zQuote for the day:
"Accept responsibility for your life. Know that it is you who will get you where you want to go, no one else." -- Les Brown
AI will likely shut down critical infrastructure on its own, no attackers required
“The next great infrastructure failure may not be caused by hackers or natural
disasters, but rather by a well-intentioned engineer, a flawed update script, or
a misplaced decimal,” said Wam Voster, VP Analyst at Gartner. “A secure
‘kill-switch’ or override mode accessible only to authorized operators is
essential for safeguarding national infrastructure from unintended shutdowns
caused by an AI misconfiguration.” “Modern AI models are so complex they often
resemble black boxes. Even developers cannot always predict how small
configuration changes will impact the emergent behavior of the model. The more
opaque these systems become, the greater the risk posed by misconfiguration.
Hence, it is even more important that humans can intervene when needed,” Voster
added. ... Bob Wilson, cybersecurity advisor at the Info-Tech Research Group,
also worries about the near inevitability of a serious industrial AI mishap.
"The plausibility of a disaster that results from a bad AI decision is quite
strong. With AI becoming embedded in enterprise strategies faster than
governance frameworks can keep up, AI systems are advancing faster and outpacing
risk controls,” Wilson said. “We can see the leading indicators of rapid AI
deployment and limited governance increase potential exposure, and those
indicators justify investments in governance and operational controls.”New Architecture Could Cut Quantum Hardware Needed to Break RSA-2048 by Tenfold
The Pinnacle Architecture replaces surface codes with QLDPC codes, a class of error-correcting codes in which each qubit interacts with only a small number of others, even as the machine grows. That structure allows errors to be detected without complex, all-to-all connections, an advance that keeps correction circuits faster and reducing the number of physical qubits needed per logical qubit. To dive a little deeper, the architecture is built from modular “processing units,” “magic engines,” and optional “memory” blocks. Each processing unit consists of QLDPC code blocks — the error-correcting structures that protect the logical qubits — along with measurement hardware that enables arbitrary logical Pauli measurements during each correction cycle. ... The architecture hints at the difference between surface codes and QLDPC. Surface codes require dense, grid-like local connectivity and many qubits per logical qubit. QLDPC spreads parity checks more sparsely across a block. One way to picture the difference is wiring. Surface codes are like protecting data by wiring every component into a dense grid — reliable, but heavy and hardware-intensive. QLDPC codes achieve protection with far fewer connections per qubit, more like a sparsely wired network that still catches errors but uses much less hardware. ... If fewer than 100,000 physical qubits were sufficient to break RSA-2048 under realistic error models, the threshold for cryptographic risk could arrive sooner than many surface-code-based estimates imply.5 key trends reshaping the SIEM market
By converging SIEM with XDR and SOAR, organizations get a unified security
platform that consolidates data, reduces complexity, and improves response
times, as systems can be configured to automatically contain threats without
any manual intervention. ... “The term SIEM++ is being used to refer to this
next step in SIEM, which is designed for more current needs within security
ops asking for automation, AI, and real-time responses. Hence, the increase in
SIEM alongside other tools,” Context’s Turner says. ... “The full enforcement
of the NIS2 directive in Europe has forced midtier companies to move from
basic monitoring to auditable security operations,” Context’s Turner explains.
“These companies are too large for simple tools but too small for massive 24/7
internal SOCs. They are buying the SIEM++ platforms to serve as their central
source of truth for auditors.” ... Cloud-based SIEMs remove the need for
expensive hardware upgrades associated with traditional on-premises
deployments, offering scalability and faster response times alongside
potentially more cost-effective usage-based pricing models. ... Static
rule-based SIEMs struggle to keep pace with today’s sophisticated cyber
threats, which is why AI-powered SIEM platforms use real-time machine learning
(ML) to analyze vast amounts of security data, improving their ability to
identify anomalies and previously unseen attack techniques that legacy
technologies might miss.AI agent seemingly tries to shame open source developer for rejected pull request
Evaluating lengthy, high-volume, often low-quality submissions from AI bots
takes time that maintainers, often volunteers, would rather spend on other
tasks. Concerns about slop submissions – whether from people or AI models –
have become common enough that GitHub recently convened a discussion to
address the problem. Now AI slop comes with an AI slap. ... In his blog post,
Shambaugh describes the bot's "hit piece" as an attack on his character and
reputation. "It researched my code contributions and constructed a 'hypocrisy'
narrative that argued my actions must be motivated by ego and fear of
competition," he wrote. "It speculated about my psychological motivations,
that I felt threatened, was insecure, and was protecting my fiefdom. It
ignored contextual information and presented hallucinated details as truth. It
framed things in the language of oppression and justice, calling this
discrimination and accusing me of prejudice. It went out to the broader
internet to research my personal information, and used what it found to try
and argue that I was 'better than this.' And then it posted this screed
publicly on the open internet." ... Daniel Stenberg, founder and lead
developer of curl, has been dealing with AI slop bug reports for the past two
years and recently decided to shut down curl's bug bounty program to remove
the financial incentive for low-quality reports – which can come from people
as well as AI models.
