#security upgrade

A new vector for malware has emerged recently for malicious attacks: agentic browsers. Prompt injection, an exploit in which input is crafted to appear legitimate but is designed to cause unintended behavior in AI’s, is a growing source of exploitation. I first reported on it in September, in which I highlighted EchoLeak, a zero-click prompt injection that affects Microsoft’s Copilot and uses automated execution of the payload via file processing. Since then, several other variations of prompt injection have stepped onto the AI stage.

Google has announced it’s introducing new security into their agentic capabilities in Chrome that will vet actions in an attempt to lessen the risk of external web content unrelated to whatever search one is doing, especially from untrusted sources. According to Security Week, this new component is a separate AI model built with Gemini, called the User Alignment Critic. This agent will check for relevancy before searching, create a work log for transparency with the user and trigger confirmation checks before execution of a command occurs. It will evidently comply with Safe Search settings and check each page navigated to for indirect prompt injections.

This all sounds great, but my question is: why weren’t these security features in place from the start? And why do we need another AI model to carry this out when it should be built into the existing system?

I feel like there is a certain level of naivety in tech innovation that really needs to be examined before more companies jump on the bandwagon of implementing these tools. Here’s a shiny new thing! Surely nothing will go wrong with it! Insert my jaded and cynical eyeroll here. No good deed goes unpunished, and no powerful tool goes unexploited. At this point in digital invention the dangers should be calculated with an eye towards preventing abuse as part of the design stage. There’s really no excuse not to have it be inherent. We would not build a suspension bridge without guardrails, why should we allow tech companies to build new lanes in the information highway without them? Or to put it another way, in the metaphor I often use for AI, why have we been letting our toddlers have free rein in the kitchen where all the knives, hot stoves and breakable dishes are when baby gates exist? A good parent puts the gate in place before a disaster happens.

This innovation from Google comes at the same time that The Record published an article regarding UK Intelligence’s suggestion that prompt injection may never truly go away. And why would it? It’s a powerful vector for Trojans, backdoors, data mining and exfiltration. I’ve said it before, and no doubt I will say it again, threat actors will not stop just because the path they took to executing their malicious behavior is blocked. They’ll just find another path. I’ve watched it happen in real time after a disruption. Some malware families disappear. New ones, and sometimes old ones, take their place almost immediately.

I think it’s good that Google is introducing this security agent. But I also think it’s closing the barn door after the horses have escaped. This should have been there all along. And frankly, the fact that it wasn’t is an obvious, glaring oversight that does not inspire confidence in me as a user. There’s a simple way to avoid exploitation via prompt injection. Don’t use AI.

Looking to enhance your home security? Check out SwitchBot's innovative smart locks! These locks are designed to provide convenience and peace of mind, allowing you to control access to your home right from your smartphone. With features like remote locking and unlocking, you can easily manage who enters your home, even when you're not there. The sleek design and easy installation make SwitchBot smart locks a fantastic choice for anyone looking to upgrade their home security system. Plus, they integrate seamlessly with other smart home devices for a cohesive experience. What are your thoughts on smart locks? Let's discuss!

Have you heard about Psync's innovative indoor security camera featuring advanced AI technology? It's making waves in the home security camera industry!

This cutting-edge device not only provides crystal-clear video footage but also utilizes artificial intelligence to enhance security by detecting unusual activity and sending real-time alerts to your smartphone.

With its sleek design and user-friendly interface, Psync is committed to making your home safer and giving you peace of mind. Plus, the camera integrates seamlessly with other smart home devices, providing an all-in-one solution for your security needs.

If you're considering upgrading your home security, Psync's indoor security camera with AI is definitely worth exploring!

Lock changes are a crucial aspect of maintaining security and privacy in homes, businesses, and various institutions. Whether you’re a homeowner, a business owner, or a tenant, the decision to change locks should be carefully considered. However, the question of who is authorized to change locks is not always straightforward. This article explores the key stakeholders involved in lock changes and the factors that influence their authority.

Homeowners and Property Owners:

The primary authority for changing locks in a residential setting lies with the homeowner. Homeownership grants individuals the right to make decisions regarding their property’s security. Homeowners may choose to change locks for various reasons, such as moving into a new home, upgrading security systems, or addressing concerns about lost or stolen keys.

In rental situations, the authority to change locks often depends on the lease agreement between the landlord and tenant. Some leases explicitly grant tenants the right to change locks, provided they provide the landlord with a copy of the new key. However, other leases may restrict tenants from altering the property’s security features without the landlord’s explicit consent.

Landlords and Property Managers:

Landlords typically have authority over the security measures of rental properties, including the ability to change locks. However, the specifics can vary based on local laws and lease agreements. In some jurisdictions, landlords may be required to provide tenants with notice before changing locks, ensuring that tenants are not unduly restricted from accessing their rented space.

Property managers, acting on behalf of landlords, may also have the authority to change locks. This is often part of their responsibility to maintain the safety and security of the property. Again, the specific terms and conditions are usually outlined in the lease agreement.

Business Owners and Commercial Properties:

In the commercial realm, business owners hold the key to decisions regarding lock changes. Whether it’s a storefront, office building, or industrial facility, the responsibility for ensuring the security of the premises rests with the business owner or the designated decision-maker.

In leased commercial spaces, the terms of the lease agreement play a crucial role in determining who has the authority to change locks. While business owners typically have control over the interior security measures, exterior doors, and entry points may be subject to the landlord’s oversight. It is essential for all parties involved to understand and agree upon these terms to avoid potential conflicts.

A significant security upgrade by L1TF, the core developer team for Terra Luna Classic, has sparked a positive response from the market, driving a 5% rise in LUNC (Terra Luna Classic) and a notable 12% increase in USTC (TerraUSD Classic). This move highlights the community's trust in the platform's commitment to security and stability. Meanwhile, Terra Luna Classic continues to grapple with regulatory challenges, including a delayed trial for Do Kwon, co-founder of Terraform Labs, amid legal battles with the U.S. Securities and Exchange Commission (SEC).

Security Upgrade Impact:

The core developer team, led by Vinh Nguyen, has introduced a comprehensive security upgrade for Terra Luna Classic. The upgrade addresses critical security risks and responds to concerns within the community regarding legacy components in the system. The positive market response, reflected in the uptick of LUNC and USTC prices, suggests that investors and traders appreciate the proactive approach to enhance the platform's security. The upgrade is expected not only to bolster security but also to lay the groundwork for future infrastructure developments.

Legal Saga Continues:

Despite the positive momentum from the security upgrade, Terra Luna Classic is entangled in a legal battle with the SEC. Do Kwon's trial, initially set for January 29, has been delayed as part of the SEC's efforts to hold Terraform Labs accountable for alleged securities law violations. The SEC has accused Terraform Labs and Kwon of a multi-billion dollar crypto asset securities fraud, alleging that Kwon misled investors about the stability of UST, leading to substantial industry losses.

Market Sensitivity to Security:

KARE 4 Channel 720p CCTV DVR System is well suited for your home or business. This Waterproof 720p mega pixels resolution provides incredible picture quality. It truly is well suited for versatile inside or external usage accompanied by a combination of 3.6mm + 6mm preset zoom lens wide position view along with extended observing distance. It is watchable in its entirety coloring with a remarkable evening eyesight range of close to 15-20m. The machine consists of the very latest P2P 1280x720 HDMI DVR permitting easy access to the web via mobile phones, tablets or PC’s with the free apps provided. The device comes with everything that is needed to set up ones CCTV product, full of all cables, connectors, leads, plugs and 1TB preinstalled hard drive.