security

Human nature fears the unknown, and with the rapid progress of AI, concerns naturally arise. Uncanny robocalls, data breaches, and misinformation floods are among the worries. But what about security in the era of large language models?

In this episode, we hear from security leaders at OpenAI, Anthropic, and Google DeepMind. Matt Knight, Head of Security at OpenAI, Jason Clinton, CISO at Anthropic, and Vijay Bolina, CISO at Google DeepMind, are joined by Joel de la Garza, operating partner at a16z and former chief security officer at Box and Citigroup.

Together, they explore how large language models impact security, including changes in offense and defense strategies, misuse by nation-state actors, prompt engineering, and more. In this changing environment, how do LLMs transform security dynamics? Let's uncover the answers.

Resources:

Find Joel on LinkedIn: https://www.linkedin.com/in/3448827723723234/

Find Vijay Bolina on Twitter: https://twitter.com/vijaybolina

Find Jason Clinton on Twitter: https://twitter.com/JasonDClinton

Find Matt Knight  on Twitter: https://twitter.com/embeddedsec

Stay Updated: 

Find a16z on Twitter: https://twitter.com/a16z

Find a16z on LinkedIn: https://www.linkedin.com/company/a16z

Subscribe on your favorite podcast app: https://a16z.simplecast.com/

Follow our host: https://twitter.com/stephsmithio

Please note that the content here is for informational purposes only; should NOT be taken as legal, business, tax, or investment advice or be used to evaluate any investment or security; and is not directed at any investors or potential investors in any a16z fund. a16z and its affiliates may maintain investments in the companies discussed. For more details please see a16z.com/disclosures.

In a narrow vote, the US Federal Trade Commission banned almost all noncompete agreements, a staple of the tech industry for years.

Learn how a 2017 tax law is haunting startups in 2024.

Finnish hacker Aleksanteri Kivimäki exposed tens of thousands of confidential psychiatric records and tried to extort payment directly from the affected patients. Read more about it here or here. 

It happened: President Biden signed the TikTok “ban,” setting a deadline for the platform’s parent company, China-based ByteDance, to divest the app within a year. And TikTok faces yet more hurdles ahead.

Net neutrality is back, baby. Here’s what that means.

ICYMI: A backdoor in XZ, a popular open-source compression utility, highlights the risks of relying on open-source software maintained by small teams. Read more about the cyberattack here.

Apple’s new LLM, Ferret, could help Siri understand the user interfaces of mobile displays, potentially expanding the capabilities of Apple’s digital assistant. 

Shoutout to Stack Overflow user cheese1756, who earned a Great Question badge by asking How do I ensure that whitespace is preserved in Markdown?.

A developer discovered a backdoor in XZ, a popular open-source compression utility. Read more about the cyberattack here.

A Microsoft technical report pinpoints 54 attributes of great software engineers.

A new report from The Economist lays out how AI is changing drug development.

Are you sick of hearing about AI? What topics or technologies would you rather hear us talk about? Email us at podcast@stackoverflow.com or DM Ben here.

American Dynamism. A term coined by a16z General Partner, Katherine Boyle, two years ago, when she and David Ulevitch founded the firm's American Dynamism investing practice.

Beyond a sector or movement, American Dynamism embodies innovation, community, and a unique philosophy touching every facet of American life.

In this episode, we hear from 10 voices, including policymakers, founders, and funders, as they share what American Dynamism means to them. They discuss the critical technologies shaping the future and the challenges on the path to the next decade of dynamism. 

Stay tuned for more exclusive conversations from a16z's second annual American Dynamism Summit in Washington, D.C.

Resources: 

Find Dr. Kathryn Huff on Twitter: https://twitter.com/katyhuff

Find Nand Mulchandani on Twitter: https://twitter.com/nandmulchandani

Find Doug Beck and the DIU on Twitter: https://twitter.com/diu_x

Find Mitch Lee on Twitter: https://twitter.com/dontmitch

Find Ian Cinnamon on Twitter: https://twitter.com/IanCinnamon

Find Doug Bernauer and Radiant on Twitter: https://twitter.com/radiantnuclear

Find Chris Bennett on Twitter: https://twitter.com/8ennett

Find Mike Slagh on Twitter: https://twitter.com/MikeSlagh

Find Rahul Sidhu on Twitter: https://twitter.com/rahoolsidoo

Find Wyatt Smith on Twitter: https://twitter.com/wyatt_h_smith

Learn more about American Dynamism: https://a16z.com/american-dynamism

Stay Updated: 

Find a16z on Twitter: https://twitter.com/a16z

Find a16z on LinkedIn: https://www.linkedin.com/company/a16z

Subscribe on your favorite podcast app: https://a16z.simplecast.com/

Follow our host: https://twitter.com/stephsmithio

Please note that the content here is for informational purposes only; should NOT be taken as legal, business, tax, or investment advice or be used to evaluate any investment or security; and is not directed at any investors or potential investors in any a16z fund. a16z and its affiliates may maintain investments in the companies discussed. For more details please see a16z.com/disclosures.

Mobb offers AI-powered technology that automates vulnerability remediations with a goal of helping development teams significantly reduce their security backlogs and free up more time for innovation. 

