shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

248
active users

#ttp

1 post1 participant0 posts today
Schneier on Security · AIs as Trusted Third Parties - Schneier on SecurityThis is a truly fascinating paper: “Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography.” The basic idea is that AIs can act as trusted third parties: Abstract: We often interact with untrusted parties. Prioritization of privacy can limit the effectiveness of these interactions, as achieving certain goals necessitates sharing private data. Traditionally, addressing this challenge has involved either seeking trusted intermediaries or constructing cryptographic protocols that restrict how much data is revealed, such as multi-party computations or zero-knowledge proofs. While significant advances have been made in scaling cryptographic approaches, they remain limited in terms of the size and complexity of applications they can be used for. In this paper, we argue that capable machine learning models can fulfill the role of a trusted third party, thus enabling secure computations for applications that were previously infeasible. In particular, we describe Trusted Capable Model Environments (TCMEs) as an alternative approach for scaling secure computation, where capable machine learning model(s) interact under input/output constraints, with explicit information flow control and explicit statelessness. This approach aims to achieve a balance between privacy and computational efficiency, enabling private inference where classical cryptographic solutions are currently infeasible. We describe a number of use cases that are enabled by TCME, and show that even some simple classic cryptographic problems can already be solved with TCME. Finally, we outline current limitations and discuss the path forward in implementing them...

A new #flashpoint is developing between #Pakistan and #Afghanistan as the former launched #extraterritorial strikes in #Paktika over claims that #PakistaniTaliban #TTP (ally of #AfghaniTaliban) use Afghan soil to launch attacks in Pakistan.

Earlier, TTP attacked a Pakistani checkpoint and killed at least 16 Pakistani soldiers.

Afghanistan’s Defense Ministry said Saturday that its forces hit several points inside Pakistan in retaliation for deadly airstrikes last week.

apnews.com/article/afghanistan

Continued thread

Another example of the same kind of #TTP was covered earlier today at #OBTS by the #Jamf threat research folks. The #RustBucket dropper, disguised as a custom "protected PDF reader" app, includes social engineering-flavored instructions on how to run the app: right-click to open. The attacker's story is that the app is so custom and secure it is unable to live on the #AppStore. Or to be notarized apparently, which triggers the #Gatekeeper warning thus necessitating the override instructions 😒

Another example in the "pros" column for managing your users' ability to be tricked by this malicious actor tactic. `DisableOverride=True`, all day long.

youtube.com/live/9hjUmT031tc (Live, scroll back to about -5:21:08)