events

The Moth Radio Hour: Autonomy

In this hour, stories of self-reliance and autonomy. What's in a name, the ties that bind us, and a life-altering diagnosis. This episode is hosted by Moth Senior Director Jenifer Hixson. The Moth Radio Hour is produced by The Moth and Jay Allison of Atlantic Public Media.

Storytellers:

Shaylan Clark grows up in Harlan County, where every family has at least one coal miner. 

Quetzalli Castro is frustrated by teachers who can't pronounce her name.

Daisy Joy Rodrigo worries that her parents won't approve of her boyfriend.

Brian Jeansonne describes how living with ALS has impacted his family.

Podcast # 889




events

The Moth Radio Hour: Fear Factor

In this hour, stories of fear -- facing it, outgrowing it, and learning from it. From shadowy childhood demons, to the anxieties of parenthood, and life or death choices in the face of discrimination. This hour is hosted by Moth Executive Producer, Sarah Austin Jenness. The Moth Radio Hour is produced by The Moth and Jay Allison of Atlantic Public Media.

Storytellers:

Zaena Tessema's mother invokes a mysterious figure to control her children.

Diane Kastiel gets unexpected and unwanted news.

Bruce Lee teaches Tito Chavez-Nguyen how to find his way in a new school.

Patricia Aro is scared that her children will ask her about death.

Chelsea Shorte is pulled over for the first time while masculine presenting.

Rufus May fears his own experience with mental health issues will keep him from being a clinical psychologist.

Podcast # 680




events

The Moth Podcast: A Family Circus

On this episode, we feature two stories all about the hectic, maddening, hair-pulling side of raising kids. Plus, we feature some very special guests reading the credits. This episode was hosted by Kate Tellers.

Storytellers:

Mary Lea Carroll tries to figure out how her mom raised so many children without absolutely losing it.

PT Smith learns the true meaning of fatherhood.

Special thanks to Fritz & Olai (9), Nilah (8), Iris & Harvey (6), Zelda (4) and Esi (9 months).




events

The Moth Radio Hour: Lo and Behold!

Lo and behold! Stories of shocks and surprises—both good and bad. A birthday gift with unintended consequences, family secrets, and support from an unlikely fanbase. This episode is hosted by Moth Director Michelle Jalowski. The Moth Radio Hour is produced by The Moth and Jay Allison of Atlantic Public Media.

Storytellers:

Jessie shows her family photos from her recent travels...and more. 

Cat Powell-Hoffman learns about her biological family.

Musician Paul Chin works tirelessly on an EP.

Kelli Dunham doesn't like accepting help from others. 

Podcast # 891




events

The Moth Radio Hour: I See You

In this hour, stories about clarity and perspective. Seeing one another, feeling seen, and seeing oneself with the veil lifted. This episode is hosted by Moth Senior Director Jenifer Hixson. The Moth Radio Hour is produced by The Moth and Jay Allison of Atlantic Public Media.

Storytellers:

Rae Wynn-Grant's perspective on America shifts while studying wildlife in Africa.

Angelica Lindsey-Ali makes Hajj while 8 months pregnant.

Grace Topinka joins a new friend for spa day.

Zakiya Minifee is determined to not be "that American" during a trip abroad.

Josh Holland meets his birth mother at 39.

Podcast # 681




events

The Moth Podcast: Live from LA

We've got a special treat for you this episode! We're featuring a recent Los Angeles GrandSLAM - with hosting, audience slips, music, and of course, great stories. The episode was introduced by Sarah Austin Jenness, and the GrandSLAM was hosted by Brian Finkelstein. The musicians in this episode were Alexander Burke, who played the vibraphone, and Eban Schletter, who played the theremin.

Special thanks to Gary Buchler, regional producer of The Moth's Los Angeles slam series.

Storytellers:

Jess Nurse learns a bit about friendship after your twenties.

David Ambroz finds inner strength in a challenging situation.

Bryan Kett plays disc-golf with some misfits.





events

The Moth Radio Hour: Past Tense, Future Perfect

In this hour, moments and memories that mold the future. Life or death choices made in an instant, bygone mistakes, and letting go of grudges and guilt. This hour is hosted by Moth Senior Director Meg Bowles. The Moth Radio Hour is produced by The Moth and Jay Allison of Atlantic Public Media.

Storytellers: 

Julie Pryor is tasked with driving on the [infamously] dangerous Alaskan Haul Road.

A pregnant Madeleine Berenson endures harassment and discrimination from her employer.

Michael Fischer risks his life for a bag of pretzels.

Carol Seppilu finds a unique way to brave her depression. 