Check out their blog or dive into their docs.

Connect with Eitan on LinkedIn.

Shoutout to Konrad, who won a Stellar Question badge for What is the difference between private and protected members of C++ classes?.

A white-hat hacker uncovered security vulnerabilities in an AI-powered hiring system used by fast-food chains and hourly employees around the world. Read the blog post or watch this explainer.

Mariposa is a programming language with time travel.

Want to be an individual contributor (IC) who still amplifies the performance of everyone around you? Be a radiating programmer.

Congratulations to onmyway133, winner of a Stellar Question badge for What does the suspend function mean in a Kotlin Coroutine?.

with @alive_eth @danboneh @smc90

This week's all-new episode covers the convergence of two important, very top-of-mind trends: AI (artificial intelligence) & blockchains/ crypto. These domains together have major implications for how we all live our lives everyday; so this episode is for anyone just curious about, or already building in the space. 

The conversation covers topics ranging from deep fakes, bots, and the need for proof-of-humanity in a world of AI; to big data, large language models like ChatGPT, user control, governance, privacy and security, zero knowledge and zkML; to MEV, media, art, and much more. Our expert guests (in conversation with host Sonal Chokshi) include: 

• Dan Boneh, Stanford Professor (and Senior Research Advisor at a16z crypto), a cryptographer who’s been working on blockchains for over a decade and who specializes in cryptography, computer security, and machine learning -- all of which intersect in this episode;
• Ali Yahya, general partner at a16z crypto, who also previously worked at Google -- where he not only worked on a distributed system for a fleet of robots (a sort of "collective reinforcement learning") but also worked on Google Brain, where he was one of the core contributors to the machine learning library TensorFlow built at Google.

The first half of the hallway-style conversation between Ali & Dan (who go back together as student and professor at Stanford) is all about how AI could benefit from crypto, and the second half on how crypto could benefit from AI... the thread throughout is the tension between centralization vs. decentralization.  So we also discuss where the intersection of crypto and AI can bring about things that aren't possible by either one of them alone...

pieces referenced in this episode/ related reading:

• The Next Cyber Reasoning System for Cyber Security (2023) by Mohamed Ferrag, Ammar Battah, Norbert Tihanyi, Merouane Debbah, Thierry Lestable, Lucas Cordeiro
• A New Era in Software Security: Towards Self-Healing Software via Large Language Models and Formal Verification (2023) by  Yiannis Charalambous, Norbert Tihanyi, Ridhi Jain, Youcheng Sun, Mohamed Ferrag, Lucas Cordeiro
• Fixing Hardware Security Bugs with Large Language Models (2023) by Baleegh Ahmad, Shailja Thakur, Benjamin Tan, Ramesh Karri, Hammond Pearce
• Do Users Write More Insecure Code with AI Assistants? (2022) by Neil Perry, Megha Srivastava, Deepak Kumar, Dan Boneh
• Asleep at the Keyboard? Assessing the Security of GitHub Copilot's Code Contributions (2021) by Hammond Pearce, Baleegh Ahmad, Benjamin Tan, Brendan Dolan-Gavitt, Ramesh Karri
• Voting, Security, and Governance in Blockchains (2019) with Ali Yahya and Phil Daian   
   

As a reminder: none of the following should be taken as investment, legal, business, or tax advice; please see a16z.com/disclosures for more important information -- including to a link to a list of our investments – especially since we are investors in companies mentioned in this episode.

Stay Updated: 

Find a16z on Twitter: https://twitter.com/a16z

Find a16z on LinkedIn: https://www.linkedin.com/company/a16z

Subscribe on your favorite podcast app: https://a16z.simplecast.com/

Follow our host: https://twitter.com/stephsmithio

Please note that the content here is for informational purposes only; should NOT be taken as legal, business, tax, or investment advice or be used to evaluate any investment or security; and is not directed at any investors or potential investors in any a16z fund. a16z and its affiliates may maintain investments in the companies discussed. For more details please see a16z.com/disclosures.

What is the rocket equation? How do airplanes fly? Neil deGrasse Tyson and comic Chuck Nice go through some things you thought you knew about how airplanes fly, x-rays, and how to fuel a rocket. 

NOTE: StarTalk+ Patrons can listen to this entire episode commercial-free here: https://startalkmedia.com/show/things-you-thought-you-knew-up-up-and-away/

Photo Credit: NASA/Joel Kowsky, Public domain, via Wikimedia Commons

Why do we need a Space Force? Neil deGrasse Tyson & co-host Chuck Nice break down the newest branch of the US military, The Space Force, with Charles Liu, Major General DeAnna Burt and Dr. Moriba Jah. How much of your life is touched by space?

NOTE: StarTalk+ Patrons can watch or listen to this entire episode commercial-free.

Thanks to our Patrons Lisa Cotton, Luis Stark, Oscar h, Travis Mansfield, Justin Thomas, Josh Wise, and Astaroth for supporting us this week.

