Blog

I wrote up some fairly off-the-cuff travel cybersecurity advice back in 2022 for a client, and it’s generic and useful and still current enough that I thought I would post a lightly-edited version here.

Its audience is mostly-US persons and US-based organizations traveling abroad for conferences in a professional capacity, although I think it is fairly applicable outside that. This advice is also specifically not for people who believe they are or may be actively targeted!

Obviously in fall 2025 the risk calculus, particularly for non-US persons traveling to the US, is changing very rapidly, and without doing substantially more reading and thinking I don’t feel I can give good advice to that specifically. I do think the advice here still provides a good, safe baseline for everyone, and additional measures can be layered on top as you need and desire.

---

tl;dr:

1. If you are ever concerned that your device may have been compromised, stop whatever you’re doing and reboot it immediately.
2. Take your software updates, always, but especially before you travel.
3. Don’t click through certificate warnings on public WiFi!

How come? Read on.

Continue reading “Basic Conference Travel Cybersecurity Advice”

This is a thing that I’ve been sending around.

Friends and family, I’ve been following developments in global financial markets, the manufacturing and construction sectors, and physical supply chains very closely following Trump’s announcement of massive tax increases (tariffs) last week.

I think it is likely that we are headed for a set of supply-and-demand shocks—different in their particulars, but—similar in magnitude to the ones we experienced in the early days of COVID in the spring of 2020. We’ve weathered shocks like this before, and we will weather them again, but they always fucking suck.

What I’m doing for myself, and what I would encourage you to do, is this: Lay in at least a 2-3 month supply of staples, whether sourced domestically or abroad, and, ideally, lay in a 6 month supply of anything you can’t live without.

For staples I mean things like food but also paper products (in the US, many of ours come from Canada), medications and supplements (many of ours come from Mexico), coffee, tea, chocolate, spices, vanilla, liquor, contraceptive products, cosmetics, personal care products, etc.

Also anything you need for summer (I need to buy an air conditioner).

I hope that I’m wrong, nothing comes of this, and I just wind up with extra paper towels in my closet for the next six months, but all my early warning signs are flashing danger right now.

P.S. Also, Congress and, in particular, Republicans in the Senate can end this any time they want, so, I encourage you to please call your Senators and ask them to remove tariff-setting power from the President and return it to Congress.

tl;dr I will probably not be purchasing a Gradient All-Weather Window Mounted Heat Pump, and you probably shouldn’t either.

I have now had the dubious pleasure of interacting with a customer “service” representative which I strongly suspect to be either entirely an LLM or a human relying ~entirely on an LLM.

Given the fact that I’m making this post, and what its title is, to say that I was dissatisfied with the experience would be an understatement.

If there really were a person on the other end of this interaction, I would describe the experience as like talking with an undergrad who skimmed the reading right before class, can’t recognize when they’re being asked a question which requires them to reason and potentially call on outside information that is not directly in front of them, and refuses to acknowledge that they’re unprepared.

And in general this is the core problem with using LLMs in this context. Customer service has two primary purposes: To provide a human interface to existing material for customers who prefer that, who can’t access the existing material, or who can but can’t navigate or understand it; and, exception handling. Exception handling breaks down into two sub-categories: Known exceptions, and unknown exceptions (with apologies to Mr. Rumsfeld).

LLMs, pretty much by their nature, cannot be trusted to handle unknown exceptions, because unknown exceptions are definitionally outside their training data. I would also be surprised to discover that they were particularly good at handling known exceptions without significant work on the part of the people deploying them. (Also the downside risk here is high, as in the Air Canada case where an LLM customer support system made up a bereavement policy—a known exception—and the courts rightly forced Air Canada to honor it.)

Anyway, after wasting too many of the limited seconds of my very human and all-too-short life on this presumptive LLM, I decided that the best disincentive to Gradient, the subject of today’s post, continuing this practice, and the best disincentive to other companies adopting it, was public shaming.

Honestly it’s probably for the best, as Gradient’s products are incredibly expensive compared to other consumer HVAC products, as well as poorly reviewed by other early adopters.

I will, of course, update this post if I get in touch with an actual human, and not a steaming pile of matrix math pretending to be a human, but at this point I’m not holding my breath.

Without further ado, I present, Who’s On First? Novel Consumer HVAC Product Edition.

Continue reading “The Kafkaesque Hell of LLM-Powered Customer “Service””

The faces of the first 9 guests on the Critical Point War Stories podcast

Here’s how it went: On August 1, 2023, I pressed ‘publish’ on the first video of the Critical Point War Stories podcast. A couple days later I launched the audio version of the podcast (available, as they say, wherever you get your podcasts).

Some time between July 1 and August 1 of this year I crossed 100 verified subscribers (best estimate, across all platforms).

Eleven episodes in (9 main, 2 bonus), I’m feeling good about it! I’ve had a ton of fun with it so far.

If you’re the kind of person who prefers to binge your podcasts, well, we now have a bingeable amount of content and there’s no better time to dive into it than now.

I’m taking a little bit of a hiatus as I get settled in Brooklyn (oh yes, I’ve moved to Brooklyn!), but I’m hard at work behind the scenes getting things lined up, and I’m very excited for what I’m going to bring to you all over the next year!

(Just to whet your appetite, I can say that there’s still a couple bonus episodes with Melanie Ensign yet to come, including the one where we talk about sharks.)

If you’re still the kind of weirdo (complimentary) who follows my blog, I think you’ll get a kick out of the podcast as well, and I hope that you subscribe!

[フレーム]

This is not my work but some colleagues and friends at Consumer Reports and Include Security have a nice post up about their, uh, security adventures developing an LLM-powered chatbot application. (They independently discovered the vulnerabilities recently published as LLM4Shell at BlackHat Asia.)

Who’s Verifying the Verifier: A Case-Study in Securing LLM Applications

[フレーム]

tl;dr:

The code is a little confusing, but it basically executes ( exec() ) all the code except for the last line (as system commands) generated from the LLM and then evaluates ( eval() ) the last line of code (as python). We also notice the sanitize function, which should be doing something to reduce risk; however we found that it only removes spaces and "python" from the beginning of the code, as well as backtick marks around the code:

And it gets, uh, “better” from there.