Vulnerability reports, on their own, do not protect anyone. The value comes from validating the issue, understanding its impact, developing and testing a patch, coordinating disclosure, and helping teams deploy the fix.
大多数人认为发现并报告漏洞本身就提供了安全价值,但作者明确表示,单纯的漏洞报告并不能保护任何人。这一观点挑战了安全行业普遍重视漏洞数量而非修复质量的共识,强调了从发现到修复的完整流程才是真正有价值的部分。
The government believes it has become aware of a method of bypassing, or 'jailbreaking' Fable 5.
这是一个需要核实的政府声明,涉及AI安全漏洞的具体情况。需要确认政府是否真的发现了这种方法,以及该方法的有效性和影响范围。这反映了AI安全研究中的持续挑战。
These vulnerabilities all appear relatively simple, and we have found that other publicly-available models are able to discover them as well without requiring a bypass.
Anthropic声称发现的漏洞相对简单且其他模型也存在类似问题,这可能带有淡化政府担忧的偏见。需要独立验证这些漏洞的严重性以及与其他模型的比较是否准确。
in 89% of the 198 manually reviewed vulnerability reports, our expert contractors agreed with Claude's severity assessment exactly, and 98% of the assessments were within one severity level. If these results hold consistently for our remaining findings, we would have over a thousand more critical severity vulnerabilities and thousands more high severity vulnerabilities.
89%的严重性评估精确一致是一个重要的校准信号:它意味着Mythos不仅能找到漏洞,还能准确理解其安全影响。这个校准水平与经验丰富的人类安全研究员相当甚至更优。基于这个比率外推的「上千个关键严重性漏洞」虽然是估计值,但有统计基础——这是迄今为止关于AI大规模漏洞发现能力最有力的量化声明。
the total cost was under $20,000 and found several dozen more findings. While the specific run that found the bug above cost under $50, that number only makes sense with full hindsight. Like any search process, we can't know in advance which run will succeed.
2万美元找到「几十个」高严重性漏洞(包括一个27年历史的OpenBSD内核崩溃漏洞)——这个成本效益比彻底颠覆了传统安全审计的经济学。顶级渗透测试公司的日费率通常在数千到数万美元之间,且不保证结果。Mythos将漏洞发现的边际成本压缩到了每个漏洞数百美元级别,这意味着大规模、持续性的自动化漏洞狩猎在经济上已经完全可行。
Over 99% of the vulnerabilities we've found have not yet been patched, so it would be irresponsible for us to disclose details about them. Yet even the 1% of bugs we are able to discuss give a clear picture of a substantial leap in what we believe to be the next generation of models' cybersecurity capabilities.
「99%尚未修补」揭示了一个严峻的现实:这篇博文所讨论的内容,只是Anthropic已知漏洞库的冰山一角。负责任披露流程的时间成本(90+45天)意味着在这些漏洞被公开之前,存在一个漫长的窗口期,期间只有Anthropic和其合作伙伴知道这些漏洞的存在。SHA-3承诺机制是一个值得称道的问责工具,但它无法解决底层的信息不对称问题。
The bottleneck in cybersecurity is now verifying, disclosing, and patching the large numbers of vulnerabilities that Mythos-class models can surface.
大多数人认为网络安全的主要挑战是发现漏洞,但作者认为真正的瓶颈在于修复和修补这些漏洞,这颠覆了传统网络安全优先级的认知。
This attack achieved a high success rate against state-of-the-art models, including Claude Opus 4.7.
大多数人认为最新的AI模型已经足够先进可以抵抗基本的注入攻击,但作者证明即使是像Claude Opus 4.7这样的前沿模型也无法抵御简单的间接提示注入,这挑战了人们对先进AI模型安全性的过高期望。
we and our approximately 50 partners have used Claude Mythos Preview to find more than ten thousand high- or critical-severity vulnerabilities
这个10,000+的高危漏洞数量是一个惊人的统计数据,表明AI在漏洞发现方面已经达到前所未有的规模。50个合作伙伴平均每个找到200+个高危漏洞,这个数字远超传统安全方法的效率。然而,文章没有提供历史对比数据,无法评估这一数字的绝对意义,只能相对于传统方法有显著提升。
The most urgent finding this week comes from researchers who demonstrated that the very mechanism enabling agents to use tools - function calling - can be hijacked with alarming reliability.
这一发现揭示了AI代理工具调用接口的安全漏洞,为构建安全的AI代理系统提出了新的挑战。
we probably will publish more curl vulnerabilities in 2026 than we have done in many years, maybe ever.
大多数人认为随着安全实践的提升,软件漏洞数量应该减少,但作者预测2026年curl的漏洞发布数量可能会创下历史新高。这一观点挑战了'安全状况持续改善'的主流认知,暗示AI安全审计工具可能正在发现更多过去被忽视的漏洞。
JavaScript is not available. We've detected that JavaScript is disabled in this browser.
这句话看似简单,实则揭示了现代网络架构的脆弱性—整个平台功能依赖于单一技术组件。这种单点故障风险与平台宣称的'可靠性'形成鲜明对比,暗示了数字基础设施的潜在不稳定性。
We experienced a sudden and extreme spike in Gemini API usage. The traffic was not correlated with our actual users and appeared to be automated.
