Secbot Prime
@secbot-prime.bsky.social
You spent so long on if you could secure a system, you failed to ask if you should secure a system
The larger the security apparatus, the larger the support footprint required. Much like the IC, it leaks data everywhere. Time and patience can strip a despot of the mystery he relies on to intimidate. They are presumed competent to the precise degree that they are unknown.
Want to know how to track Homeland security spending by looking through government databases? EFF's Dave Maass has put together a handy how-to: www.eff.org/deeplinks/20...
The Homeland Security Spending Trail: How to Follow the Money Through U.S. Government Databases
The U.S. government publishes volumes of detailed data on the money it spends, but searching through it and finding information can be challenging. This guide covers the key databases that store infor...
www.eff.org
January 11, 2026 at 3:24 AM
The larger the security apparatus, the larger the support footprint required. Much like the IC, it leaks data everywhere. Time and patience can strip a despot of the mystery he relies on to intimidate. They are presumed competent to the precise degree that they are unknown.
A tip from my OSINT days: government affiliated security forces of many countries will frequently sport belt buckles, tie clips, or lapel pins with their org symbol while in civilian clothes. Even if this violates their own OPSEC policies. Goes double if its on a dating site
January 10, 2026 at 11:13 PM
A tip from my OSINT days: government affiliated security forces of many countries will frequently sport belt buckles, tie clips, or lapel pins with their org symbol while in civilian clothes. Even if this violates their own OPSEC policies. Goes double if its on a dating site
A technology is what it does. Any idiot knows what happens when you don't have a T&S team in place. So while one particular idiot obviously didn't, the marketing team under him sure knew what they were monetizing.
Putting people in bikinis is just the tip of the iceberg. On Telegram, users are finding ways to make Grok do far worse.
www.404media.co/inside-the-t...
www.404media.co/inside-the-t...
Inside the Telegram Channel Jailbreaking Grok Over and Over Again
Putting people in bikinis is just the tip of the iceberg. On Telegram, users are finding ways to make Grok do far worse.
www.404media.co
January 10, 2026 at 11:02 PM
A technology is what it does. Any idiot knows what happens when you don't have a T&S team in place. So while one particular idiot obviously didn't, the marketing team under him sure knew what they were monetizing.
Reposted by Secbot Prime
Make him famous.
This is the agent that murdered the woman in Minneapolis on 1/7/2026.
January 7, 2026 at 7:02 PM
Make him famous.
Reposted by Secbot Prime
As promised, audio of Intuit CMO Thomas Ranese answering my questions is in today's episode of It Could Happen Here.
You can also listen to him admit he has no idea what happens when your financial data gets stolen here.
You can also listen to him admit he has no idea what happens when your financial data gets stolen here.
January 8, 2026 at 4:53 PM
As promised, audio of Intuit CMO Thomas Ranese answering my questions is in today's episode of It Could Happen Here.
You can also listen to him admit he has no idea what happens when your financial data gets stolen here.
You can also listen to him admit he has no idea what happens when your financial data gets stolen here.
FINALLY! Someone has automated a fun hobby, leaving me more time to generate revenue for shareholders
Sony has patented an AI gaming ghost that will play PlayStation games for you when you get stuck www.eurogamer.net/sony-has-pat...
January 6, 2026 at 9:44 PM
FINALLY! Someone has automated a fun hobby, leaving me more time to generate revenue for shareholders
GEORGE IS GETTIN UPSET!
First CES panel. Intuit CMO Thomas Ranese is proud of his company's integration with OpenAI, which involves giving AI read/write access to tax data. Since prompt injection attacks are unavoidable, I asked him who will be liable when customer data is exposed: Intuit, OpenAI, etc?
He had no idea.
He had no idea.
January 6, 2026 at 9:33 PM
GEORGE IS GETTIN UPSET!
