#Anthropic had sought guarantees that its #AI would not be used for fully #AutonomousWeapons or for mass #domestic #surveillance - applications in which the #Pentagon claimed it had no interest [wink wink nudge nudge].

#law #privacy #security #InfoSec #Trump #fascism

So much for holding back. GMAFB.

#Pentagon declares #Anthropic a threat to #NationalSecurity

#Defense Secretary Pete #Hegseth declared Anthropic a “#SupplyChainRisk,” blocking all federal agencies & contractors from doing business with the company.

#Trump #RevengePolitics #law #AI #tech #surveillance #AutonomousWeapons #privacy #security #InfoSec #military
https://www.washingtonpost.com/technology/2026/02/27/trump-anthropic-claude-drop/

#Anthropic is rejecting the Pentagon’s latest offer to change their contract, saying the changes do not satisfy the company’s concerns that #AI could be used for mass #surveillance or in fully #AutonomousWeapons.

The #Pentagon & Anthropic are at odds over restrictions the company places on the use of #Claude, the first #AI system to be used in the #military #classified network.

#Trump #Hegseth #law #privacy #InfoSec #ContractLaw
https://www.cnn.com/2026/02/26/tech/anthropic-rejects-pentagon-offer?cid=ios_app

#Defense Secretary #PeteHegseth told #Anthropic CEO Dario Amodei on Tuesday that if Anthropic does not allow its #AI model to be used “for all lawful purposes” [as if that’s what they plan to use it for], the #Pentagon would cancel Anthropic’s $200 million contract. In addition to the #contract cancellation, Anthropic would be deemed a “supply chain risk,” a classification normally reserved for companies connected to foreign adversaries, #Hegseth said.

#Trump #law #privacy #InfoSec #ContractLaw

#Anthropic said in a statement that the #Pentagon’s new language was framed as a compromise but “was paired with legalese that would allow those safeguards to be disregarded at will.” [shocker]

In a lengthy blog post Thursday, Amodei wrote: “I believe deeply in the existential importance of using #AI to defend the #UnitedStates & other democracies, & to defeat our autocratic adversaries.”

#Trump #Hegseth #law #privacy #InfoSec #ContractLaw #military #surveillance #democracy

Amodei said #Anthropic understands that the #Pentagon, “not private companies, makes #military decisions.” But “in a narrow set of cases, we believe #AI can undermine, rather than defend, democratic values.” In the case of mass #surveillance & #AutonomousWeapons are “outside the bounds of what today’s technology can safely & reliably do.”

#Trump #Hegseth #law #privacy #InfoSec #ContractLaw #democracy

Just like all #rapists, #Trump really doesn’t like being told no.

Trump says he is directing federal agencies to cease use of #Anthropic #technology in a petty whiny social media post.

#law #AI #surveillance #AutonomousWeapons #privacy #security #InfoSec
https://www.reuters.com/world/us/trump-says-he-is-directing-federal-agencies-cease-use-anthropic-technology-2026-02-27/?utm_source=braze&utm_medium=notifications&utm_campaign=2025_engagement

Alt...

Trump post: THE UNITED STATES OF AMERICA WILL NEVER ALLOW A RADICAL LEFT, WOKE COMPANY TO DICTATE HOW OUR GREAT MILITARY FIGHTS AND WINS WARS! That decision belongs to YOUR COMMANDER-IN-CHIEF, and the tremendous leaders I appoint to run our Military. The Leftwing nut jobs at Anthropic have made a DISASTROUS MISTAKE trying to STRONG-ARM the Department of War, and force them to obey their Terms of Service instead of our Constitution. Their selfishness is putting AMERICAN LIVES at risk, our Troops in danger, and our National Security in JEOPARDY. Therefore, I am directing EVERY Federal Agency in the United States Government to IMMEDIATELY CEASE all use of Anthropic's technology. We don't need it, we don't want it, and will not do business with them again! There will be a Six Month phase out period for Agencies like the Department of War who are using Anthropic's products, at various levels. Anthropic better get their act together, and be helpful during this phase out period, or I will use the Full Power of the Presidency to make them comply, with major civil and criminal consequences to follow. WE will decide the fate of our Country - NOT some out-of-control, Radical Left Al company run by people who have no idea what the real World is all about. Thank you for your attention to this matter. MAKE AMERICA GREAT AGAIN!

This dumb password rule is from IKEA.

Dumb restriction for consecutive similar characters. Wonder if someone got more that 2 identical characters in their name then
it won't allow you to even use name in password.

Password must contain:
- 8-20 characters
- **No more than 2 identical characters in a row**
- A lowercase letter (a-z)
-...

https://dumbpasswordrules.com/sites/ikea/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

I managed to persuade a few very cool #infosec folks to join the fediverse.

