The Recording
The Panelists
- Kevin Feasel
- Mala Mahadevan
- Mike Chrestensen
Notes: Questions and Topics
The EU AI Act
Our first topic came from Mala, covering the EU’s new Artificial Intelligence Act. We covered a press release on the topic and I engaged maximum cynical overdrive on this one. We also walked through a fairly recent article about the EU AI Act’s timeline, and I spent an inordinate amount of time talking about how Germans use passive voice far too often for my taste.
Upcoming Events
There are a few upcoming events that we highlighted:
- SQL Saturday Richmond is coming up on May 18th
- I did not mention it, but SQL Saturday Jacksonville will be on May 4th.
- A new conference, called AI in Production, will take place in Asheville, NC on July 18th and 19th. The Call for Speakers is still open.
- Mala promoted Mental Health and Wellness Day, coming up on May 10th.
GitHub Comments as a Malware Vector
Our final article of the night came from Bleeping Computer, where Lawrence Abrams wrote about an interesting malware distribution vector. The way this works is really tricky because GitHub repo owners won’t know about file uploads associated with their repositories. The attacker isn’t actually messing with repo code or anything of the like, but rather uploading files as part of comments, and the file upload happens even if the attacker doesn’t post the comment. From there, the attacker rides on the reputation of the GitHub repo or account owner to try to sneak one over on people.