In the opening to his book Engineering Security (2014), Peter Gutmann observed that “a great many of today’s security technologies are ‘secure’ only because no one has ever bothered to look at them.” That observation was made before AI made looking for bugs dramatically cheaper. Most present-day code—including the open source infrastructure that commercial software depends on—is maintained by small teams, part-time contributors, or individual volunteers with no dedicated security resources. A bug in any open source project can have significant downstream impact, too. In 2021, a critical vulner
Claude Mythos Finds Zero-Days—But Rust Quietly Shuts The DoorThese systems fail in predictable ways. False positives are common. Platforms identify minors as adults with youthful faces, or adults who are sharing family devices, or have otherwise unusual usage. They lock accounts, sometimes for days. False negatives also persist. Teenagers learn quickly how to evade checks by borrowing IDs, cycling accounts, or using VPNs. The appeal process itself creates new privacy risks. Platforms must store biometric data, ID images, and verification logs long enough to defend their decisions to regulators. So if an adult who is tired of submitting selfies to verify
The Age Verification TrapSome policymakers assume that vague standards preserve flexibility. In the U.K., then–Digital Secretary Michelle Donelan, argued in 2023 that requiring certain online safety outcomes without specifying the means would avoid mandating particular technologies. Experience suggests the opposite. When disputes reach regulators or courts, the question is simple: Can minors still access the platform easily? If the answer is yes, authorities tell companies to do more. Over time, “reasonable steps” become more invasive. Repeated facial scans, escalating ID checks, and long-term logging become the norm.
The Age Verification Trap… In high-risk domains—from aerospace to cybersecurity—contractors routinely impose safety standards , testing requirements, and operational limitations as part of responsible commercialization. AI should not be treated as uniquely exempt from that practice. …
… There were few details in Anthropic’s announcement, angering many observers. Some speculate that Anthropic doesn’t have the GPUs to run the thing, and that cybersecurity was the excuse to limit its release. Others argue Anthropic is holding to its AI safety mission. …
… There is evidence that pre-emptive defenses like this have some effect. Anthropic has published data showing that automated misuse detection can derail some cyberattacks . …
… A detailed policy analysis submitted to the Department of Communications and Digital Technologies DCDT identifies the specific provisions the final policy must contain: mandatory minimum terms for foreign compute infrastructure investments above ZAR 500 million ~$30 million ; a compute reporting th… …
… In the U.K., then–Digital Secretary Michelle Donelan, argued in 2023 that requiring certain online safety outcomes without specifying the means would avoid mandating particular technologies. …
… He says that devising war-fighting tactics and technologies in which humans and robots collaborate pdf will remain the best approach for safety, legal, and ethical reasons. “Militaries could invest in very advanced robotics and automation and still keep a person in the loop for targeting decisions,… …