Podcast # 684




events

The Moth Podcast: Goodness, Gracious

On this episode, stories about kindness, care, and what we owe each other. The episode was hosted by Michelle Jalowski. 

Storytellers:

Matthew Dicks finds a friend at McDonalds.

Heidi Munson’s boss goes the extra mile.

Laurie Bushbaum tries to find a way to give away her mom’s hats.

Podcast # 891




events

The Moth Radio Hour: Against the Grain

In this hour, stories of people who swam upstream, went against the grain, forged their own paths. Standing tall, dressing for success, and getting behind the wheel. This episode is hosted by Moth Director Jodi Powell. The Moth Radio Hour is produced by The Moth and Jay Allison of Atlantic Public Media.

Storytellers:

Jameer Pond brings his act as a comedian to college. 

Shristi Karki watches her mom learn a new skill.

6 foot 11 year old Shannan Scarselleta competes in a middle school obstacle course.

Gina Belafonte chronicles her relationship with her mother. 

Podcast # 892




events

The Moth Radio Hour: Veterans' Day Special

A special Veterans Day edition of The Moth Radio Hour. After returning from active duty in the Middle East, a marine searches for new meaning; a 97 year old woman describes training young men for WWII combat as a WASP; a father being deployed to Iraq must find a way to explain it to his children; and a WWII soldier from Wisconsin serves with the segregated 93rd Infantry Division in the South Pacific. This special hour is hosted by The Moth's Producing Director, Sarah Austin Jenness. The Moth Radio Hour is produced by The Moth and Jay Allison of Atlantic Public Media.

Storytellers:

Mike Scotti finds new meaning after returning from active duty in the Middle East.

Dawn Seymour becomes part of the Women Airforce Service Pilots (WASP), training young men stateside to enter WWII overseas.

Bill Krieger tucks his daughter in at night before being deployed to Iraq. 

William Cole serves as a radio operator in the 93rd Infantry Division, a segregated unit, in the South Pacific.

Podcast # 356




events

Risks Digest 34.35

Posted by RISKS List Owner on Jul 11

RISKS-LIST: Risks-Forum Digest Thursday 11 Jun 2024 Volume 34 : Issue 35

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.35>
The current issue can also be found at
<...




events

Risks Digest 34.36

Posted by RISKS List Owner on Jul 21

RISKS-LIST: Risks-Forum Digest Sunday 21 Jul 2024 Volume 34 : Issue 36

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.36>
The current issue can also be found at
<...




events

Risks Digest 34.37

Posted by RISKS List Owner on Jul 25

RISKS-LIST: Risks-Forum Digest Thursday 25 Jul 2024 Volume 34 : Issue 37

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.37>
The current issue can also be found at
<...




events

Risks Digest 34.38

Posted by RISKS List Owner on Jul 29

RISKS-LIST: Risks-Forum Digest Monday 29 Jul 2024 Volume 34 : Issue 38

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.38>
The current issue can also be found at
<...




events

Risks Digest 34.39

Posted by RISKS List Owner on Aug 03

RISKS-LIST: Risks-Forum Digest Saturday 3 Aug 2024 Volume 34 : Issue 39

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.39>
The current issue can also be found at
<...




events

Risks Digest 34.40

Posted by RISKS List Owner on Aug 14

RISKS-LIST: Risks-Forum Digest Wednesday 14 Aug 2024 Volume 34 : Issue 40

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.40>
The current issue can also be found at
<...




events

Risks Digest 34.41

Posted by RISKS List Owner on Aug 24

RISKS-LIST: Risks-Forum Digest Saturday 24 Aug 2024 Volume 34 : Issue 41

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS
(comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats,
etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.41>
The current issue can also be found at
<...




events

Risks Digest 34.42

Posted by RISKS List Owner on Aug 26

RISKS-LIST: Risks-Forum Digest Monday 26 Aug 2024 Volume 34 : Issue 42

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.42>
The current issue can also be found at
<...




events

Risks Digest 34.43

Posted by RISKS List Owner on Aug 29

RISKS-LIST: Risks-Forum Digest Thursday 29 Aug 2024 Volume 34 : Issue 43

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.43>
The current issue can also be found at
<...




events

Risks Digest 34.44

Posted by RISKS List Owner on Sep 08

RISKS-LIST: Risks-Forum Digest Sunday 8 Sep 2024 Volume 34 : Issue 44

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.44>
The current issue can also be found at
<...




events

Risks Digest 34.45

Posted by RISKS List Owner on Sep 14

RISKS-LIST: Risks-Forum Digest Saturday 14 Sep 2024 Volume 34 : Issue 45

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.45>
The current issue can also be found at
<...