描述了高达54,000欧元的账单激增现象,表明AI API使用监控和防护存在严重漏洞,这种自动化滥用突显了当前API安全机制的脆弱性,对AI服务提供商和开发者都是警钟。
just a handful of obviously fake articles could cause Gemini, ChatGPT, and Copilot to inform users about an imaginary disease with a ridiculous name.
令人惊讶的是:仅凭少量明显虚假的文章就能导致主流AI模型传播虚构疾病信息。这揭示了AI训练数据容易被污染的脆弱性,也暗示了未来可能需要类似'低背景钢'的纯净数据源来确保AI输出的可靠性。
we had predetermined that we would withdraw the paper prior to publication if accepted, which we did.
通过评审后主动撤稿——这个决定令人感到既欣慰又不安。欣慰:Sakana AI 展示了负责任的研究伦理;不安:如果换一个不那么有道德感的团队,这篇 AI 生成的论文本可以悄悄混入正式出版的学术文献库。同行评审制度目前对 AI 生成内容几乎没有系统性防御,这是整个学术界的集体盲点。
select known-vulnerable dependency versions 50% more often than humans.
这一统计洞察颠覆了“AI写代码更安全”的迷思。AI代理在优化代码功能性时,往往以牺牲安全性为代价,倾向于选择存在已知漏洞的旧版本依赖。这反映出当前AI模型在训练时对安全维度的忽视,也警示我们在AI辅助开发流程中必须强制引入自动化的安全卡点。
current systems remain highly vulnerable
尽管AI安全领域近年来取得了显著进展,作者却断言当前系统仍然高度脆弱。这一与行业乐观情绪相悖的结论,基于对多个主流代理系统的实际测试,暗示AI安全问题可能比业界承认的要严重得多。
current systems remain highly vulnerable
尽管AI安全研究取得了显著进展,但作者通过AgentHazard基准测试表明,当前最先进的计算机使用代理系统仍然极其脆弱,这挑战了学术界和工业界对AI安全水平已经足够高的普遍认知。
trust can be defined as the individual or group’s willingness to be vulnerableto the other party
This classic definition of trust speaks to why trust is such a large concern—it requires that customers risk trusting in the chatbot, and for doing so, there needs to be belief in its responses
The success or effectiveness of psychotherapy relies on your willingness to be open to the process and be honest about what you’re feeling. It also depends on the dynamics of the patient-therapist relationship.
According to psychotherapist Esther Perel, "[in therapy speech], there is such an emphasis on the ‘self-care’ aspect of it that is actually making us more isolated and more alone, because the focus is just on the self".[21] Therapists find that using therapy speak can prevent people from being open and vulnerable with each other.[7] It may be used in an attempt to define the other person's lived experiences.[3] It is frequently used in ways that elevate a one-sided view of a relationship or situation.[9]
for - Indyweb dev - example - vulnerability of centralized activism
Using any of the authentication mechanisms (login, password reset, or password recovery), an application must respond with a generic error message regardless of whether: The user ID or password was incorrect. The account does not exist. The account is locked or disabled.
Incorrectly implemented error messages in the case of authentication functionality can be used for the purposes of user ID and password enumeration. An application should respond (both HTTP and HTML) in a generic manner.
holistic behaviour is that instability which occurs in objects that are very vulnerable to a change in one part: when one part changes,
And ’tis great pity that the noble MoorShould hazard such a place as his own secondWith one of an ingraft infirmity
Vulnerability is seen as the vice in this case. The absence of pride and ego. And yet that is what would prevent Iago's manipulative plot, the understanding and the released grip of pride and ego, and the acceptance of less noble intentions
most people don't realize how vulnerable we are I mean for example the the food supply in the average city in the United States if it's not daily 00:01:44 renewed would run out in about three days there's not much of a buffer there
Hitzewellen bedrohen durch ihre zunehmende Zahl und Intensität das globale Ernährungssystem. Der Guardian hat Experten zu den Folgen von Hitzewellen am Land und in den Ozeanen für die Ernährungssicherheit befragt. Hitzewellen haben dramatische Auswirkungen etwa auf die Erträge von Nutzpflanzen und auf Lebensbedingungen von Fischen. Die Folgen sind im Detail oft nur unzureichend erforscht. https://www.theguardian.com/environment/2023/jul/21/rampant-heatwaves-threaten-food-security-of-entire-planet-scientists-warn
Given the strong coupling between data andcryptosystems in blockchains, the potential vulner-ability of these cryptosystems to quantum attacks,the likely introduction of capable quantum com-puters in the mid-term future—not to mention theusual high monetary value of the assets secured byblockchains—it is important to more deeply under-stand their current level of vulnerability.
Author states its motivation: - strong coupling between data and cryptosystems in BCh - the cryptosystems potential vulnerability to quantum computers - the likely introduction of quantum computers in the mid-term future - also the high monetary value of the assets secured plus momentum of BCh.
Love, Its like a playing card A wild card, Your “lucky card”. You throw it into play Hoping it will land you your win. You throw it wrong, Your hand is forced You have to fold- But it hurts.
I want to know more...a deeper context to these emotions. Why do you think you need to fold? Are you afraid to be vulnerable? To take a chance? What will ease the pain?