Photo Credit: U.S. Space Force, Public domain, via Wikimedia Commons

In this special “3x”-long episode of our (otherwise shortform) news analysis show 16 Minutes -- past such 2-3X explainer episodes have covered section 230, Tiktok, GPT-3, the opioid crisis, more -- we cover the SolarWinds hack, one of the largest (if not the largest!) publicly known hacks of all time... and the ripple effects are only now starting to be revealed. Just this week, the U.S. Cybersecurity and Infrastructure Security Agency shared (as reported in the Wall Street Journal) that approximately 30% of both private-sector and government victims linked to the hack had no direct connection to SolarWinds. So who was compromised, do they even know, can they even know?!

Because this hack is a supply-chain compromise involving various third-party software and services all connected together in a "chain of chains", the knock-on effects of it will be revealed (or not!) for years to come. So what do companies -- whether large enterprise, mid-sized startup, or small business -- do? What actually happened, and when does the timeline really begin? While first publicly revealed in December 2020 -- we first covered the news in episode #49 here when it first broke, and there have been countless headlines since (about early known government agency victims, company investigations, other tool investigations, debates over who and how and so on) -- the hack actually began not just a few months but years earlier, involving early tests, legit domains, and a very long game.

We help cut through the headline fatigue of it all, tease apart what's hype/ what's real, and do an "anatomy of a hack" step-by-step teardown -- the who, what, where, when, how; from the chess moves to technical details -- in an in-depth yet accessible way with Sonal Chokshi in conversation with a16z expert and former CSO Joel de la Garza and outside expert Steven Adair, founder and president of Volexity. The information security firm (which specializes in incident response, digital forensics/ memory analysis, network monitoring, and more) not only posted guidance for responding to such attacks, but also an analysis based on working three separate incidents involving the SolarWinds hackers. But how did they know it was the same group? And why was it not quite the perfect crime?

image: Heliophysics Systems Observatory spacecraft characterize, in the highest cadence, the constant stream of particles exploding from the sun affect Earth, the planets, and beyond via NASA Goddard Space Flight Center / Flickr

Many don’t realize we even need to think about the possibility of security hacks when it comes to things like pacemakers, insulin pumps, and more. But when bits and bytes meet flesh and blood, security becomes literally a life or death concern. So what are the issues and risks we need to be aware of in exposing security vulnerabilities in connected biomedical devices?

This conversation—with Beau Woods, Cyber Safety Innovation Fellow with the Atlantic Council, part of the I Am The Cavalry grassroots security initiative, Founder/CEO of Stratigos Security; Andy Coravos, co-founder and CEO of Elektra Labs, advisor to the Biohacking Village at DEF CON (both of whom were formerly EIRs at the FDA); and a16z's Hanne Tidnam covers how we should begin to think about addressing these security issues in the biomedical device space. What are the frameworks that should guide our conversations, and how and when (and which!) stakeholders should be incentivized to address these challenges? How did the FDA begin to think about security as part of the safety of all medical devices, including software as a medical device, and how we should think about understanding, monitoring, and updating the security of these devices—from philosophical statements to on-the-ground practical fixes and updates?

A dive into the sociological, operational, and tactical realities of this murky underworld, Lusthaus and de la Garza discuss who the players are, what they are motivated by, and specialize in—as well as how basic ideas like trust and anonymity function in a world where no one wants to get caught. How do criminal nicknames function as brand? Which countries tend to specialize in what kinds of crime, and why? And most of all, what changes when you begin to think of the business of cybercrime as an industry?

The Chief Security Officer (CSO/CISO) used to manage on-premise servers, now the information they have to secure has migrated to the cloud. As the responsibility of CSOs has expanded, the role has moved from technical IT to the boardroom. How do the best CSOs prepare for and respond to a crisis, from redteaming to comms? What responsibility should cloud & SaaS vendors, not to mention the government, have in security and data breaches?  And how is the role going to evolve in the next five years? 

At our a16z Innovation Summit last year, we sat down with two security leaders whose career has evolved as the role has – Joe Sullivan, former CSO at Uber and Facebook, now at Cloudflare and Joel de la Garza, current security partner at a16z, formerly CISO at Box. 

John McAfee talks with Rob about blockchain, security issues and the future of cryptocurrencies. How our world is changing, how to adapt and what to expect in the next few years. He also shares his thoughts about the educational system, the things he learned throughout his journey, the best and worst advice he ever got, and much more!

[Business, mindset, entrepreneur, disruptors]

VALUABLE RESOURCES

https://robmoore.com/

bit.ly/Robsupporter  

https://robmoore.com/podbooks

 rob.team

ABOUT THE HOST

Rob Moore is an author of 9 business books, 5 UK bestsellers, holds 3 world records for public speaking, entrepreneur, property investor, and property educator. Author of the global bestseller “Life Leverage” Host of UK’s No.1 business podcast “Disruptors”

“If you don't risk anything, you risk everything”

CONTACT METHOD

Rob’s official website: https://robmoore.com/

Facebook: https://www.facebook.com/robmooreprogressive/?ref=br_rs

LinkedIn: https://uk.linkedin.com/in/robmoore1979

disruptive, disruptors, entreprenuer, business, social media, marketing, money, growth, scale, scale up, risk, property: http://www.robmoore.com