnerability
• CVE-2024-28987 (9.1 critical) SolarWinds Web Help Desk Hardcoded Credential Vulnerability

#cisa #cisakev #kev #knownexploitedvulnerabilitiescatalog #vulnerability #cve #eitw #activeexploitation #zeroday #CVE_2024_30088 #CVE_2024_9680 #CVE_2024_28987 #solarwinds #mozilla #firefox #microsoft #windows #kernel