I used to be airyairyquitecontrary, but following a deletion I can’t get that back. I like Sailor Moon, Star Trek, Star Wars, The Expanse, and cats. From Aotearoa New Zealand, b.1978.
I am a glorified office administrator who understands server hardware why am I the only person in this company who gets what social engineering is?
Total stranger on the phone who we’ve never spoken to before: I have power of attorney over the CEO of this corporation and we are a customer of yours. Please change the administrator password on the server to XXXXX
My boss, putting on white grease paint and a red wig: Oh, of course! Let’s do it quickly so that you’ll want to keep working with us since you’re going to be making business decisions!
Me: I would sell you to satan for one corn chip and I’m allergic to corn but before you do this maybe you should call someone who is actually on our contact list for our customer and see if they’ve ever heard of this stranger.
My boss, looking through a selection of shoes that honk when you walk: Oh, but she said that it was very important that none of the employees know what was happening because they’re making staffing changes.
Me: As your lawyer I recommend that you just call a single one of our contacts and see if they’ve ever heard of her name.
My boss, shoving all of our technicians into a VW beetle: You’re not my lawyer.
Me: HOW THE FUCK WOULD YOU KNOW? I COULD BE! YOU SHOULD MAYBE CHECK ON THAT.
TIL everyone’s employee ID at my company is the last five of their SSN.
Boss: On the bright side, it’s only the last five
Me: YOU CAN COMMIT FRAUD WITH FOUR
Security firms that are hired to check the security of banks will often use the following tactic: They will walk up to the teller in a suit with their ID badge and a clipboard and go:
“Hello I am [name] from [security firm] we’ve been hired to verify the security of the facility I need to see your computers.”
“Erm…I’ll have to verify that with my managers.”
“Congratulations, you have just passed the security verification.” [Scribbles on clipboard] “But in all seriousness I do need to verify your security so I need to see your computers.”
“Oh okay.” AND LETS THEM IN.
“Social engineering” is a way too fancy word for what it is. I know a guy (not personally) who broke several people out of prison by essentially writing “Greetings, please release this person, signed, whoever the judge is” on a piece of paper and faxing it there. Because no one would have a fax machine in their own house I guess.
not to derail, but holy shit that praxis
I’ve had clerks just give out a whole ass SSN when I asked.
With the release of Android 12, Google began allowing users to delete their ad ID permanently. On devices that have this feature enabled, you can open the Settings app and navigate to Privacy > Ads. Tap “Delete advertising ID,” then tap it again on the next page to confirm. This will prevent any app on your phone from accessing it in the future.
On iOS
To see which apps you have previously granted access to, go to Settings > Privacy > Tracking. You can set the “Allow apps to Request to Track” switch to the “off” position (the slider is to the left and the background is gray). This will prevent apps from asking to track in the future. If you have granted apps permission to track you in the past, this will prompt you to ask those apps to stop tracking as well. You also have the option to grant or revoke tracking access on a per-app basis.
Apple has its own targeted advertising system, separate from the third-party tracking it enables with IDFA. To disable it, navigate to Settings > Privacy > Apple Advertising. Set the “Personalized Ads” switch to the “off” position to disable Apple’s ad targeting.
Then you need to go to myactivity.google.com/product/gemini and turn off all Gemini activity tracking. You do have to do them in that order to make sure it works.
Honestly, I’m not sure how long this will last, but this should keep Gemini off your projects for a bit.
I saw this over on bluesky and figured it would be good to spread on here. It only takes a few minutes to do.
Writers: It’s asking to read your Google Docs and be able to ‘summarize’ things from them and such things. I just turned all mine off.
Because this isn’t mentioned above, also go to google.com/drive/settings and turn off all the annoying bits that interface directly with docs there.
This is all in the “privacy” tab of your settings. How fun that everything is hidden two layers deep. 🙄 This DOESN’T get rid of the stupid little star constantly asking you to use it, unfortunately, but that’s what the picker in ublock is for. 😉
More detail instructions for OP’s post for those who are confused. This is done from the browser on my laptop, I don’t know what they look like on phones.
When you click the first link gemini.google.com/extensions, you need to click on the setting icon at the bottom, then choose “Extension”, like this:
Scroll down a bit, you will see the options, turn them all off.
Then, you click on the second link myactivity.google.com/product/gemini, you’ll see it tells you that it’s already “turn off”. NO! IT’S NOT! You have to click on that “Turn off” option, it’ll drop down a menu like this:
Turn that thing off. Until that button shows you have to click to turn it back on like this:
And then, click on the delete button down there too, even if it says there’s nothing to delete, just do it as a caution.
After you’s done with those two. You go to your Drive, find the Setting button.
