Annoyed Redditors tanking Google Search results illustrates perils of AI scrapers | Ars Technica
https://alecmuffett.com/article/110533
#ArtificialIntelligence #llm #regulation

Consider: James Bond movie but his gadgets constantly fail and show him ads and he gets caught because the company that made his laser nose-hair trimmer nunchuck gets hacked.

I’m doing Movember this year with a focus on raising awareness about colon cancer, since it typically kills more men than prostate & testicular cancer & it took my Dad. I’d appreciate it if you shared my page, joined me, or donated for cancer research. https://ex.movember.com/mospace/15243648

Russia issued a monetary fine on Google: 2 undecillion rubles ($2,500,000,000,000,000,000,000,000,000,000,000) after refusing to restore the accounts of pro-Kremlin and state-run media outlets. https://www.themoscowtimes.com/2024/10/29/russia-fines-google-25-decillion-over-youtube-bans-rbc-a86846

Congratulations to our @MaitaiThe for discovering a new kickoff method to resurrect a universal gadget chain for exploiting unsafe deserialization in #ruby!

You can find the details here: https://github.com/GitHubSecurityLab/ruby-unsafe-deserialization/commit/8c66d0e31d000bb07ac5a50c575cf0ffec510bba
#doyensec #appsec #security

Somehow I missed it, but I just noticed that Chrome finally caught up with Edge to have a option to disable JIT.
If you care about security, which I suspect a good number of you do, you probably want to make this change in your settings.
https://www.cdbackslash.com/?p=221

We Patched CVE-2024-38030, Found Another Windows Themes Spoofing Vulnerability (0day) https://blog.0patch.com/2024/10/we-patched-cve-2024-38030-found-another.html

@pspaul just released a great writeup of the pacparser bug we found a few years back. The Zscaler VPN client, running as root, would inject the destination hostname in a JavaScript snippet and execute it with a very old version of SpiderMonkey. Paul transformed it in a CTF challenge for hack.lu and found the perfect vm bug to get RCE

https://blog.pspaul.de/posts/ancient-monkey-pwning-a-17-year-old-version-of-spidermonkey/

The removal of Russian linux maintainers working for sanctioned companies is a prime example of how one creates collective trauma by not being careful on how to convey the message proper.

The messaging were terrible, yes, a lot of people understood immediately why it happened, no, you can't look at it rationally and say "people will know". Your own collective trauma stood in the way.

Some people lost trust, others feel deeply betrayed, not due to the step itself, but by the way it was done.

Microsoft On the Issues: Google’s Shadow Campaigns
In a pot calling the kettle black moment, Microsoft is accusing Google of antitrust practices such as creating an astroturf lobbying organization. Since the author is a Corporate Vice President (CVP), Deputy General Counsel at Microsoft, there's some weight behind such an accusation on Microsoft's public blog. As a consumer with no skin in the game, this is a grab-the-popcorn moment. Let them fight.

#microsoft #google #monopoly #antitrust #lobbying

Serious question. Can anyone tell me how we are safer / better for the cookie warning clicking I have to do on the internet? Advertisers still own your browsing habits and the world expends a collective bazillion hours a week on a needless friction.

Give Me the Green Light Part 1: Hacking Traffic Control Systems https://www.redthreatsec.com/blog/greenlightspart1