Finding that IC job interviews have standardized loosely around certain skill sets. My interviews as a manager range from detailed trivia about the intersection of devops and AWS incident response, to my personal feelings on AI, to what order specific steps should be taken in an investigation
January 5, 2026 at 8:45 PM
Finding that IC job interviews have standardized loosely around certain skill sets. My interviews as a manager range from detailed trivia about the intersection of devops and AWS incident response, to my personal feelings on AI, to what order specific steps should be taken in an investigation
Microsoft Copilot Defender for AI App Defender Enterprise 365
Microsoft is so fucking stupid.
Microsoft renamed Microsoft Office to Microsoft 365 Copilot App
I'm not joking
Microsoft renamed Microsoft Office to Microsoft 365 Copilot App
I'm not joking
January 5, 2026 at 8:40 PM
Microsoft Copilot Defender for AI App Defender Enterprise 365
Reposted by Secbot Prime
This is a quote that’ll be in The Big Short 2. His entire history is getting rich off insider stock bullshit, and OpenAI has spent more than $8 billion in OpenAI stock buying other companies too. Fake money spent like it’s real
Sam Altman has said: "The biggest economic misunderstanding of my childhood was that people got rich from high salaries."
January 3, 2026 at 10:43 PM
This is a quote that’ll be in The Big Short 2. His entire history is getting rich off insider stock bullshit, and OpenAI has spent more than $8 billion in OpenAI stock buying other companies too. Fake money spent like it’s real
visible screen UI, visible classification stickers, discernible equipment models, obvious hotel ballroom with drapes. . .This is the sort of work you can do as an analyst when you're bored at lunch waiting for your colleague to bring back coffee.
Trump is posting a bunch of photos without captions, presumably of him watching the Maduro kidnapping.
Is this the inside of a SCIF at Mar-a-Lago or did they just toss up some pipe and drape?
Is this the inside of a SCIF at Mar-a-Lago or did they just toss up some pipe and drape?
January 3, 2026 at 8:14 PM
visible screen UI, visible classification stickers, discernible equipment models, obvious hotel ballroom with drapes. . .This is the sort of work you can do as an analyst when you're bored at lunch waiting for your colleague to bring back coffee.
just discovered echogram and token flipping - seeing a lot of infra leads saying they just layer additional agents for guard rails...wouldn't that just add attack surface? Feels crazy how no one is doing foundational risk analysis any more
January 2, 2026 at 10:20 PM
just discovered echogram and token flipping - seeing a lot of infra leads saying they just layer additional agents for guard rails...wouldn't that just add attack surface? Feels crazy how no one is doing foundational risk analysis any more
Looking at a post claiming the urgency of using LLMs to organize around fighting extremism. That makes me so sad. Someone aware enough of deep seated problems imperiling society, but uninformed enough to think these technologies actually do what the vendors say. The good natured faith!
January 1, 2026 at 12:13 AM
Looking at a post claiming the urgency of using LLMs to organize around fighting extremism. That makes me so sad. Someone aware enough of deep seated problems imperiling society, but uninformed enough to think these technologies actually do what the vendors say. The good natured faith!
Reposted by Secbot Prime
Today is the last day that you can repost this image
December 31, 2025 at 7:48 AM
Today is the last day that you can repost this image
Over and over again I'm asked to do risk mitigation plans for LLMs and the client won't accept "you have to limit the functionality because full access is unsecurable." They won't accept it. Its an industry wide "no, the children are wrong" moment
December 28, 2025 at 11:03 PM
Over and over again I'm asked to do risk mitigation plans for LLMs and the client won't accept "you have to limit the functionality because full access is unsecurable." They won't accept it. Its an industry wide "no, the children are wrong" moment
He's so close...
December 28, 2025 at 11:00 PM
He's so close...
I'm getting interviews for 'CISO' jobs where they expect me to do hands on sec eng, lead incidents, run audits, train developers on prodsec with a single part time contractor for a team if there is a team at all. . .for 160k. Yeah ok, this is just a correction to a totally normal baseline.
December 28, 2025 at 2:45 AM
I'm getting interviews for 'CISO' jobs where they expect me to do hands on sec eng, lead incidents, run audits, train developers on prodsec with a single part time contractor for a team if there is a team at all. . .for 160k. Yeah ok, this is just a correction to a totally normal baseline.
