Really enjoyed David Gerard's amusing take on how programming with AI becomes like a gambling addiction for many.

"Large language models work the same way as a carnival psychic. Chatbots look smart by the Barnum Effect — which is where you read what’s actually a generic statement about people and you take it as being personally about you. The only intelligence there is yours."

"With ChatGPT, Sam Altman hit upon a way to use the Hook Model with a text generator. The unreliability and hallucinations themselves are the hook — the intermittent reward, to keep the user running prompts and hoping they’ll get a win this time."

"This is why you see previously normal techies start evangelising AI coding on LinkedIn or Hacker News like they saw a glimpse of God and they’ll keep paying for the chatbot tokens until they can just see a glimpse of Him again. And you have to as well. This is why they act like they joined a cult. Send ’em a copy of this post."

https://pivot-to-ai.com/2025/06/05/generative-ai-runs-on-gambling-addiction-just-one-more-prompt-bro/

Happy Star Wars Day! May the Ni! be with you.

#StarWars

I am amused that “futurism” is talking about how something from 75 years ago is “the future.”

https://futurism.com/the-byte/subaru-bringing-back-physical-knobs-buttons

A verified ID is required to access AI models in OpenAI's API to prevent IP theft. 😂 They went from stealing everything from everyone to now claiming it's their original work, despite hundreds of pending copyright cases against them in the courts. Why is this even allowed? That's hypocrisy at best.

#ai

Well someone took that a little literally...

That moment

Software developer job interview https://madeofmistake.com/proglang

Quick Malware Analysis: Kongtuke Web Inject pcap from 2025-04-04

https://blog.securityonion.net/2025/04/quick-malware-analysis-kongtuke-web.html

I've pulled down the most recent episode of Wide World of Cyber with Chris Krebs and Alex Stamos at the request of their employer SentinelOne, the sponsor of the series. I will say more about this in next week's Risky Business, but I want to make one thing clear: SentinelOne is not the bad guy here

I've been hacking at stuff for years. And by hacking, I mean literally, approaching real-time problems ("gotta figure this out NOW”) with a deep bag of tricks developed over, wow, decades of experience with UNIX systems.

The bag of tricks includes a bunch of command line tools like cut, sort, uniq, awk, grep, and others, which I've used extensively when looking for "unknown interesting things" in large flat-text data files. Like big log files. Or other sources.

Recently, @Verso asked a question that caused me to think a little more about this bag of tricks I've built up, and that lead to my latest post, which you can find here:

https://darthnull.org/slice-n-dice/

It's a bit long, and it's all about crazy ways to quickly analyze data. Mostly, probably, the *wrong* ways to do this, but it gets me answers quickly. If not final, actionable answers, then it at least gets me asking better questions, at which point I can use more elegant and situationally-appropriate tools instead.

Anyway, it's a window into ... the unix philosophy taken to an extreme.

@Sempf @briankrebs Me too.

If you want to submit vulnerability reports/findings via Bugcrowd, you're going to need to enable 2FA. Kind of crazy that it wasn't mandatory before, actually.

"We recently accelerated this work on our product roadmap after identifying threat intelligence involving leaked credentials from other bug bounty platforms. While Bugcrowd was not impacted, the situation highlighted how critical it is to stay ahead of potential threats."

https://www.bugcrowd.com/blog/bugcrowd-security-update-password-reset-and-mfa-requirement/

T-Minus Four (4) Days until BSidesCharm 2025...

What do you mean you don't have your ticket yet?

https://bsidescharm.org/registration/

Happy 8th birthday to infosec.exchange 🎂🎈🎈🎉

Hello friends. The dreaded and long awaiting blog on WHAT THE FUCK HAPPENED TO THE CYBERSECURITY JOBS MARKET has arrived.

https://tisiphone.net/2025/04/01/lesley-what-happened-to-the-cybersecurity-skills-shortage/

I'm sorry.

Open Source devs say AI crawlers dominate traffic, forcing blocks on entire countries #ai https://arstechnica.com/ai/2025/03/devs-say-ai-crawlers-dominate-traffic-forcing-blocks-on-entire-countries/

This is your last chance to book your BSidesCharm room at the discounted hotel rate!

If you haven't booked yet, Monday is the deadline. To book at the discounted rate use the room rate link on our venue page: https://bsidescharm.org/venue/

Today is the anniversary of the invention of the World Wide Web in 1989 by Tim Berners-Lee.

W3C has continued to expand on what the web does by our mission to make the web work, for everyone. We bring together global stakeholders to develop open standards that enable a World Wide Web that connects and empowers humanity.
https://www.w3.org/mission/

When somebody vandalized their building, this design studio responded the only way they knew how.

They made it into a typeface.
https://revengefont.com

Via @metafilter

Finally, after 11 years and 97 days, @haveibeenpwned has a new look! Today, we're "soft launching" the rebrand, that is we're giving everyone a look and welcoming contributions, but you won't see it on any publicly facing assets yet. What do you think? https://www.troyhunt.com/soft-launching-and-open-sourcing-the-have-i-been-pwned-rebrand/