RIP Chuck Norris

Truth is, apart from my mother and Granny, my only role models were the cowboy heroes I saw on the screen.  Each time I walked out of the theater, I felt encouraged by the belief that there were such men.  I determined that I would grow up one day to be like them.  Those cowboy heroes offered a lot to a young boy longing for a male role model to emulate.  Their behavior in their films was governed by the "Code of the West" -- loyalty, friendship, and integrity.  They were unselfish and did what was right even when the risk was great.  Years later I would recall those Western heroes when I developed the kind of character I wanted to play as an actor.

-- Carlos Ray "Chuck" Norris Jr (10 March 1940 - 19 March 2026), American martial artist, action star, and Hollywood actor, Against All Odds: My Story (2006), Chapter 4 "A Mother's Love"

Promptware Kill Chain

Attacks against modern generative artificial intelligence (AI) large language models (LLMs) pose a real threat.  Yet discussions around these attacks and their potential defenses are dangerously myopic.  The dominant narrative focuses on "prompt injection," a set of techniques to embed instructions into inputs to LLM intended to perform malicious activity.  This term suggests a simple, singular vulnerability.  This framing obscures a more complex and dangerous reality.  Attacks on LLM-based systems have evolved into a distinct class of malware execution mechanisms, which we term "promptware."  In a new paper, we, the authors, propose a structured seven-step "promptware kill chain" to provide policymakers and security practitioners with the necessary vocabulary and framework to address the escalating AI threat landscape.

The promptware kill chain: initial access, privilege escalation, reconnaissance, persistence, command & control, lateral movement, action on objective

The kill chain was already demonstrated.  For example, in the research "Invitation Is All You Need," attackers achieved initial access by embedding a malicious prompt in the title of a Google Calendar invitation.  The prompt then leveraged an advanced technique known as delayed tool invocation to coerce the LLM into executing the injected instructions.  Because the prompt was embedded in a Google Calendar artifact, it persisted in the long-term memory of the user's workspace.  Lateral movement occurred when the prompt instructed the Google Assistant to launch the Zoom application, and the final objective involved covertly livestreaming video of the unsuspecting user who had merely asked about their upcoming meetings.  C2 and reconnaissance weren't demonstrated in this attack.

-- Oleg Brodt, Elad Feldman, Bruce Schneier, Ben Nassi, "The Promptware Kill Chain: How Prompt Injections Gradually Evolved Into a Multistep Malware Delivery Mechanism" (14 January 2026)

Eccentric Enough

People who are eccentric enough to be quite seriously virtuous understand each other everywhere, discover each other easily, and form a silent opposition to the ruling immorality that happens to pass for morality.

-- Friedrich Schlegel (1772 - 1829), German poet, critic, and scholar, The Athenaeum Fragments (1798 - 1800) or Aphorisms from the Athenaeum (German Athenäums-fragmente), collection of aphorisms published by Schlegel, #414

NovaNET Gathering

This Sunday I had the pleasure of meeting up with many members of the old NovaNET gang.  I'll drop a few names to spark your memories, as Kevin Maxson was in town with his family, and a group gathered at Papa Del's for a couple of hours over lunch.  I joined Kevin & family along with Carl Evans, James Quisenberry & family, Phil Parker, Ray Thomsen, Steve Peltz, Eric Bina, and Peter Enstrom.  Many more names were dropped in conversation, and 25-year-old memories were the talk of the moment.

As Kevin said, "Nothing compares to working with our team on real meaningful and effective CBE stuff.  I loved it."  Me, too.

Scion FR-S 10 Year Anniversary

10 years ago today (16 March 2016) I bought a new, 2015 Scion FR-S from the dealership in Urbana.  Today that car has 249,320 miles on it.  It continues to serve me well as a daily driver.

Early on I used it for autocross and commuting to work at the University of Illinois.  Commuting put 30,000 miles a year on it up until the pandemic.  Annual mileage is around half that now.

In all that time it's been pretty well behaved, needing only regular maintenance plus a new clutch at around 180,000 miles.

My previous car, a 1998 Saturn SC2, made it to 421,000 miles before giving up the ghost.  I don't expect to get that far in the Scion, but here's hoping.

In Conflict

The doctrine that the world is made up of objects whose existence is independent of human consciousness turns out to be in conflict with quantum mechanics and with facts established by experiment.

-- Bernard d'Espagnat (1921 - 2015), French theoretical physicist, philosopher of science, and author, best known for his work on the nature of reality, The Quantum Theory and Reality (November 1979) Scientific American p. 158

Question Asking

In the development of intelligence nothing can be more "basic" than learning how to ask productive questions.  All our knowledge results from questions, which is another way of saying that question-asking is our most important intellectual tool.

-- Neil Postman (1931 - 2003), American author, educator, media theorist, and cultural critic, Language Education in a Knowledge Context (1980) published in ETC Vol. 37 (1980)