@lcamtuf Can LLM do the inverse transformation (not "Hard" but "good writing")?

@simon I've had good results using markdown prompts; # headings for grouping sections, ` for code, > quote for excerpts. It's flexible and less picky than XML syntax. Any reason to this XML works better?

@lmk @darkuncle @sophieschmieg absolutely. So as it’s done the Tink way - https://neilmadden.blog/2018/09/30/key-driven-cryptographic-agility/

@darkuncle @neilmadden @sophieschmieg My own "view on the sidelines" (and distant past experience) says "crypto agility" is not just key but a concrete engineering problem we can tackle today (without speculating on future technology rates of progress). When we can turn on a dime the first breaks are much less scary.

@gnomon Thanks for sharing your hopeful vision ... software is infinitely flexible so it can serve profit-driven corporations or higher motives. We just need foundations and tools to shift usage in better directions. The big platforms have the advantage of size and by "taking care of everything" they offer low-effort access for people to consume services - at a cost.

New blog, Publish Your Threat Model!

At ThreatModCon, I gave a talk titled “Publish Your Threat Model!” In it, I discussed work that Loren Kohnfelder and I have been doing to explore the idea, and today I want to share the slides and an essay form of the idea. We invite comments on the essay form, which is the most fleshed out.

(1/5) full text, links at https://is.gd/T0s64E

@timbray I saw two gaping holes in your post that @baldur took the time to rebut. [1] "The probability [of] being fooled seems very low." Unless they closely reviewed the code (which slows down the big speedup quite a bit) they are likely being fooled or over-trusting. [2] Using "25 prompts" to skip code that "doesn’t compile or makes all the unit tests fail" is silly. Passing all unit tests is a good quality bar; maybe it misunderstood the spec and the tests are wrong, or test coverage is weak, (and so on), FWIW, I think the answer here is a super-position of good and bad which is still pretty cool if used wisely.

@w7voa Congratulations! Your work has been a shining star in the darkness and fog, thank you!

@dave Yes vibe coding easily becomes a mess, but there are better ways. I don't have it mastered, but you have to write a spec and refine it (with LLM), strategize order to build components in, get unit tests with the code and make them pass, and when it goes downhill drop back and punt then try another approach. With patience it can work, and Claude is the best I've found.

@mwichary Yes, I have a trail of abandoned manuscripts, but I'd urge you to heed the one you cannot let go. Three ideas for you: [1] Can you boil it down smaller (e.g. short story instead of novel) so you can relentlessly polish it? [2] Consider other media, e.g. as a play or film instead of book, etc. [3] Tell it to a trusted listener (many sessions if need be) to learn how to convey the heart of the story. You can do it, just maybe not the way you planned!

@neilmadden "again" indeed. I'd love to know (a) if they did a threat model, (b) if it including this kind of threat, (c) if the design anticipated it, (d) did the security review not happen or miss it, and (e) if there are test cases (even after the fact) to detect regressions. How does the industry improve if we don't know where these things are missed? I don't think I've ever seen a vulnerability fix answer these questions even one time. ¯_(ツ)_/¯

New blog: Free Threat Modeling Training for Displaced Federal Workers

US Government employees (and former employees) are going through a lot of chaos. Many of our colleagues, collaborators, and friends are out of work — suddenly and unexpectedly.

At Shostack + Associates, we can’t fix that. But we can offer something concrete.

In times of uncertainty, we focus on what we know, and what we know is threat modeling and how to teach it. It’s what we do best, and it’s how we can help.

(1/4) full post, links: https://is.gd/nYz3y2

@adamshostack I think it might just be embeddings rather than summaries. Also I have Gmail "Google Workspace smart features" off which I assume blocks this.

@quinn Yes it is hard - boxing a slab of gelatin is not a bad metaphor. Generally the best counter is to tentatively suppose they are right and then show the absurd results that follow. This is hard to do on the spot which is why they always keep "flooding the zone" relentlessly. I hope this helps, there is light at the end of the tunnel!

@neilmadden Great to see this 26 years after cooking up the STRIDE acronym - I had no idea it would even be remembered, much less used by so many for so long!

@SecurityWriter I hear you - no idea what you complained about, but replies that criticize you and don't help are exactly what I'm hoping to avoid with ActivityPub. BTW, I was probably programming an IBM 360 with punch cards before you were born.
"The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends on the unreasonable man.'' — George Bernard Shaw

@adamshostack Notably which barbarians doesn't matter both in the case of very strong and very flimsy gates. Is that another way of saying "Thinking like an attacker" isn't very effective?

@Rasta Let's make every day April Fools Day for a better internet.

Happy #AprilFools day to all who celebrate

@rogeragrimes How does a large digital tech corporation not have security reviews - or did they miss that?