Dr. Fred Cohen

Why Federated models in AI leak secrets

I was at a meeting last week discussing how AI models might be used to support archives forefficiency, effectiveness, etc. while maintaining the requirements for those archives to providereliable and authentic records and maintain confidentiality of relevant record data elements. Someone across the room indicated that they were going to federate models, not records themselves, …

Why Federated models in AI leak secrets Read More »

Asking the right questions

I very often see false choices about paths forward. One of the most common ones is the question about the future of humanity regarding AI, robotics, computers, cloning, vaccines, genetic engineering, you name it. Any new area of technology with a tremendous potential is always a multi-edged sword, and someone will always ask the question …

Asking the right questions Read More »

The do nothing defense

Of course until you are successfully attacked, doing nothing about security is a great approach. It saves money and time and costs you nothing. So lots of folks do nothing, or almost nothing, and I include myself in this latter approach – almost nothing. As little as I can get away with I do as …

The do nothing defense Read More »

API Security vs AUI security

How is an application program interface different from an other application interface? At a basic level, they are the same – in the sense that anything that can be exploited from one can be exploited from another – or at least it should be that way from a security perspective. But unfo9rtunately, that’s not how …

API Security vs AUI security Read More »

Privilege Escalation and Trust

Privilege escalation has always been a problem in computers, and after all these years, we still don’t seem to have a handle on the issue. I think this is closely related to our lack of understanding and systematic deployment of trust models and the nature of trust. Non-zero trust One of the good things about …

Privilege Escalation and Trust Read More »