events

Risks Digest 34.46

Posted by RISKS List Owner on Oct 01

RISKS-LIST: Risks-Forum Digest Tuesday 1 Oct 2024 Volume 34 : Issue 46

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.46>
The current issue can also be found at
<...




events

Risks Digest 34.47

Posted by RISKS List Owner on Oct 17

RISKS-LIST: Risks-Forum Digest Thursday 17 Oct 2024 Volume 34 : Issue 47

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.47>
The current issue can also be found at
<...




events

Risks Digest 34.48

Posted by RISKS List Owner on Nov 08

RISKS-LIST: Risks-Forum Digest Friday 8 Nov 2024 Volume 34 : Issue 48

ACM FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
Peter G. Neumann, founder and still moderator

***** See last item for further information, disclaimers, caveats, etc. *****
This issue is archived at <http://www.risks.org> as
<http://catless.ncl.ac.uk/Risks/34.48>
The current issue can also be found at
<...




events

Re: LLMs and refusals

Posted by Jason Ross via Dailydave on Jul 25

It's likely this is going to happen anyway, the new Mistral just dropped
and seems to perform roughly on par with llama3 and gpt4o, so the next wave
of fine tuned versions like dolphin are almost certainly coming soon.

OpenAI also has announced free fine tuning of gpt4o mini until late
September (up to 2m tokens/day) so it may be possible to fine tune around
some of its guardrails for a reasonable cost.




events

Re: LLMs and refusals

Posted by David Manouchehri via Dailydave on Jul 28

Breaking down a prompt into multiple steps works pretty well for us. e.g.
first we get generic mean reasons:

[image: image.png]

Then I just shove the mean reasons into the system message (you can do this
with another LLM call instead in real life, I just cheated by copy pasting
since there's already too many screenshots in this email):

[image: image.png]

This is with gpt-4o-2024-05-13 above, but you can see below it works with
Llama 3.1...




events

PRANA Hack and Leak Report Release

Posted by Dave Aitel via Dailydave on Aug 02

Cordyceps Analysis Report on PRANA Network Hack and Leak Operation:
https://docs.google.com/document/d/1oOJbBTUwyK85ZKYAAdwWqxk-sMvqrBqzJYX1oziTFu4/edit?usp=sharing

Lately I've been reading a lot of academic papers, mostly the Research
Handbook on Cyberwarfare
<https://www.elgaronline.com/edcollchap/book/9781803924854/book-part-9781803924854-6.xml>.
Some of them are good papers! JD Work has a paper in it! But also some of
them get...




events

"Exploitation Less Likely"

Posted by Dave Aitel via Dailydave on Aug 12

DefCon is a study in cacophony, and like many of you I'm still digging
through my backlog of new research in multifarious browser tabs, the way a
dragonfly keeps track of the world through scintillated compound lenses. In
between AIxCC (which proved, if anything, the boundaries
<https://dashboard.aicyberchallenge.com/collectivesolvehealth> of automated
bug finding using current LLM tech?), James Kettle's timing attack research...




events

Re: "Exploitation Less Likely"

Posted by Don A. Bailey via Dailydave on Aug 13





events

Re: "Exploitation Less Likely"

Posted by Dave Aitel via Dailydave on Aug 13

https://github.com/CloudCrowSec001/CVE-2024-38077-POC/blob/main/CVE-2024-38077.md
https://github.com/Wlibang/CVE-2024-38077/blob/main/One%20bug%20to%20Rule%20Them%20All%2C%20Exploiting%20a%20Preauth%20RCE%20vulnerability%20on%20Windows%20(2024_8_9%2010_59_06).html

But while you are at it, always good to watch a video for no reason:
https://www.youtube.com/watch?v=mVXrl4W1jOU

-dave




events

Persistence and Strategic Effects

Posted by Dave Aitel via Dailydave on Aug 15

Before there were words, calculated as the softmax of a list of possible
tokens, there were just vectors of nano-electrical potential in cells
soaked in a hormonal brew of electrolytes, operating on a clock cycle of
"slow, but fast enough". In this sense, as we now know
<https://www.ncbi.nlm.nih.gov/pmc/articles/PMC10472538/>, we generate words
and we know, in our heads, what we are, in the same way as we generate
limbs, with each...




events

Re: Persistence and Strategic Effects

Posted by the grugq via Dailydave on Aug 16

Cyber is Calvinball.

I gave a talk back in 2015 [1] which I think has held up rather well. My argument was that cyber is evolving in
unpredictable ways as we learn more about the domain. That the current state of the art has huge blind spots we aren’t
even thinking about. The next year was, of course, the 2016 disinformation campaign fed by cyber loot.