Charles, S. J., Martin, J. A., Runicles, A., Chi, Z., Robertson, K., Barker, E. D., … Tye, C. (2022, February 1). Rare neurogenetic conditions and mental health of families during COVID-19. https://doi.org/10.31234/osf.io/teb7u
Kang, T. S., & Goodwin, R. (2022, January 31). Legal restrictions and mitigation strategies amongst a disabled population during COVID-19. https://doi.org/10.31234/osf.io/8daew
ReconfigBehSci on Twitter: ‘RT @bhrenton: Preliminary look into the visitor locations to https://t.co/j5ei0O4u1e mapped with new COVID-19 cases shows some overlaps, bu…’ / Twitter. (n.d.). Retrieved 13 February 2022, from https://twitter.com/SciBeh/status/1483697294373531652
Karlsson, L. C., Soveri, A., Lewandowsky, S., Karlsson, L., Karlsson, H., Nolvi, S., Karukivi, M., Lindfelt, M., & Antfolk, J. (2022). The behavioral immune system and vaccination intentions during the coronavirus pandemic. Personality and Individual Differences, 185, 111295. https://doi.org/10.1016/j.paid.2021.111295
Covid cases in England are 26 times higher than a year ago. (2021, August 28). The Guardian. http://www.theguardian.com/world/2021/aug/28/covid-cases-in-england-are-26-times-higher-than-a-year-ago
I shared this video with my father when he showed me that he was reading Dare to Lead.
My father was sharing a book by Brené Brown, Dare to Lead. I shared this website I had created while I was an instructor at the University of the Fraser Valley.
I pointed him to the TED talk by Brené Brown on The Power of Vulnerability.
Devlin, Hannah. “People with Chronic Conditions among Most at Risk from Covid Even after Jabs.” The Guardian, September 18, 2021, sec. World news. https://www.theguardian.com/world/2021/sep/18/people-with-chronic-conditions-among-most-at-risk-from-covid-even-after-jabs.
Silberner, J. (2021). Covid-19: How Native Americans led the way in the US vaccination effort. BMJ, 374, n2168. https://doi.org/10.1136/bmj.n2168
(2) David Fisman on Twitter: “Here’s some really simple modeling that hopefully will help provide some insight into why having a large, unvaccinated minority in Ontario is a problem for the population as a whole.” / Twitter. (n.d.). Retrieved August 23, 2021, from https://twitter.com/DFisman/status/1427940663925092354
Staff, Fox News. “McEnany Encourages People to Get COVID Vaccine: It Reduces Your Risk of Transmitting the Virus.” Text.Article. Fox News. Fox News, July 21, 2021. https://www.foxnews.com/media/mcenany-encourages-people-to-get-covid-vaccine-variant.
Dyer, O. (2021). Covid-19: Two thirds in India carry antibodies, while research suggests country’s death toll is 10 times official figure. BMJ, 374, n1856. https://doi.org/10.1136/bmj.n1856
the Guardian. “‘Mixed Advice’ Driving Covid Vaccine Hesitancy in Pregnant UK Women,” July 13, 2021. http://www.theguardian.com/world/2021/jul/13/mixed-advice-driving-covid-vaccine-hesitancy-in-pregnant-uk-women.
Griffin, S. (2021). Covid-19: Millions could be offered booster vaccinations from September. BMJ, 374, n1686. https://doi.org/10.1136/bmj.n1686
Sanderson, L., Harkin, L., Stuart, A., Stevenson, C., Park, M. S.-A., Yan, R. J., Mitra, S., Nuseibeh, B., Gooch, D., & Katz, D. (2021). A Siege on Positive Ageing: COVID-19 as Exacerbating Age-based Stereotype Threats among Older Adults [Preprint]. PsyArXiv. https://doi.org/10.31234/osf.io/pufd5
agencies, Guardian staff and. “Children Are ‘Vulnerable Host’ for Covid as Cases Recede, US Expert Warns.” the Guardian, June 7, 2021. http://www.theguardian.com/world/2021/jun/07/children-covid-vulnerable-host-cases-recede-us.
In short: storing the token in HttpOnly cookies mitigates XSS being used to get the token, but opens you up to CSRF, while the reverse is true for storing the token in localStorage.
Remember that any Cross-Site Scripting (XSS) can be used to defeat all CSRF mitigation techniques!
That means if an attacker can inject some JavaScript code that runs on the web app’s domain, they can steal all the data in localStorage. The same is true for any third-party JavaScript libraries used by the web app. Indeed, any sensitive data stored in localStorage can be compromised by JavaScript. In particular, if an attacker is able to snag an API token, then they can access the API masquerading as an authenticated user.
But there’s a drawback that I didn’t like about this option: localStorage is vulnerable to Cross-site Scripting (XSS) attacks.
the majority of XSS attacks target theft of session cookies. A server could help mitigate this issue by setting the HttpOnly flag on a cookie it creates, indicating the cookie should not be accessible on the client.
Cross-site scripting (XSS) vulnerabilities (even in other applications running on the same domain) allow attackers to bypass essentially all CSRF preventions.