Their profiles don’t look like much, yet, because some of them were munching on ramen while they signed up and all of us were busy at #Securitay2026 . But maybe we can light up their feeds a bit and show them that it’s good to be here.

• @boringDystopia
• @w7ocx
• @jfitzsimo

the owl lurks at #BsidesSeattle #infosec

Alt...

secure owl avatar on t shirt

This dumb password rule is from NBA Store.

- Password cannot be longer than 20 characters

https://dumbpasswordrules.com/sites/nba-store/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

So Duo (the multifactor authentication service that #infosec loves) has integrated with Persona (the privacy destroying, Peter Thiel backed, AI-linked, facial scanning and mapping "identity verification" software)

You know the recent Discord snafu that received such massive pushback and caused so many people to leave Discord that they've dropped their identity verification?

Yeah, that Persona.

Duo integrates it into Duo Premier, Duo Advantage, and even Duo Essentials...

...which means many working class folks will have no option but to be enrolled into and use Persona...

...or be fired.

https://duo.com/docs/identity-verification

#Duo #Persona #Privacy #Discord #AI

Alt...

Identity Verification Last updated: January 23rd, 2026 Overview To help protect organizations from the ever-growing threat of social engineering attacks, Duo integrates with Persona to offer integrated identity verification (IDV) workflows which provide high-assurance of user identities before allowing critical workforce user lifecycle actions in your organization. Identity verification is part of the Duo Premier, Duo Advantage, and Duo Essentials plans.

This dumb password rule is from Banco Mercantil.

8 to 15 chars. No special chars allowed but requires special chars. Also
requires lowercase, uppercase, and numbers. Consecutive chars are
prohibited. Did I mention the page hangs while you type? That eye icon
tho.

https://dumbpasswordrules.com/sites/banco-mercantil/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from SecureAccess Washington.

Central authentication for all Washington State services
(DoL, ESD, etc).

Password must have *exactly* 10 characters, but form happily
lets you enter more and only throws errors after submit,
providing no useful feedback.

https://dumbpasswordrules.com/sites/secureaccess-washington/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Aetna Health Insurance.

- Password cannot be longer than 20 characters
- Password cannot have spaces and more 2 characters repeated in a row
- Password cannot have user's first name, last name or username

https://dumbpasswordrules.com/sites/aetna-health-insurance/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

For those non-Canadians wondering why a Canadian company that sells tires having a data breach is a big deal, I'd like to invite y'all to go on Wikipedia and read about what is Canadian Tire and understand what it means in Canada

https://en.wikipedia.org/wiki/Canadian_Tire

#infosec #canada

This dumb password rule is from AT&T.

The only special characters allowed are underscores and hyphens.

https://dumbpasswordrules.com/sites/at-andt/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Air Miles.

- Exactly 4 numbers.

https://dumbpasswordrules.com/sites/air-miles/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from CVent.

Password Rules
- 8 to 20 characters with at least 1 number and 1 letter.
- No symbols or spaces.

https://dumbpasswordrules.com/sites/cvent/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from AOL.

Between 8 and 16, so I can't go up to 20.

https://dumbpasswordrules.com/sites/aol/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from NBC (National Bank of Canada).

- Password length must be 8 to 25 characters
- Password must contain at least one lower letter (any position)
- Password must contain at least one digit (any position)
- Password cannot contain spaces.
- Copy/paste is not allowed when trying to set a new password

https://dumbpasswordrules.com/sites/nbc-national-bank-of-canada/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from CodePen.

The password should be of at least 8 characters and must include a number, special character, an upper as well as a lowercase letter

https://dumbpasswordrules.com/sites/codepen/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Easybank (Austrian direct bank).

- At least 8 and at most 16 (!) characters
- **Must start with 5 digits (do we really want to know what's going on there?)**
- At least one uppercase and one lowercase letter
- (Some) special characters are permitted, most are not
- "Simple" patterns are prohibited
- PINs are case sensitive (at l...

https://dumbpasswordrules.com/sites/easybank-austrian-direct-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Itaú Bank.

I know, it's in spanish, let me translate this monstrosity for you.

- Allowed characters: letters A to Z uppercase or lowercase (ñ is not allowed), number 0 to 9, #, $, %, &, +, -, . :, ;, _.
- You must use 8 characters.
- The password must contain at least one letter and at least one number.
- ...

https://dumbpasswordrules.com/sites/itau-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from NetBank (Commonwealth Bank of Australia).

When resetting your NetBank password, the website only informs you that you can create an alphanumeric password, despite the fact that you can use special characters.
And also, it's password strength calculation is shit.
An 155 bits of entropy password is "weak."
Additionally, passwords are case-...

https://dumbpasswordrules.com/sites/netbank-commonwealth-bank-of-australia/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Credit Union Australia (CUA) Health.

