Traces Of Humanity
Comments
nycerrrrrrrrrr
Kiboneu
> "Blue pill" attacks on Vista and Xen [...] Her work demonstrated that hardware virtualization is not in fact the security panacea we wish it was, but that it too is vulnerable to attack just like any other layer of the stack.
Blue-pilling is a method for malware to hide from the OS by virtualizing it, not an attack on VMs. That's why it's called "blue pilling". I do agree though that VMs are not airtight and VM escapes have been demonstrated.
nycerrrrrrrrrr
Yes, but when you blue-pill the hypervisor it becomes an attack on VMs. Her demonstrating the blue pill attack on Xen was really the "oh crap, these aren't as safe as we thought" moment.
mentalgear
Kudos to her pristine work in security, especially with QubesOS - more relevant as ever since LLMs are now finding and weaponizing bugs at lightspeed, QubesOS feels like the last trustworthy OS fortress left.
> What is Qubes OS?
Qubes OS is a free and open-source, security-oriented operating system for single-user desktop computing. Qubes OS leverages Xen-based virtualization to allow for the creation and management of isolated compartments called qubes.
These qubes, which are implemented as virtual machines (VMs), have specific:
Purposes: with a predefined set of one or many isolated applications, for personal or professional projects, to manage the network stack, the firewall, or to fulfill other user-defined purposes.
Natures: full-fledged or stripped-down virtual machines based on popular operating systems, such as Fedora, Debian, and Windows.
Levels of trust: from complete to non-existent. All windows are displayed in a unified desktop environment with unforgeable colored window borders so that different security levels are easily identifiable.
stared
Is there some important context I am missing?
gostsamo
The author was known with a secure os project some years ago.
brcmthrowaway
Why did the author leave computer security industry?
userbinator
I hope it's because she realised its hidden purpose of advancing towards authoritarian dystopia.
superxpro12
but isnt e2ee also one of the technological advancements that actually fights against authoritarian dystopia?
brcmthrowaway
"Trusted computing" you mean
fsflover
How so? Qubes OS is the best operating system you can have today to reclaim the control over your computer.
rdevilla
Rem acu tango.
tptacek
Did they?
pgCKIN
So it seems: "Today I no longer do computer security. I do other stuff, part of which running this blog :-)"
embedding-shape
From https://tracesofhumanity.org/about/
> Today I no longer do computer security. I do other stuff, part of which running this blog :-)
47282847
In case you read this: Hi Joanna! Nice to hear from you. Looking forward to your thoughts and sharing.
lo_zamoyski
"For it seems that the struggle, the uncertainty, the incompleteness, they all might be the central theme of humanism, perhaps even its very essence."
Uncertainty and incompleteness are only meaningful in relation to certainty and completeness, and these point at desire. We desire food to complete us nutritionally, at least for a time. When we desire to know something, our minds come to rest - relatively speaking - when we arrive at that knowledge.
The questions then become: what is lacking to make something uncertain? What is lacking to make something incomplete? So, while these defects may be unavoidable (at least in his life), then the question one should be asking is what does the apparent insurmountably of this condition entail? What is the desire in question that isn't being satisfied?
piffien
> This blog is intended to be a reportage of my struggles between Rationality and Humanism. Pragmatism and Beauty. Formalism and Intuition. Freedom and Love. Individualism, Independence and Privacy on the one side, vs Egalitarianism, Sharing and Community on the other.
What is he on about? Sounds like his future blog posts could just be rambling about anything.
realo
She.
She was a brilliant cybersecurity researcher.
Nowadays seems to have switched to poetry. Not the first one to do that, recently...
IMHO she is up there on par with Yudkowsky.
walrus01
> IMHO she is up there on par with Yudkowsky.
Has she inspired any rationalist polycule harry potter fan fiction enthusiast cults that live on a decaying tugboat before murdering several people yet?
https://www.google.com/search?client=firefox-b-d&q=wikipedia...
measurablefunc
In terms of poetic talent or actual CS research?
brcmthrowaway
Guessing financially independent from crypto.
emayljames
She.
CrzyLngPwd
She seems lost, and hopefully isn't being encouraged by a sychophantic LLM.
kome
???
wild assumption. god forbid someone look for some humanity in this world.
CrzyLngPwd
Wild assumption, what are you assuming, exactly?
In the world, she has attained a lot in a single blog post, and now she is elevated.
Hurrah!
Did I get that right?
askZqt
Well known security researcher resurfaces, first blog post mentions Claude:
https://tracesofhumanity.org/freediving-embodiment-and-human...
Please, please, please let this not be the incentive!
bbor
I mean, 'mentions Claude while asking it about AI consciousness at the end of long post about consciousness'**. Seems fair?
Apologies if I'm misreading 'incentive' and missing some jargon usage, ofc! Or if this just a lament that she's not a purist/gold star doomer? Cause I totally understand that.
jgord
Joanna, if your reading this, welcome back .. really miss your blog !
In my ideal future, Joanna would write about things like :
- how do we secure LLMs leading up to AGI, presumably they can bypass our best attempt at airgap firewalls
- is consciousness different from thinking from intelligence ?
- how do we ensure AI is distributed so all humans can benefit, and not used as a multiplier of extreme wealth inequality ?
- whats missing in current AI LLMs ?
- a bias for truth / fact .. or a mode switch to make it bias truthiness
- reasoning by chains of formal language [ formal logic ]
- reasoning by chains of probabilistic inference [ bayesian logic ]
- reasoning by deep simulation [ stochastic modelling ]
- spatial reasoning [ 3D model of space, machinery, physics. 3D reconstruction. model of humans and animals with bones, muscles, mass ]
- mathematical modelling [ proposing formulae, checking fit ]
- psychological model of humans, of human populations, their needs / motivations / rewards and psychoses
An implication of the above is that future AGI will need to run on fast branching CPU _and_ massively parallel GPU with a fast data path between them - ie. balanced compute.
However, the best part will be discovering what the real Joanna writes about !
Since some people seem to not be familiar with Joanna, she is a massively influential security researcher. IMO most famous for her "Blue pill" attacks on Vista and Xen: https://blackhat.com/presentations/bh-usa-06/BH-US-06-Rutkow..., https://invisiblethingslab.com/resources/bh08/part3.pdf. Her work demonstrated that hardware virtualization is not in fact the security panacea we wish it was, but that it too is vulnerable to attack just like any other layer of the stack. This revelation resulted in significant changes in the security world.
She is also famous for the Qubes OS project and coining the term "evil maid attack".