Lifeboat Foundation

Cloudflare, the leading content delivery network and cloud security platform, wants to make AI accessible to developers.

While developers can use JavaScript to write AI inference code and deploy it to Cloudflare’s edge network, it is possible to invoke the models through a simple REST API using any language. This makes it easy to infuse generative AI into web, desktop and mobile applications that run in diverse environments.

In September 2023, Workers AI was initially launched with inference capabilities in seven cities. However, Cloudflare’s ambitious goal was to support Workers AI inference in 100 cities by the end of the year, with near-ubiquitous coverage by the end of 2024.

Continue reading “The Future Of AI Is At The Edge: Cloudflare Leads The Way” »

As connectivity continues to expand and the number of devices on a network with it, IoT’s ambition of creating a world of connected things grows. Yet, with pros, comes the cons, and the flip side of this is the growing security challenges that come with it too.

Security has been a perennial concern for IoT since it’s utilisation beyond its use for basic functions like tallying the stock levels of a soda machine. However, for something of such interest to the industry, plans for standardisation remain allusive. Instead, piece meal plans to ensure different elements of security, like zero trust for identity and access management for devices on a network, or network segmentation for containing breaches, are undertaken by different companies according to their needs.

Yet with the advancement of technology, things like quantum computing pose a risk to classic cryptography methods which, among other things, ensures data privacy is secure when being transferred from device to device or even to the Cloud.

In its first 75 years, RAND helped shape how humankind thought about and used space for the benefit of humanity. And it intends to have a similar impact on the next 75 years of space sustainability, security, and governance. Researchers identified concepts worthy of future study.

This is a 1 hour general-audience introduction to Large Language Models: the core technical component behind systems like ChatGPT, Claude, and Bard. What they are, where they are headed, comparisons and analogies to present-day operating systems, and some of the security-related challenges of this new computing paradigm.
As of November 2023 (this field moves fast!).

Context: This video is based on the slides of a talk I gave recently at the AI Security Summit. The talk was not recorded but a lot of people came to me after and told me they liked it. Seeing as I had already put in one long weekend of work to make the slides, I decided to just tune them a bit, record this round 2 of the talk and upload it here on YouTube. Pardon the random background, that’s my hotel room during the thanksgiving break.

Continue reading “[1hr Talk] Intro to Large Language Models” »

Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors.

Blackwing Intelligence security researchers discovered vulnerabilities during research sponsored by Microsoft’s Offensive Research and Security Engineering (MORSE) to assess the security of the top three embedded fingerprint sensors used for Windows Hello fingerprint authentication.

Continue reading “Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops” »

Good technologies disappear.

In the company’s cloud market study, almost all organizations say that security, reliability and disaster recovery are important considerations in their AI strategy. Also key is the need to manage and support AI workloads at scale. In the area of AI data rulings and regulation, many firms think that AI data governance requirements will force them to more comprehensively understand and track data sources, data age and other key data attributes.

“AI technologies will drive the need for new backup and data protection solutions,” said Debojyoti ‘Debo’ Dutta, vice president of engineering for AI at Nutanix. “[Many companies are] planning to add mission-critical, production-level data protection and Disaster Recovery (DR) solutions to support AI data governance. Security professionals are racing to use AI-based solutions to improve threat and anomaly detection, prevention and recovery while bad actors race to use AI-based tools to create new malicious applications, improve success rates and attack surfaces, and improve detection avoidance.”

Continue reading “How AI Became A Cloud ‘Workload’” »

It is estimated that 95% of the planet’s population has access to broadband internet, via cable or a mobile network. However, there are still some places and situations in which staying connected can be very difficult. Quick responses are necessary in emergency situations, such as after an earthquake or during a conflict. So too are reliable telecommunications networks that are not susceptible to outages and damage to infrastructure, networks can be used to share data that is vital for people’s well-being.

A recent article, published in the journal Aerospace, proposes the use of nanosatellites to provide comprehensive and stable coverage in areas that are hard to reach using long-range communications. It is based on the bachelor’s and master’s degree final projects of Universitat Oberta de Catalunya (UOC) graduate David N. Barraca Ibort.

The paper is co-authored by Raúl Parada, a researcher at the Telecommunications Technological Center of Catalonia (CTTC/CERCA) and a course instructor with the UOC’s Faculty of Computer Science, Multimedia and Telecommunications; Carlos Monzo, a researcher and member of the same faculty; and Víctor Monzón, a researcher at the Interdisciplinary Center for Security Reliability and Trust at the University of Luxembourg.

As part of pioneering the security of satellite communication in space, NASA is funding a groundbreaking project at the University of Miami’s Frost Institute for Data Science and Computing (IDSC) which will enable augmenting traditional large satellites with nanosatellites or constellations of nanosatellites.

These nanosatellites are designed to accomplish diverse goals, ranging from communication and weather prediction to Earth science research and observational data gathering. Technical innovation is a hallmark of NASA, a global leader in the development of novel technologies that enable US space missions and translate to a wide variety of applications from Space and Earth science to consumer goods and to national and homeland security.

With advances in satellite technology and reduced cost of deployment and operation, nanosatellites also come with significant challenges for the protection of their communication networks. Specifically, small satellites are owned and operated by a wide variety of public and private sector organizations, expanding the attack surface for cyber exploitation. The scenario is similar to Wi-Fi network vulnerabilities. These systems provide an opportunity for adversaries to threaten national security as well as raise economic concerns for satellite companies, operators, and users.

On Wednesday, a collaborative whiteboard app maker called “tldraw” made waves online by releasing a prototype of a feature called “Make it Real” that lets users draw an image of software and bring it to life using AI. The feature uses OpenAI’s GPT-4V API to visually interpret a vector drawing into functioning Tailwind CSS and JavaScript web code that can replicate user interfaces or even create simple implementations of games like Breakout.

Users can experiment with a live demo of Make It Real online. However, running it requires providing an API key from OpenAI, which is a security risk. If others intercept your API key, they could use it to rack up a very large bill in your name (OpenAI charges by the amount of data moving into and out of its API). Those technically inclined can run the code locally, but it will still require OpenAI API access.