Brutkey

arclight
@arclight@oldbytes.space

I'm ruminating on spending the effort to write this up from a nuclear engineering perspective and posting it to LinkedIn, just for the grins.

I know, posting anything to LinkedIn is about as advisable as repeatedly striking oneself in the forehead with the pointy end of a geologist's rock pick. Completely inadvisable.

Our internal developer discussion today centered on discussing these issues, basically treating generative AI as a grievous security risk that nobody in our industry is prepared to handle. You thought Stuxnet and SCADA attacks were a major worry - bah! Those sorts of attacks are nation-state movie plot risks by comparison. Yes, they are real - follow @vncresolver@fedi.computernewb.com for some appalling fun - but they are rare, especially in nuclear. At least rare compared to the number of engineers whose managed work machines have Microsoft Office, Acrobat Reader, and similar AI-tainted tools installed by their authoritarian betters in corporate IT.

Basically our internal engineering and developer communities are working to raise awareness of the security risk of AI, how AI systems operate, the details of the vulnerabilities, the consequences, and what little defenses we have beyond personal awareness. With IT often locking things down to the point that we cannot protect ourselves or worse, actively enabling and propagating risk, we need to support each other in defending against AI.

I'm not sure that feeding content into LinkedIn could do anything positive but there may be a few engineers out there who still take their security responsibilities under 10CFR seriously.

Then again, the rule of law is dead in the US and trying to prop up its rotting corpse will just get me pegged (further) as an enemy of the state. No matter what I do, I'm going to end up in a camp, probably sooner than later.