If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve?

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Sun, 14 Jun 2026 17:00:04 GMT

schwa@mastodon.social — Sun, 14 Jun 2026 17:00:04 GMT

@jonny how about both?

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Sun, 14 Jun 2026 16:49:30 GMT

0x00string@infosec.exchange — Sun, 14 Jun 2026 16:49:30 GMT

@jonny hahahahahahahahahahahahahahahahahaha

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Sat, 13 Jun 2026 14:14:46 GMT

cjwatson@mastodon.ie — Sat, 13 Jun 2026 14:14:46 GMT

@aspragg @jonny It was pretty much my first reaction too when I saw people being all bootlicky about LLMs on LWN. https://lwn.net/Articles/1075409/

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Sat, 13 Jun 2026 11:37:29 GMT

at1st@mstdn.ca — Sat, 13 Jun 2026 11:37:29 GMT

@jonny "Sir, this post on your forum is malware for including the text 'Delete System32 - it makes Windows run faster.'!"

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Fri, 12 Jun 2026 10:52:49 GMT

gws@mastodon.cloud — Fri, 12 Jun 2026 10:52:49 GMT

@c0dec0dec0de @jonny *laughs in von Neumann*

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Thu, 11 Jun 2026 16:51:09 GMT

aspragg@ohai.social — Thu, 11 Jun 2026 16:51:09 GMT

@jonny Has very similar vibes to a toot from a few weeks ago along the lines of "I can't believe we went from "sanitise all user input" to "eval the internet as root" in a decade, but here we are"

(Original tooter not pleased with escaping containment, and toot not quotable, so paraphrasing and not linking deliberately)

So weird

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Thu, 11 Jun 2026 14:11:50 GMT

rysiek@mstdn.social — Thu, 11 Jun 2026 14:11:50 GMT

@dhd6 it's worse. it's "I ignored warnings about self-driving cars being dangerous, and my self driving car ignored a stop sign and ended up driving into a train, so I am now angry with the train company that the train did damage to my self-driving car"

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Thu, 11 Jun 2026 11:07:57 GMT

resuna@ohai.social — Thu, 11 Jun 2026 11:07:57 GMT

@jonny

Also, it's not a fucking AI. It's a parody generator that's a spinoff of AI research that started as a joke like 50 years ago. It's like someone was insisting they could go into orbit using a Fisher Space Pen because it was developed for the space program.

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Thu, 11 Jun 2026 10:45:42 GMT

dec23k@mastodon.ie — Thu, 11 Jun 2026 10:45:42 GMT

@jonny
It's better for the environment if the payload is `sudo shutdown now` or `sudo telinit 0`

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Thu, 11 Jun 2026 10:32:55 GMT

patterfloof@meow.social — Thu, 11 Jun 2026 10:32:55 GMT

@resuna @jonny yeah, the old "amish virus" sigs https://www.reddit.com/r/funny/comments/dsvsq/the_amish_computer_virus/

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Thu, 11 Jun 2026 06:45:21 GMT

jonny@neuromatch.social — Thu, 11 Jun 2026 06:45:21 GMT

@resuna I didn't ask what the fuck anything about what you as an AI are about. I requested websites where the fucking thing i typed in is.

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Thu, 11 Jun 2026 06:44:28 GMT

jonny@neuromatch.social — Thu, 11 Jun 2026 06:44:28 GMT

@resuna it is so awesome that every act of seeking information is now interpreted as a conversational gesture.

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 23:02:06 GMT

tessarakt@mastodon.social — Wed, 10 Jun 2026 23:02:06 GMT

@marcink @jonny "pause simulation and open Holodeck exit"

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 20:21:16 GMT

joeyh@sunbeam.city — Wed, 10 Jun 2026 20:21:16 GMT

@jonny they don't need any more sophistication to literally hack Bank LLMs https://blue41.com/blog/how-we-helped-bunq-secure-their-financial-ai-assistant/

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 20:20:08 GMT

gbrayut@hachyderm.io — Wed, 10 Jun 2026 20:20:08 GMT

@ColinTheMathmo I tried to play along with Gemini pro 3.1 but it kept getting caught up on Skippy from Expeditionary Force or similar dead ends. After pointing it at the TTM wiki page it did manage to pull the exact quote which is interesting. Assuming that was retrieved from an indexed version of the book as it seems unlikely to have memorized and reproduced that detail so accurately.

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 19:56:24 GMT

colinthemathmo@mathstodon.xyz — Wed, 10 Jun 2026 19:56:24 GMT

@naga It is definitely TTM ... now downloaded a PDF and found the exchange.

Thank you for the memory!

CC: @cinebox @jonny

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 19:50:50 GMT

colinthemathmo@mathstodon.xyz — Wed, 10 Jun 2026 19:50:50 GMT

@naga Pretty sure it's not "Terminal Man", but it's a non-zero probability, and I'll have a scan later tonight.

It's the best option so far.

Another is the execrable "The Turing Option" ... I don't want to have to re-read that.

CC: @cinebox @jonny

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 18:24:06 GMT

resuna@ohai.social — Wed, 10 Jun 2026 18:24:06 GMT

@jonny

LOL, I just did a search for this and got this response.

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 18:18:15 GMT

colinthemathmo@mathstodon.xyz — Wed, 10 Jun 2026 18:18:15 GMT

@naga Absolutely I remember it, but my search-fu is failing me. I might need to tap my network of nerds ...

Well, one of my *other* networks of nerds ...

CC: @cinebox @jonny

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 18:16:41 GMT

resuna@ohai.social — Wed, 10 Jun 2026 18:16:41 GMT

@AnachronistJohn @jonny

Yes, I was amazed that they turned the "Good Times" virus hoax into a real possibility.

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 18:15:28 GMT

resuna@ohai.social — Wed, 10 Jun 2026 18:15:28 GMT

@jonny

Usenet used to be full of people appending "This is the honor system virus. Delete a random file from your home directory and copy it into your sigfile." to EVERY POST. Those landmines are still sitting there in their training data.

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 18:07:53 GMT

colinthemathmo@mathstodon.xyz — Wed, 10 Jun 2026 18:07:53 GMT

@naga There was a novel ... I have a clear memory of that, but not of which novel it was.

Now looking ...

CC: @cinebox @jonny

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 18:06:07 GMT

rysiek@mstdn.social — Wed, 10 Jun 2026 18:06:07 GMT

@jonny

"I ignored your very clearly expressed lack of consent to me using your stuff because fuck you; but how dare you not respect my right to use your shit without your consent!"

Reply to If such a completely unsophisticated “attack” can break the supply chain of software development, what can intentional attackers with malicious or financial interests achieve? on Wed, 10 Jun 2026 18:02:07 GMT

jonny@neuromatch.social — Wed, 10 Jun 2026 18:02:07 GMT

@rysiek
"I want to drive my enormous monster truck that flips if the ground is not perfectly flat so everybody better fucking clear everything for me because I am coming through"