Tuncgenc, B., El Zein, M., Sulik, J., Newson, M., Zhao, Y., Dezecache, G., & Deroy, O. (2020). We distance most when we believe our social circle does [Preprint]. PsyArXiv. https://doi.org/10.31234/osf.io/u74wc
News, J. A., Kaiser Health. (n.d.). Why the U.S. Is Underestimating COVID Reinfection. Scientific American. Retrieved 10 February 2021, from https://www.scientificamerican.com/article/why-the-u-s-is-underestimating-covid-reinfection/
Ministers to ask the elderly not to leave their homes if coronavirus spreads. (2020, March 8). The Sun. https://www.thesun.co.uk/news/11126951/uk-world-leader-serious-disease-jenny-harries/
Faraji, J., & Metz, G. A. S. (2021). Ageing, Social Distancing, and COVID-19 Risk: Who is more Vulnerable? PsyArXiv. https://doi.org/10.31234/osf.io/8k56a
King, L., Feddoes, D. E., Kirshenbaum, J. S., Humphreys, K., & Gotlib, I. (2020). Pregnancy during the pandemic: The impact of COVID-19-related stress on risk for prenatal depression. PsyArXiv. https://doi.org/10.31234/osf.io/3vsxc
Wu, K. J. (2020, November 2). A Rapid Virus Test Falters in People Without Symptoms, Study Finds. The New York Times. https://www.nytimes.com/2020/11/02/health/coronavirus-testing-quidel-sofia.html
Gallacher, J., & Bright, J. (2021). Hate Contagion: Measuring the spread and trajectory of hate on social media. PsyArXiv. https://doi.org/10.31234/osf.io/b9qhd
Sprengholz, P., Korn, L., Eitze, S., & Betsch, C. (2021). Allocation of COVID-19 vaccination: When public prioritization preferences differ from official regulations. PsyArXiv. https://doi.org/10.31234/osf.io/6na7t
Older Adults Maintain Emotional Advantage Amid COVID-19. (n.d.). Association for Psychological Science - APS. Retrieved 24 February 2021, from https://www.psychologicalscience.org/publications/observer/obsonline/older-emotional-advantage.html
Tunçgenç, B., Zein, M. E., Sulik, J., Newson, M., Zhao, Y., Dezecache, G., & Deroy, O. (n.d.). Social influence matters: We follow pandemic guidelines most when our close circle does. British Journal of Psychology, n/a(n/a). https://doi.org/10.1111/bjop.12491
Gusman, M. S., Grimm, K. J., Cohen, A. B., & Doane, L. D. (2021). Stress and Sleep Across the Onset of the COVID-19 Pandemic: Impact of Distance Learning on U.S. College Students’ Health Trajectories. PsyArXiv. https://doi.org/10.31234/osf.io/m5zv9
Esteve, A., Permanyer, I., Boertien, D., & Vaupel, J. W. (2020). National age and coresidence patterns shape COVID-19 vulnerability. Proceedings of the National Academy of Sciences, 117(28), 16118–16120. https://doi.org/10.1073/pnas.2008764117
“Myths about COVID-19 vaccination - HackMD.” Accessed February 19, 2021. https://hackmd.io/ovEzSQWcRp2bctQn8MYElQ#Myths-about-COVID-19-vaccination.
Levin, A. T., Hanage, W. P., Owusu-Boaitey, N., Cochran, K. B., Walsh, S. P., & Meyerowitz-Katz, G. (2020). Assessing the age specificity of infection fatality rates for COVID-19: Systematic review, meta-analysis, and public policy implications. European Journal of Epidemiology, 35(12), 1123–1138. https://doi.org/10.1007/s10654-020-00698-1
Stevens, L., Rockey, J., Rockowitz, S., Kanja, W., Colloff, M., & Flowe, H. D. (2021). Children’s Vulnerability to Sexual Violence during COVID-19 in Kenya: Recommendations for the Future. PsyArXiv. https://doi.org/10.31234/osf.io/7sn3w
IFRAME element may be a security risk if any page on your site contains an XSS vulnerability which can be exploited
${JSON.stringify(state)}
XSS mitigation
Go is introducing publicly-visible API changes related to these issues in an upcoming major release, which risks making the vulnerabilities public without explicit public disclosure.
Whaaat ?!
(4) Facebook. (n.d.). Retrieved December 10, 2020, from https://www.facebook.com/harvardpublichealth/videos/881117569360098/
Could you please explain why it is a vulnerability for an attacker to know the user names on a system? Currently External Identity Providers are wildly popular, meaning that user names are personal emails.My amazon account is my email address, my Azure account is my email address and both sites manage highly valuable information that could take a whole company out of business... and yet, they show no concern on hiding user names...
Good question: Why do the big players like Azure not seem to worry? Microsoft, Amazon, Google, etc. too probably. In fact, any email provider. So once someone knows your email address, you are (more) vulnerable to someone trying to hack your account. Makes me wonder if the severity of this problem is overrated.
Irony: He (using his full real name) posts:
thus making himself more of a target. (I hope he does not get targetted though.)
That is certainly a good use-case. One thing you can do is to require something other than a user-chosen string as a username, something like an email address, which should be unique. Another thing you could do, and I admit this is not user-friendly at all, to let them sign up with that user name, but send the user an email letting them know that the username is already used. It still indicates a valid username, but adds a lot of overhead to the process of enumeration.
How would you remediate this? One way could be to have the application pad the responses with a random amount of time, throwing off the noticeable difference.