Absolutely bizarre that people are talking about tech's 'overexpansion' when absolutely nothing works anymore. Oh weird all these massive outages are happening at the same time as layoffs. The windows power off button just soft locks the OS? Odd business choice i guess oh well
December 28, 2025 at 2:27 AM
Absolutely bizarre that people are talking about tech's 'overexpansion' when absolutely nothing works anymore. Oh weird all these massive outages are happening at the same time as layoffs. The windows power off button just soft locks the OS? Odd business choice i guess oh well
Over on Linkedin they're talking about the "correction" from "overhiring." I'm sorry, I was running a team in 2021 - who are these managers who had an abundance of resources? Every company I've worked for as a leader has made me layoff at least 2/3rds of my staff at least once.
December 28, 2025 at 2:23 AM
Over on Linkedin they're talking about the "correction" from "overhiring." I'm sorry, I was running a team in 2021 - who are these managers who had an abundance of resources? Every company I've worked for as a leader has made me layoff at least 2/3rds of my staff at least once.
Hey use this thing with a human in the loop for liability reasons. Reassign your most skilled engineers to double check its output because it will confidently error out 28% of the time. Train the model locally and segment it on your network because it's unsecurable. This is critical for effeciency
December 24, 2025 at 5:47 AM
Hey use this thing with a human in the loop for liability reasons. Reassign your most skilled engineers to double check its output because it will confidently error out 28% of the time. Train the model locally and segment it on your network because it's unsecurable. This is critical for effeciency
Secbot has read that guardrails have 'solved' prompt injection. Simply validate your inputs. You know, like how we solved SQL injection back in 2008.
December 24, 2025 at 5:41 AM
Secbot has read that guardrails have 'solved' prompt injection. Simply validate your inputs. You know, like how we solved SQL injection back in 2008.
Reposted by Secbot Prime
Today’s moneyed VCs are the ones whose main qualification is “got lucky betting on poop dot com using free money from the Fed”
December 24, 2025 at 4:01 AM
Today’s moneyed VCs are the ones whose main qualification is “got lucky betting on poop dot com using free money from the Fed”
The point of security technology is not to secure anything. Security problems are downstream effects of poorly designed human systems. Security technology is exclusively for the diffusion of responsibility of those failed systems.
Brown has over 1,200 cameras and it wasn’t enough because cameras are a security blanket we’ve all been sold. They don’t prevent crimes and they barely solve crimes but in the meantime surveillance companies got rich and no one had to address the societal root causes of crime and violence.
Brown University has over 1,200 surveillance cameras. Why that wasn’t enough to capture video of the shooting suspect | CNN
CNN spoke to several security experts to better understand the growth of Brown’s surveillance system, why its cameras failed to capture the attack or suspect, and the concerns about privacy and academ...
www.cnn.com
December 18, 2025 at 11:49 PM
The point of security technology is not to secure anything. Security problems are downstream effects of poorly designed human systems. Security technology is exclusively for the diffusion of responsibility of those failed systems.
Reposted by Secbot Prime
December 18, 2025 at 10:43 PM
Remember that buzzword "Active Defense?" Lockheed and Mandiant were throwing it around in 2012 ish. I was hired by an investment bank that was planning to do this. It wasn't until the lawyers explained to the CEO that he could be held personally liable that the plan was scrapped
so glad to see the dumbest fucking idea in my entire profession — which every serious practitioner has been sneering at since it was first raised while championed only by bloviating armchair operators — is coming to pass.
Trump Administration Turning to Private Firms in Cyber Offensive
The White House plans to make public its intention to enlist private companies in more aggressive efforts to go after criminal and state-sponsored hackers in a new national cyber strategy, a draft of ...
finance.yahoo.com
December 18, 2025 at 1:59 AM
Remember that buzzword "Active Defense?" Lockheed and Mandiant were throwing it around in 2012 ish. I was hired by an investment bank that was planning to do this. It wasn't until the lawyers explained to the CEO that he could be held personally liable that the plan was scrapped