I feel that a great deal of cyber war literature is based on knowledge derived from...




events

sboms and LLMs

Posted by Dave Aitel via Dailydave on Sep 11

People doing software security often use LLMs more as orchestrators than
anything else. But there's so many more complicated ways to use them in our
space coming down the pipe. Obviously the next evolution of SBOMs
<https://www.cisa.gov/resources-tools/resources/cisa-sbom-rama> is that
they represent not just what is contained in the code as some static tree
of library dependencies, but also what that code does in a summary fashion...




events

Re: sboms and LLMs

Posted by Isaac Dawson via Dailydave on Sep 12

Well this is rather timely! Although I'm not sure using an LLM for the
behavioral aspect is entirely necessary. I've been working on an
experimental system that does just what you talk about for dependencies (
https://docs.gitlab.com/ee/user/application_security/dependency_scanning/experiment_libbehave_dependency.html,
pre-alpha!). My solution uses static analysis because I'm a fan of
determinism.

Snark aside, looking at behaviors...




events

Re: sboms and LLMs

Posted by Adrian Sanabria via Dailydave on Sep 12

We've been talking about and giving "Beyond the SBOM" presentations for a
while now, but to your point, I don't see anyone actually doing it.

If Solarwinds said "here's a script that will lock down your host firewall
to just the outbound access our tools need to update themselves", that
would be amazing, and would have saved everyone some time and trouble a few
years ago.

[image: image.png]
And Biden's EO...




events

Developing Clairvoyance

Posted by Dave Aitel via Dailydave on Sep 30

As you know, humans like to invent comfort words. One of my favorites is
"luck". The theory being that yes, the universe has dice, but they are
loaded in your favor. Properly used, these words are a spell - they allow
us to have courage when a sober mind would quail. But when you become a
professional, you have to give up these crutches. Only poor poker players
believe in "luck".

In computer science, and especially in machine...




events

Grace Hopper and the Rebirth of US Conferences

Posted by Dave Aitel via Dailydave on Oct 10

I spent some time watching all the Grace Hopper videos on the youtubes, as
I prepared for what up North is a horrible storm, but here in Miami is, so
far, a breezy and clear day. You can hear her talk about how subroutines
used to be literal handwritten pages of instructions in notebooks. When you
wanted SIN or COS you would go over to whoever had the notebook with the
working version, and copy it out into your code.

It was this experience that...




events

Old Infosec Talks: Metlstorm's Take on Hacky Hacking

Posted by Dave Aitel via Dailydave on Oct 31

The Anatomy of Compromise

One of my demented hobbies is watching old infosec talks and then seeing
how well they hold up to modern times. Recently I excavated Metlstorm's
2017 BSides Canberra
<https://www.youtube.com/watch?v=OjgvP9UB9GI&list=TLGGvAY1CcIr-AcyNjEwMjAyNA>
talk on "How people get hacked" - a pretty generic topic that gives a lot
of room for opinion, and one a lot of people have opined on, but the talk
itself...




events

Hacking the Edges of Knowledge: LLMs, Vulnerabilities, and the Quest for Understanding

Posted by Dave Aitel via Dailydave on Nov 02

[image: image.png]

It's impossible not to notice that we live in an age of technological
wonders, stretching back to the primitive hominids who dared to ask "Why?"
but also continually accelerating and pulling everything apart while it
does, in the exact same manner as the Universe at large. It is why all the
hackers you know are invested so heavily in Deep Learning right now, as if
someone got on a megaphone at Chaos...




events

Friday Night Magic

11/15/2024 - 6:00 PM - Venue: Chaos Games and More




events

Eagles Dinner

11/15/2024 - 5:30 PM - Venue: Fraternal Order of Eagles No. 4471




events

Urantia Book Discussions

11/15/2024 - 1:00 PM - Venue: The Hanging Tree Cafe




events

PCC Gaming Club

11/15/2024 - 12:00 PM - Venue: Pueblo Community College




events

English Conversation Club

11/15/2024 - 11:30 AM - Venue: Pueblo West Library




events

Open Mic Comedy Show

11/14/2024 - 10:00 PM - Venue: Rainbow Bar




events

Casey Brock

11/14/2024 - 9:30 PM - Venue: Applebeess South




events

Open Mic/Variety Jam

11/14/2024 - 9:00 PM - Venue: Riverside Bar and Grill




events

Pueblo Chess Club

11/14/2024 - 7:00 PM - Venue: The Hanging Tree Cafe




events

Civil Air Patrol

11/14/2024 - 6:30 PM - Venue: National Guard Armory




events

Teen Night

11/14/2024 - 6:30 PM - Venue: Rawlings Library