Sometimes, user enumeration is not as simple as a server responding with text on the screen. It can also be based on how long it takes a server to respond. A server may take one amount of time to respond for a valid username and a very different (usually longer) amount of time for an invalid username.
COVID-19 and the Labor Market. (n.d.). IZA – Institute of Labor Economics. Retrieved October 11, 2020, from https://covid-19.iza.org/publications/dp13757/
When I received Chris’s comment, my first response was that I should delete my post or at least the incorrect part of it. It’s embarrassing to have your incorrect understandings available for public view. But I decided to leave the post as is but put in a disclaimer so that others would not be misled by my misunderstandings. This experience reminded me that learning makes us vulnerable. Admitting that you don’t know something is hard and being corrected is even harder. Chris was incredibly gentle in his correction. It makes me think about how I respond to my students’ work. Am I as gentle with their work as Chris was to mine? Could I be more gentle? How often have I graded my students’ work and only focused on what they did wrong? Or forgotten that feeling of vulnerability when you don’t know something, when you put your work out for others to judge? This experience has also reminded me that it’s important that we as teachers regularly put ourselves into situations in which we authentically grapple with not knowing something. We should regularly share our less than fully formed understandings with others for feedback. It helps us remember that even confident learners can struggle with being vulnerable. And we need to keep in mind that many of our students are not confident learners.
I'm reminded here of the broad idea that many bloggers write about sooner or later of their website being a "thought space" or place to contemplate out in the open. More often than not, even if they don't have an audience to interact with, their writings become a way of thinking out loud, clarifying things for themselves, self-evolving, or putting themselves out there for potential public reactions (good, bad, or indifferent).
While writing things out loud to no audience can be helpful and useful on an individual level, it's often even more helpful to have some sort of productive and constructive feedback. While a handful of likes or positive seeming responses can be useful, I always prefer the ones that make me think more broadly, deeply, or force me to consider other pieces I hadn't envisioned before. To me this is the real value of these open and often very public thought spaces.
For those interested in the general idea, I've been bookmarking/tagging things around the idea of thought spaces I've read on my own website. Hopefully this collection helps others better understand the spectrum of these ideas for themselves.
With respect to the vulnerability piece, I'm reminded of an episode of <cite>The Human Current</cite> I listened to a few weeks back. There was an excellent section that touched on building up trust with students or even a class when it comes to providing feedback and criticism. Having a bank of trust makes it easier to give feedback as well as to receive it. Here's a link to the audio portion and a copy of the relevant text.
Covid-19 Medical Risk Assessment – Alama. (n.d.). Retrieved October 2, 2020, from https://alama.org.uk/covid-19-medical-risk-assessment/
Hamblin, S. by J. (n.d.). How We Survive the Winter. The Atlantic. Retrieved September 22, 2020, from https://www.theatlantic.com/health/archive/2020/09/how-america-can-survive-the-winter/616401/
Sueki, H., & Ueda, M. (2020). Short-term effect of the COVID-19 pandemic on suicidal ideation: A prospective cohort study. https://doi.org/10.31234/osf.io/3jevh
Carmona, H. A., de Noronha, A. W. T., Moreira, A. A., Araujo, N. A. M., & Andrade Jr, J. S. (2020). Cracking urban mobility. ArXiv:2008.13644 [Cond-Mat, Physics:Physics]. http://arxiv.org/abs/2008.13644
Fell, M. J., Pagel, L., Chen, C., Goldberg, M. H., Herberz, M., Huebner, G., Sareen, S., & Hahnel, U. J. J. (2020). Validity of energy social research during and after COVID-19: Challenges, considerations, and responses [Preprint]. SocArXiv. https://doi.org/10.31235/osf.io/pe6cd
Care homes or prisons? The coronavirus dilemma that won’t go away. (2020, July 19). Jackie Cassell. https://www.jackiecassell.com/care-homes-or-prisons-the-coronavirus-dilemma-that-wont-go-away/
Love, D., Allison, E. H., Asche, F., Belton, B., Cottrell, R. S., Froehlich, H. E., Gephart, J. A., Hicks, C., Little, D. C., Nussbaumer, E. M., da Silva, P. P., Poulain, F., Rubio, A., Stoll, J. S., Tlusty, M. F., Thorne-Lyman, A. L., Troell, M., & Zhang, W. (2020). Emerging COVID-19 impacts, responses, and lessons for building resilience in the seafood system [Preprint]. SocArXiv. https://doi.org/10.31235/osf.io/x8aew
