You mean like this?
https://www.generationbd.com/i...

Not to play the devil's advocate, but a key fact about security is that there no 100% preventative security, nor will there ever be. Even if you could somehow manage it, it would be prohibitively expensive and would probably stop your core business processes. So something will always slip through the cracks and you need to be prepared for that. In fact, this second layer of controls - how reliably you can catch anomalies and how swiftly and efficiently you can react to them - is even more important than your preventative controls. It is also something that tells people whether you are a true security professional or not.

In this case, they had obviously recognized the risk that a foreign agent might get hired since they had implemented detective and corrective controls for it. The controls worked. That's really security risk management 101: identify risks, evaluate their likelihood and impact to determine risk level, then identify and implement controls to bring the risk to an acceptable level. Judging by this story, it seems to me they actually did a pretty decent job there.

So why not implement controls to prevent the hiring of foreign agents in the first place? Point 1, it could be too expensive, laborious and difficult. Your opponents are always finding new innovative ways to target the weak points and blind spots in your business processes. The recent AI tools are only making their job that much easier. But point 2 is the much more relevant one in the corporate world. No listed company I know of has given their CSO or CISO a carte blanche to do whatever they wish and dictate how the other CxOs should conduct their business. In the real world, every CSO and CISO needs to negotiate with the other CxOs, and their security concerns and initiatives regularly get overruled by the CEO in favor of the other party since most CEOs think business first, then leave it to the CSO to secure it. It's not an easy job, it's like "Well, we decided to build a paper ship. It was really the most cost-effective choice. Now it's your task to see to that it will cross the Atlantic safely." (Been there, done that, although not literally of course.)

Oh, did I say no listed company know? Actually - I can think of one pretty well known listed company that has done exactly that, given their CSO a carte blanche to overrule any business decision. But just one company (and I'm not at liberty to name it).

I see what you did, right there in the headline. Clever.

Simply incorrect. It helps both.

There have been EDR, XDR, NDR, and SOAR solutions that leverage AI long before the current AI boom was even a thing. The more recent AI advances have made a SOC analyst's job easier and facilitated faster response times.

Personally, I am slightly baffled whenever this "yeah but human drivers make mistakes too" or "human drivers make more/worse mistakes" whataboutism pops up on /.

To me, it's a diversion tactic to draw the attention away from the issue at hand. Which is, self-driving cars make mistakes they should not be making. They cause health and safety risks, they cause injuries, even deaths. Don't compare them to human drivers, compare them other tech. Why should self-driving cars get less stringent safety requirements than other tech? Because human drivers make mistakes too? Sorry, that's not going to fly. You should introduce tech that is safe by design or get off the road. Don't use the real world (the production environment) as your test bed. Other tech developers aren't doing so or even allowed to anyway. (Microsoft being the glaring exception.)

Can a self-driving car be made safe by design? In theory, yes - but the real-world cases make me wonder. This one, the dog case a day or two before, and a number of earlier ones. I have no doubt that self-driving cars can perform excellently and even surpass most human drivers in many cases. In well-defined, by-the-book cases. The problems arise when things don't go by the book. In the real world, they seldom do. It's an open world out there and not everybody is playing by the book. Not to mention unexpected accidents, bridge collapses, natural disasters, and so on, which in turn make others around you react in unpredictable ways. Heck, people and other living things are unpredictable by their nature. It is really impossible to list every imaginable situation and tell the AI how to react in that particular situation. It is an endless list of possible scenarios and outcomes.

To react correctly in unexpected situations, you need to read the whole situation and react quickly. Humans do this instinctively - they may not always make the right call but at least their capability to analyze unexpected situations still far exceeds an AI trained on a closed set of rules and scenarios.

I am not sure the current maturity levels of AI can used to handle such unusual situations. What we read in the news doesn't suggest so.

An AGI might be needed, and that is not on today's menu.
 