Click on the “Privacy” tab, choose the button “Manage Workspace smart feature setting”
Tick both of those off, then click Save. Or if you still want to use Google AI assistant for some reasons, please read the fine lines very very carefully.
Only then, you can feel safe enough with this force AI assistant bullshit. FOR NOW 🤡 All these steps still can’t get rid of that Gemini blinkblink icon though >:(((((
Interesting: I am in Aotearoa New Zealand and my Mac is up to date (Sequoia 15.1.1). However, my Settings don’t have any “Apple Intelligence & Siri” section. It has a Siri section, but I have Siri turned off in any case. If I go in through Screen Time, I do have a Content & Privacy section and have turned off the relevant option there.
I wonder if this is one of those features that appear differently in different countries, namely those that have stronger privacy laws than the USA?
At the California Institute of the Arts, it all started with a videoconference between the registrar’s office and a nonprofit.
One of the nonprofit’s representatives had enabled an AI note-taking tool from Read AI. At the end of the meeting, it emailed a summary to all attendees, said Allan Chen, the institute’s chief technology officer. They could have a copy of the notes, if they wanted — they just needed to create their own account.
Next thing Chen knew, Read AI’s bot had popped up inabout a dozen of his meetings over a one-week span. It was in one-on-one check-ins. Project meetings. “Everything.”
The spread “was very aggressive,” recalled Chen, who also serves as vice president for institute technology. And it “took us by surprise.”
The scenariounderscores a growing challenge for colleges: Tech adoption and experimentation among students, faculty, and staff — especially as it pertains to AI — are outpacing institutions’ governance of these technologies and may even violate their data-privacy and security policies.
That has been the case with note-taking tools from companies including Read AI, Otter.ai, and Fireflies.ai.They can integrate with platforms like Zoom, Google Meet, and Microsoft Teamsto provide live transcriptions, meeting summaries, audio and video recordings, and other services.
Higher-ed interest in these products isn’t surprising.For those bogged down with virtual rendezvouses, a tool that can ingest long, winding conversations and spit outkey takeaways and action items is alluring. These services can also aid people with disabilities, including those who are deaf.
But the tools can quickly propagate unchecked across a university. They can auto-join any virtual meetings on a user’s calendar — even if that person is not in attendance. And that’s a concern, administrators say, if it means third-party productsthat an institution hasn’t reviewedmay be capturing and analyzing personal information, proprietary material, or confidential communications.
“What keeps me up at night is the ability for individual users to do things that are very powerful, but they don’t realize what they’re doing,” Chen said. “You may not realize you’re opening a can of worms.“
The Chronicle documented both individual and universitywide instances of this trend. At Tidewater Community College, in Virginia, Heather Brown, an instructional designer, unwittingly gave Otter.ai’s tool access to her calendar, and it joined a Faculty Senate meeting she didn’t end up attending. “One of our [associate vice presidents] reached out to inform me,” she wrote in a message. “I was mortified!”
THIS HAPPENED AT WORK!!!
One of the parties in a grievance mediation had Otter.ai installed on his computer for a previous meeting. He thought (and, honestly, had been led to believe by the company) that he was the one triggering when it was used, and had wanted it to provide captions and a transcription for another meeting. He intended to use it once. Unbeknownst to him, it activated on EVERY MEETING. The worst part is no one noticed, so it is actually unclear how many meetings he’d been in that the AI had been activated on, but for this particular meeting, it sent the meeting host (my colleague) an email saying that it was RECORDING (which is illegal in this line of work, highly illegal, there’s hearings in Congress right now on someone recording a negotiations meeting) the proceedings.
The goal of the email was for her to see how “helpful” of a tool that it was so that she could download it as well and enable it in her meetings. It sent her 1) an attendance summary (private); 2) a transcript of the meeting so far (illegal) and 3) a snippet of audio from the meeting (highly illegal). They had to stop the mediation entirely, switch to old school phones to see where the issue was and who had this enabled on their computer. The man was horribly embarrassed, and had to get help from his IT department to get the program uninstalled from his computer.
Genuinely, these AI tools are viruses. Because of this, we’ve been asking external people at the start of meetings if anyone else is present off-screen (a different story) or if anyone has AI programs installed on their computer. But most people don’t KNOW because Copilot is now installed behind their backs, and it’s being sneakier than other programs (like Microsoft isn’t going to email someone and say “Hey, by the way, we’ve been listening into your meetings”), but that doesn’t mean it isn’t doing the same things.
If you are downloading and using these programs, please be aware of this and please fucking uninstall them.
The vulnerability was found by an engineer named Andres Freund. Networking and quality engineering are already thankless tasks; Freund deserves better than “some microsoft engineer.”
The vulnerability was found by an engineer named Andres Freund. Networking and quality engineering are already thankless tasks; Freund deserves better than “some microsoft engineer.”
ALT