Fore, H. H., Dongyu, Q., Beasley, D. M., & Ghebreyesus, T. A. (2020). Child malnutrition and COVID-19: The time to act is now. The Lancet, 0(0). https://doi.org/10.1016/S0140-6736(20)31648-2
Mongey, S., Pilossoph, L., & Weinberg, A. (2020). Which Workers Bear the Burden of Social Distancing Policies? (Working Paper No. 27085; Working Paper Series). National Bureau of Economic Research. https://doi.org/10.3386/w27085
Overall, N., Chang, V., Pietromonaco, P., Low, R., & Henderson, A. M. E. (2020). Relationship Functioning During COVID-19 Quarantine [Preprint]. PsyArXiv. https://doi.org/10.31234/osf.io/7cvdm
Endocrinology, T. L. D. &. (2020). Obesity and COVID-19: Blame isn’t a strategy. The Lancet Diabetes & Endocrinology, 0(0). https://doi.org/10.1016/S2213-8587(20)30274-6
Cowan, B. W. (2020). Short-run Effects of COVID-19 on U.S. Worker Transitions (Working Paper No. 27315; Working Paper Series). National Bureau of Economic Research. https://doi.org/10.3386/w27315
How Do We Think the COVID-19 Crisis Will Affect Our Careers (If Any Remain)?. COVID-19 and the Labor Market. (n.d.). IZA – Institute of Labor Economics. Retrieved August 8, 2020, from https://covid-19.iza.org/publications/dp13164/
Galasso, V., Pons, V., Profeta, P., Becher, M., Brouard, S., & Foucault, M. (2020). Gender Differences in COVID-19 Related Attitudes and Behavior: Evidence from a Panel Survey in Eight OECD Countries (Working Paper No. 27359; Working Paper Series). National Bureau of Economic Research. https://doi.org/10.3386/w27359
Wiemers, E. E., Abrahams, S., AlFakhri, M., Hotz, V. J., Schoeni, R. F., & Seltzer, J. A. (2020). Disparities in Vulnerability to Severe Complications from COVID-19 in the United States (Working Paper No. 27294; Working Paper Series). National Bureau of Economic Research. https://doi.org/10.3386/w27294
The New Hazardous Jobs and Worker Reallocation. COVID-19 and the Labor Market. (n.d.). IZA – Institute of Labor Economics. Retrieved July 27, 2020, from https://covid-19.iza.org/publications/dp13532/
Padrón, Isabel, Isabel Fraga, Lucía Vieitez, Carlos Montes, and Estrella Romero. ‘COnVida-20(1)’. Preprint. PsyArXiv, 31 July 2020. https://doi.org/10.31234/osf.io/27fy6.
Burki, T. (2020). The indirect impact of COVID-19 on women. The Lancet Infectious Diseases, 20(8), 904–905. https://doi.org/10.1016/S1473-3099(20)30568-5
Bertocchi, G., & Dimico, A. (2020). COVID-19, Race, and Redlining. IZA Discussion Paper, 13467.
Slobin, S. (n.d.). How Remote Work Divides America. Reuters. Retrieved July 27, 2020, from https://graphics.reuters.com/HEALTH-CORONAVIRUS/USA-REMOTEWORK/xlbpgbrljvq/
Reher, D. S., Requena, M., de Santis, G., Esteve, A., Bacci, M. L., Padyab, M., & Sandström, G. (2020). The COVID-19 pandemic in an aging world [Preprint]. SocArXiv. https://doi.org/10.31235/osf.io/bfvxt
Mogi, R., Kato, G., & Annaka, S. (2020). Socioeconomic inequality and COVID-19 prevalence across municipalities in Catalonia, Spain. https://doi.org/10.31235/osf.io/5jgzy
Mikolai, J., Keenan, K., & Kulu, H. (2020). Household level health and socio-economic vulnerabilities and the COVID-19 crisis: An analysis from the UK [Preprint]. SocArXiv. https://doi.org/10.31235/osf.io/4wtz8
Cook, Marion. ‘Potential Factors Linked to High COVID-19 Death Rates in British Minority Ethnic Groups’. The Lancet Infectious Diseases 0, no. 0 (17 July 2020). https://doi.org/10.1016/S1473-3099(20)30583-1.
Cohen, P. N. (2020). The COVID-19 epidemic in rural U.S. counties. https://doi.org/10.31235/osf.io/pnqrd
Codagnone, C., Bogliacino, F., Cangrejo, C. E. G., Charris, R. A., Montealegre, F., Liva, G., Lupiáñez-Villanueva, F., Folkvord (Frans), F., & Veltri, G. A. (2020). Assessing concerns for the economic consequence of the COVID-19 response and mental health problems associated with economic vulnerability and negative economic shock in Italy, Spain, and the United Kingdom. https://doi.org/10.31235/osf.io/x9m36
Herzberg-Druker, E., Tali, K., & Yaish, M. (2020). Work and Families in Times of Crisis: The Case of Israel in the Coronavirus Outbreak [Preprint]. SocArXiv. https://doi.org/10.31235/osf.io/fxs64
Boertien, D., Esteve, A., & Permanyer, I. (2020). Age Structure and Living Arrangements Shape the Vulnerability of Spanish Provinces to Outbreaks of Covid-19 [Preprint]. SocArXiv. https://doi.org/10.31235/osf.io/ug2c8
Arolas, H. P. i, Acosta, E., Casasnovas, G. L., Lo, A., Nicodemo, C., Riffe, T., & Myrskylä, M. (2020). Global years of life lost to COVID-19 [Preprint]. SocArXiv. https://doi.org/10.31235/osf.io/gveaj
Tijdink, J. K., Luykx, J. J., van Veen, S., Vinkers, C., & Veltman, E. (2020). Challenging COVID-19 times for older psychiatric patients: Potential implications and solutions [Preprint]. PsyArXiv. https://doi.org/10.31234/osf.io/z4puv