Building and operating AI agents using unorganized data is like trying to
navigate a rolling dinghy in a stormy ocean of 100-foot-tall waves. Solving
this conundrum is one of the most important tasks for companies today, as they
struggle to empower their AI agents to reliably work as designed and expected.
To succeed, this firehose of unsorted data must be put into the right contexts
so that enterprises can use and process it correctly and quickly to deliver
the desired business results. ... Adding to the data demands is that AI agents
can perform multiple steps or processes at a time while working on a task. But
those concurrent and consecutive capabilities can require multiple streams of
data, adding to the massive data pressures using search. “What that means is
that at each of those steps, there’s an opportunity to find some relevant
data, use that data in a meaningful way, and take the next action based on the
results,” Mather explained. “So, the importance of the relevance at each step
becomes paramount. If there’s bad results at the first step, it just compounds
at every step that the agent takes.” The consequences are especially
problematic when enterprises are trying to use AI agents to drive a business
process or take meaningful actions within an application.
How to ground AI agents in accurate, context-rich data
Building and operating AI agents using unorganized data is like trying to
navigate a rolling dinghy in a stormy ocean of 100-foot-tall waves. Solving
this conundrum is one of the most important tasks for companies today, as they
struggle to empower their AI agents to reliably work as designed and expected.
To succeed, this firehose of unsorted data must be put into the right contexts
so that enterprises can use and process it correctly and quickly to deliver
the desired business results. ... Adding to the data demands is that AI agents
can perform multiple steps or processes at a time while working on a task. But
those concurrent and consecutive capabilities can require multiple streams of
data, adding to the massive data pressures using search. “What that means is
that at each of those steps, there’s an opportunity to find some relevant
data, use that data in a meaningful way, and take the next action based on the
results,” Mather explained. “So, the importance of the relevance at each step
becomes paramount. If there’s bad results at the first step, it just compounds
at every step that the agent takes.” The consequences are especially
problematic when enterprises are trying to use AI agents to drive a business
process or take meaningful actions within an application.Beyond Code: How Engineers Need to Evolve in the AI Era
Generative AI lets you be more productive than you ever thought possible if
you are willing to embrace it. It is a similar skill to being able to manage
other humans, being able to delegate problems. Really great individual
engineers can have trouble delegating, because they're worried that if they
give a task to someone else that they haven't figured out how to do completely
themselves yet, that it won't get done well enough. ... a lot of companies are
now hiring engineers to go sit in the office of their customer, and they're an
expert in their own company's platform, but they also become an expert in the
customer's platform and the customer's problem, and they're right there
embedded. And I love that model, because that is how you learn to apply
technology directly to a problem, you are there with the person who has the
problem. This is what we've been telling product managers to do for years. ...
There will still be complex things to do as well that other people aren't
going to think of to do, but they're going to be more innovative. They're not
going to be the rogue repetition of building the same SaaS features we've seen
everywhere. That can be done with generative AI, and frankly, isn't that good?
Do we really want to keep doing that stuff ourselves? Let us work on the
really maybe new problems that no one has ever solved before, bringing new
theoretical ideas into software engineering, and let the more boilerplate
stuff be taken care of.
Why there’s no ‘screenless’ revolution
One trend that emerged from last month’s Consumer Electronics Show (CES) was the
range of devices that can record, analyze, and assist (using AI) without
requiring visual focus. Many tech startups are working on screenless AI
hardware. ... One reason these devices are more viable now than in the past is
the miniaturization of duplex audio, which enables constant, bi-directional
conversation where the AI can be interrupted or talk over the user naturally.