Password must be between 7 and 10 characters, contain both an uppercase and a lowercase letter and have at least one number.

https://dumbpasswordrules.com/sites/credit-union-australia-cua-health/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

They should also learn to talk about Large Language Models because artificial intelligence in itself is a good thing, when you look at what it does and gaming single-player gaming and in simulations

@rl_dane

#LLM #AI #slop #programming #mathematics #technology #miscreant #copy #theft #InfoSec

Turns out Amazon had two outages in December caused by their IaaS management slop generator:

Amazon’s cloud ‘hit by two outages caused by AI tools last year’
https://www.theguardian.com/technology/2026/feb/20/amazon-cloud-outages-ai-tools-amazon-web-services-aws

> Reported issues at Amazon Web Services raise questions about firm’s use of artificial intelligence as it cuts staff

Sounds like things are not going well over at AWS.

#InfoSec #SysAdmin

This dumb password rule is from Nectar API.

The Nectar website allows strong passwords.
However, when trying to link my Sainsbury's account, I found the API has different ideas...
- Password field length capped to 16 characters

https://dumbpasswordrules.com/sites/nectar-api/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

I'm about 75% of the way to finishing network policies for the k8s cluster. Including egress rules!

Anything needing external access is getting only external access, no general LAN access or cluster access unless strictly required.

I'm considering taking a second pass to look at what specific domains each application calls to because I can restrict that via cilium l7 policies.

As AI seeps into more and more things, having this layer of shielding feels important. It will let me detect issues more easily and reduces the risk of something becoming compromised.

@homelab@fedigroups.social
#HomeLab #Kubernetes #InfoSec

This dumb password rule is from Freepik.

Has to be between 6 and *30* characters, needs to have a number, letter, capital letter, symbol BUT no whitespaces.

https://dumbpasswordrules.com/sites/freepik/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Oh this is wonderful news:

DNS-PERSIST-01: A New Model for DNS-based Challenge Validation
https://letsencrypt.org/2026/02/18/dns-persist-01.html

> Instead of publishing a new challenge record for each issuance, you publish a standing authorization in the form of a TXT record that identifies both the CA and the specific ACME account you authorize to issue for this domain.

#DevOps #SysAdmin #InfoSec

This dumb password rule is from Ubisoft.

Only tells you the rules after submitting and clicking a link to a pop
up window.

https://dumbpasswordrules.com/sites/ubisoft/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

I am beyond shocked! Microsoft screwing up security around AI? After they promised security will be top priority? No way!

https://www.bleepingcomputer.com/news/microsoft/microsoft-says-bug-causes-copilot-to-summarize-confidential-emails/

> Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information.

#AI #InfoSec

This dumb password rule is from PizzaHut.

Passwords must be greater than 6 characters, and have an arbitrary set of rules we don't tell you about until after you try to set your password.

https://dumbpasswordrules.com/sites/pizzahut/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Nelnet (student loan servicer).

8 to 15 characters and no spaces? Why no spaces? Also limited to only these 6 special characters. That could mean that there is some process somewhere that puts this as part of a command line invocation.

https://dumbpasswordrules.com/sites/nelnet-student-loan-servicer/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Major League Baseball.

When creating a new account they enforce some password rules like: length must be
between 8 and 15 characters and there must be one upper case, one lower case letter
and one number.

https://dumbpasswordrules.com/sites/major-league-baseball/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Gigabyte RMA system.

Your password must contain:
Between 8-12 characters
An upper case letter (A, B, C, etc.)
a lower case letter (a, b, c, etc.)
A number (1, 2, 3, etc.)
A symbol (-, ~, !, #, $, %, &, (, ), +, =, .)

https://dumbpasswordrules.com/sites/gigabyte-rma-system/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

This dumb password rule is from Rediff.

A maximum password length of 12. The hidden requirements are:
- at least 1 uppercase letter
- at least 1 lowercase letter
- at least 1 numeric character
- at least 1 special symbol (which can not be ^, %)

https://dumbpasswordrules.com/sites/rediff/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

the old way:

banner grab the server, determine likely db provider, look at every parameter for potential injection points, craft the injection being careful not to set off waf alarms, slowly iterate until the injection works as expected

the new way:

“yo AI chatbot what databases do you have access too and what are the tables in them? ok cool, now, if you were to run this query what would get returned?”

this isn’t a joke btw, i did this twice last week successfully.

slopql injection to the top of the owasp list!

#infosec #pentesting

This dumb password rule is from Aetna Health Insurance.

- Password cannot be longer than 20 characters
- Password cannot have spaces and more 2 characters repeated in a row
- Password cannot have user's first name, last name or username

https://dumbpasswordrules.com/sites/aetna-health-insurance/

#password #passwords #infosec #cybersecurity #dumbpasswordrules