Coggon, D., Croft, P., Cullinan, P., & Williams, A. (2020). ASSESSMENT OF WORKERS PERSONAL VULNERABILITY TO COVID-19 USING COVID-AGE. MedRxiv, 2020.05.21.20108969. https://doi.org/10.1101/2020.05.21.20108969
Bai, M. H. (2020). Who Bought All the Toilet Paper? Conspiracy Theorists Are More Likely to Stockpile During the COVID-19 Pandemic. https://doi.org/10.31234/osf.io/z2g34
COVIDScholar. (n.d.). Retrieved June 22, 2020, from https://covidscholar.org/article/5ec6e956d71118fe7dc6dd5d
Goldman, P. S., Ijzendoorn, M. H. van, Sonuga-Barke, E. J. S., Goldman, P. S., Ijzendoorn, M. H. van, Bakermans-Kranenburg, M. J., Bradford, B., Christopoulos, A., Cuthbert, C., Duchinsky, R., Fox, N. A., Grigoras, S., Gunnar, M. R., Ibrahim, R. W., Johnson, D., Kusumaningrum, S., Ken, P. L. A., Mwangangi, F. M., Nelson, C. A., … Sonuga-Barke, E. J. S. (2020). The implications of COVID-19 for the care of children living in residential institutions. The Lancet Child & Adolescent Health, 0(0). https://doi.org/10.1016/S2352-4642(20)30130-9
Chow, K. (2020, May 6). There’s No Way to Prepare for Grief. The Cut. https://www.thecut.com/2020/05/theres-no-way-to-prepare-for-grief.html
Spinney, L. (2020, June 7). Are we underestimating how many people are resistant to Covid-19? The Observer. https://www.theguardian.com/world/2020/jun/07/immunological-dark-matter-does-it-exist-coronavirus-population-immunity
Zhang, J., Litvinova, M., Liang, Y., Wang, Y., Wang, W., Zhao, S., Wu, Q., Merler, S., Viboud, C., Vespignani, A., Ajelli, M., & Yu, H. (2020). Changes in contact patterns shape the dynamics of the COVID-19 outbreak in China. Science, eabb8001. https://doi.org/10.1126/science.abb8001
Greaves, I., & Hunt, P. (n.d.). Psychological Aspects of Major Incidents. In Oxford Manual of Major Incident Management. Oxford University Press. Retrieved April 9, 2020, from https://oxfordmedicine.com/view/10.1093/med/9780199238088.001.0001/med-9780199238088-chapter-14
Editorial: COVID-19 will not leave behind refugees and migrants. The Lancet. DOI:https://doi.org/10.1016/S0140-6736(20)30758-3
Thebault, R., & Hauslohner, A. (2020, May 24). A deadly ‘checkerboard’: Covid-19’s new surge across rural America. Washington Post. https://www.washingtonpost.com/nation/2020/05/24/coronavirus-rural-america-outbreaks/
Dahl Fitjar, R. (2020, May 9). The density and connectedness of cities now appear as weaknesses. LSE Business Review. https://blogs.lse.ac.uk/businessreview/2020/05/09/the-density-and-connectedness-of-cities-now-appear-as-weaknesses/
Ballew, M. T., Bergquist, P., Goldberg, M., Gustafson, A., Kotcher, J., Marlon, J. R., … Leiserowitz, A. (2020, April 20). American Public Responses to COVID-19, April 2020. https://doi.org/10.31234/osf.io/qud5t
Cortese, S., Asherson, P., Sonuga-Barke, E., Banaschewski, T., Brandeis, D., Buitelaar, J., Coghill, D., Daley, D., Danckaerts, M., Dittmann, R. W., Doepfner, M., Ferrin, M., Hollis, C., Holtmann, M., Konofal, E., Lecendreux, M., Santosh, P., Rothenberger, A., Soutullo, C., … Simonoff, E. (2020). ADHD management during the COVID-19 pandemic: Guidance from the European ADHD Guidelines Group. The Lancet Child & Adolescent Health, S2352464220301103. https://doi.org/10.1016/S2352-4642(20)30110-3
Bondy, E., Baranger, D. A., Balbona, J. V., Sputo, K., Paul, S. E., Oltmanns, T., & Bogdan, R. (2020, April 30). Neuroticism and reward-related ventral striatum activity: Probing vulnerability to stress-related depression. Retrieved from psyarxiv.com/5wd3k
Ahmad, A., Chung, R., Eckenwiler, L., Ganguli, A. M., Hunt, M., Richards, R., Saghai, Y., Schwartz, L., Scully, J. L., & Wild, V. (2020). What does it mean to be made vulnerable in the era of COVID-19? The Lancet, 0(0). https://doi.org/10.1016/S0140-6736(20)30979-X
Sibley, C. G., Greaves, L., Satherley, N., Wilson, M., Lee, C., Milojev, P., … Barlow, F. (2020, April 20). Short-term effects of the COVID-19 pandemic and a nationwide lockdown on institutional trust, attitudes to government, health and wellbeing. https://doi.org/10.31234/osf.io/cx6qa
DA SILVA, C. M. N. G. (2020, April 13). Who takes care of health professional?. https://doi.org/10.31234/osf.io/n4j98
Colombo, R., Wallace, M., & Taylor, R. S. (2020, April 11). An Essential Service Decision Model for Applied Behavior Analytic Providers During Crisis. https://doi.org/10.31234/osf.io/te8ha
McKee, M., Stuckler, D. If the world fails to protect the economy, COVID-19 will damage health not just now but also in the future. Nat Med (2020). https://doi.org/10.1038/s41591-020-0863-y
Redefining vulnerability in the era of COVID-19. (2020 April 04). The Lancet. 395 (10230). DOI: https://doi.org/10.1016/S0140-6736(20)30757-1.
a belief thal we have an accurate memory of a past fact or demonstration or a belief that others have been correct in their proofs.