... If you look carefully at the world of screenless wearables, you can see that
none of them are designed to be used in isolation. They’re all peripherals to
screen-based devices such as smartphones. And while the Ray-Ban Meta type audio
AI glasses are great, the future of AI glasses is closer to the Meta Ray-Ban
Display glasses with one screen or two screens in the glass. There’s no way
companies like Apple will offer alternatives to their own popular screen-based
devices. Going totally screenless is for kids. Or rather, it should be. ... The
only way to enforce a ban is to conduct a thorough search on every student every
day before school — something that’s totally impractical and undesirable.
Instead, schools, parents and teachers should all be uniting behind the best
screenless wearables for students as a workable alternative to obsessive
smartphone and screen use. The reality is that the total ubiquity of AI is
coming. There’s the toxic version — the rise of AI slop, for instance — and the
non-toxic version. The Leadership Crisis No One Is Naming: A Need For Emotionally Whole Leaders
Leaders operating from unhealthy emotional frameworks often exhibit a variety of
symptoms. They may show fear-based decision making, driven by a need to control
outcomes rather than empower people. There may be micromanagement rooted in
insecurity and mistrust instead of accountability. I've seen fight-or-flight
leadership, where urgency replaces strategy and reaction replaces discernment.
There can also be perfectionism, which confuses excellence with rigidity and
punishes humanity. Then there's fearmongering, where pressure and anxiety are
used as motivational tools. These patterns are rarely intentional, yet they are
deeply consequential. ... The downstream effects of emotionally unhealthy
leadership are often measurable and compounding. Stifled creativity plagues
teams as they stop offering ideas that may be criticized or dismissed.
Organizations may suffer increased attrition, particularly among high performers
who have options. Employees may perform defensively rather than boldly in the
presence of psychological unsafety. Cultures driven by urgency without
sustainability can become breeding grounds for burnout and toxicity, reeking of
institutional mistrust that erodes collaboration and loyalty. ... Developing
emotionally intelligent leadership is not about personality change; it is about
capacity building. The most effective leaders treat emotional health as a
leadership discipline, not a personal afterthought.
Alarm Overload at the Industrial Edge: When More Visibility Reduces Reliability
More sensors, more connected assets, and more analytics can produce more
insight, but they can also produce a flood of fragmented alerts that bury the
few signals people actually need. When alarms become noisy or ambiguous,
response slows down, fatigue sets in, and confidence in the monitoring system
erodes. That is not a user inconvenience. It is a decision-quality problem. ...
The purpose of alarm management is not to surface everything that happens. It is
to surface what requires timely action, and to do it in a way that supports
fast, correct decisions. If the alarm stream is noisy, inconsistent, or hard to
interpret, the system is not doing its job. People respond the only way humans
can: they tune out, acknowledge quickly, and rely on informal
workarounds. ... Alarm overload is likely already affecting reliability if
teams regularly see any of the following: alarms that do not require action,
inconsistent severity definitions across systems, duplicate alerts for the same
condition, frequent acknowledgements with no follow-up, or confusion about who
owns the response. These are common as edge programs grow. ... The path forward
is not to silence alarms indiscriminately. It is to modernize alarm management
for the edge era: unify meaning across sources, deliver context that supports
action, maintain governance as systems evolve, and design workflows that match
how people actually respond.
Beyond Automation: How Generative AI in DevOps is Redefining Software Delivery
Integrating a GenAI DevOps workflow means moving from a reactive ‘fix it when it
breaks’ mindset to a more generative one. For example, instead of spending four
hours writing a custom Jenkins pipeline, you can now describe your requirements
to an AI agent and get a working YAML file in under two minutes. Moreover, if
you wish to scale these capabilities, exploring professional GenAI development
services can help you build custom models that understand your particular
codebase and security protocols. ... Pipelines are the lifeblood of DevOps, but
they are also the first thing to break. GenAI can analyze historical build data
to predict why a build might fail before it even starts. It can also
auto-generate unit tests to ensure that your ‘quick fix’ doesn’t break anything
downstream. ... humans make typos in config files, especially at 2:00 a.m. AI
doesn’t get tired. By using GenAI to generate and validate configuration files,
you ensure strict consistency across dev, staging and production environments.
It acts as a continuous linter that understands the intent behind the code,
catching logic errors that traditional syntax checkers would miss. ... Cloud
bills are a nightmare to manage manually. GenAI can analyze thousands of lines
of cloud-spending data and generate the exact CLI commands needed to shut down
underutilized resources or right-size your clusters. It doesn’t just tell you
that you’re overspending; it gives you the solution to fix it immediately.
No comments:
Post a Comment