...at which point, instead of parking on top of you, they first shoot you down, then park on top of you.

Can't wait!

I know you posted that tongue in cheek but the answer is no.

Or more specifically, not unless the explosion was powerful enough to throw that piece of Alderaan into our universe from a parallel one where our laws of physics don't apply (and FTL travel is possible), and parsec is a unit of time. (And events can be retroactively change to determine such pesky details as who shot first...)

Of course you realize that attribution can be challenging in the cyber world. Which is exactly why state actors like it, especially when they can use 'grey' operators such as criminal groups as proxies. There won't be a smoking gun, 100% incontrovertible evidence pointing directly at the culprit. Whereas when you launch a physical rocket from a country to another, it it is generally easier show where it came from.

However - I said challenging, not impossible.

The Pyramid of Pain model in threat hunting addresses this exact issue. When trying to establish or identify the actual threat actor, you are less interested in the low-level stuff that can be easily forged or changed (such as domains and IP addresses), you look at the top layers of the pyramid. Such as the tools used, and most importantly tactics, techniques and procedures. Much harder for the attacker to change those, and they can be very revealing, even damning, to an experienced analyst's eye.

And if the threat intel Anthropic used is up to snuff, that's what they would have done. Since they named a country, that is an indicator they were confident enough based on their findings. (Not counting the possibility of deliberate disinformation, which is of course the typical accusation the named actor could then throw.)

Note that Windows will also do that if you have manually disabled all connectivity, which is daft and just eats the battery.
A slightly smarter way to implement that would have been if the system remembered that its connectivity was disabled when it entered standby so there's no reason to wake up to check for updates - the system probably hasn't re-enabled connectivity while on standby! (Or, one should at least hope so, but of course with Windows, you never know...it has a habit of doing things you never asked.)

Y'know, when Microsoft introduced the preview feature, I said "this is a dumb feature, it will only help make attacks much easier".

Now...well, color me surprised. Not.

I could have told them that. Heck, probably their own security experts could have told them that. But security is not the main driver in their UI design (nor is user experience, it seems to me).

Archon, M.U.L.E., Adventure Construction Set, Bard's Tale. Some of EA's best ever. Established them as a quality game house, even if they didn't actually develop any of those (they just published them).

After that...IDK. The last EA game I ever played was, I believe, NHL 2005. I have no idea if they are doing anything major other than endless yearly rotations of sports games. Apparently that sells so no need to innovate.

Maybe you had expressed something that made them make a guess about your political leanings, rightly or wrongly? Drill, baby, drill.

But yeah, I know what you mean. Whenever I go watch some pretty heavy OO coding/architecture stuff on Youtube, I get bombarded with women's hair care ads, for whatever reason. I could hardly be more distant from their target group, in all conceivable ways.
Maybe it's a generational thing, and most OO coders today are girls?

I believe topham's intended argument was that human writers can easily destroy the industry on their own, without an AI, and James Patterson was given as an example.

Patterson writes very fast.
Patterson writes a lot.
Patterson has sold a lot.

The quality of his books...YMMV, but to me they feel like written on autopilot.

I read one book by James Patterson. It was kind of ok.
Then I read two more. They were...so horrible I never again wanted to read anything by him. But like said, YMMV.

Hey, don't knock IoT bird feeders!

Bird feeders with wireless bird cams are actually quite useful for hard-core bird spotters looking to catch rare species randomly passing by.

I did so already a while ago.

Their phones just kept worse and worse...they kept removing genuinely useful features (headphone jack, SD card slot, etc.) and what did they offer in return? Turned your power button into a Bixby button. Oh, wow! Just what I always wanted.

Their 64GB Fit Plus flash drive is basically a scam. I have had several become corrupted when I stored more than 32GB data on them. I wouldn't be surprised if they actually only had 32GB that is deceptively shown as 64GB and then something mysterious just happens to your files if you actually try to store that much.

No more Samsung for me, ever again.