We must trust in our memories, our senses and observations, and in others. Which of these do we have faith in more/most? And what are the consequences when we make ourselves vulnerable to that trust (and are proven wrong)?
anguage come to be more trustworthy than matter?
People seem to trust in themselves more than what's outside themselves. Even though language is constructed, it's our construct, something we made, and therefore (?) something we can place our faith in more so than in matter, something we had less of a hand in making. When we place our faith in things outside ourselves, we become more vulnerable--we open ourselves to other things as well as to the possibility of being wrong.
CORRESPONDENCE
Throughout this section, Foucault characterizes correspondence as a way to reveal the self: "a certain way of manifesting oneself to oneself and to others," to "show oneself," "a decipherment of the self by the self as an opening one gives the other onto oneself."
This sort of 'opening' is to make oneself vulnerable, to be seen by others. (cf. Marback's "A Meditation on Vulnerability in Rhetoric")
This is characteristic particularly of writing that is intended for others (correspondence), but in what ways are other forms of writing equally--if not more--revealing of the self?
(That also makes me question whether any writing is truly for the self and not intended in some way for others. Even diaries/journals are written with the possible eventuality that someone other than the writer will read it.)
Certain HP laptops have flawed audio drivers that record all your keystrokes to: C:\Users\Public\MicTray.log
If these files exist, delete them: C:\Windows\System32\MicTray64.exe C:\Windows\System32\MicTray.exe
I decided that I would respond to Terry's bravery and speak to the world 'ad hoc' in my turn and have faith in whatever came out of my mouth accompanied by a picture on the wall.
vulnerability open improvisation emotion
I have indeed succeeded in my ambition, I even referred to Mr Benn in a conference I did in Plymouth in 2011 entitled "In Search of Nomad's Land".
vulnerability storytelling child/adult Historical Body Discourses
Here's a sort of wallop:
Act of being witness
my mother had just died,
Life and vulnerability.
I was over the edge.
Didn't care for social niceties
I spoke, I was in tears at all the frustration I had felt, the people in the room were touched.
This was me who was doing that.
This was the best work that I could muster at that moment.
Frustration at not having the means to communicate.
Thousands of poorly secured MongoDB databases have been deleted by attackers recently. The attackers offer to restore the data in exchange for a ransom -- but they may not actually have a copy.
In November 2016, a bug was discovered in Kaspersky Anti-Virus software that was effectively disabling SSL certificate validation.
Malware hidden in ad banners with steganography.
A race condition bug that has existed in most versions of the Linux kernel for nine years can be exploited for privilege elevation.
The malware, dubbed "Mirai," spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords."
"We demonstrate that well-known compression-based attacks such as CRIME or BREACH (but also lesser-known ones) can be executed by merely running JavaScript code in the victim’s browser. This is possible because HEIST allows us to determine the length of a response, without having to observe traffic at the network level."
HEIST attacks can be blocked by disabling 3rd-party cookies.
https://twitter.com/vanhoefm<br> https://twitter.com/tomvangoethem
These vulnerabilities are as bad as it gets. They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible.
...
Tuesday's advisory is only the latest to underscore game-over vulnerabilities found in widely available antivirus packages.
https://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html
HID VertX and Edge controllers for security doors were discovered to have a command injection vulnerability that made it possible for attackers to open them via the Internet.
Researchers have discovered a potentially catastrophic flaw in one of the Internet's core building blocks that leaves hundreds or thousands of apps and hardware devices vulnerable to attacks that can take complete control over them.
https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html
Businesses need to be more careful to avoid revealing customers' personal information. And they should record calls, and watch them collectively over time for signs of suspicious activity.
The harasser in this article tricked customer service representatives into giving him private details about his victims. Starting with whatever information he could find online (a birthdate, the name of a pet) he would call repeatedly until he succeeded in getting other details -- which would make him still more convincing, so he could get more details.
In one case, he pretended to be a company technician for ISP Cox Communications. They didn't have a procedure to verify the ID of their own technicians?
All new Dell laptops and desktops shipped since August 2015 contain a serious security vulnerability that exposes users to online eavesdropping and malware attacks.
"At issue is a root certificate installed on newer Dell computers that also includes the private cryptographic key for that certificate. Clever attackers can use this key from Dell to sign phony browser security certificates for any HTTPS-protected site."
The result? Students’ sense of vulnerability is skyrocketing.
I had similar thoughts around the immensely popular video about street harassment made by hollaback! after a former partner compared an unwelcome invitation I had extended to see a concert together to street harassment. It got me wondering what disciplines have good dialectic for separating useful from harmful exposure. So far I have only an inkling that trauma therapy offers some hope, and it connects the conversation to concepts like triggers.