Tootfinder

This article from @… is called "When legitimate tools go rogue" but could have easily been named "Know your environment" instead. It's one of my #cybersecurity maxims: the better you understand your environment the better you …

When legitimate tools go rogue
Attackers are increasingly hiding in plain sight, using the same tools IT and security teams rely on for daily operations. This blog breaks down common techniques and provides recommendations to defenders.

from my link log —
The sorry state of Java deserialization.
https://www.marginalia.nu/log/a_110_java_io/
saved 2024-09-22 https://

Towards a Knowledge Base of Common Sustainability Weaknesses in Green Software Development
Priyavanshi Pathania, Rohit Mehra, Vibhu Saujanya Sharma, Vikrant Kaulgud, Sanjay Podder, Adam P. Burden
https://arxiv.org/abs/2506.08812

Towards a Knowledge Base of Common Sustainability Weaknesses in Green Software Development
With the climate crisis looming, engineering sustainable software systems become crucial to optimize resource utilization, minimize environmental impact, and foster a greener, more resilient digital ecosystem. For developers, getting access to automated tools that analyze code and suggest sustainabilityrelated optimizations becomes extremely important from a learning and implementation perspective. However, there is currently a dearth of such tools due to the lack of standardized knowledge, whi…

RAS-Eval: A Comprehensive Benchmark for Security Evaluation of LLM Agents in Real-World Environments
Yuchuan Fu, Xiaohan Yuan, Dongxia Wang
https://arxiv.org/abs/2506.15253

RAS-Eval: A Comprehensive Benchmark for Security Evaluation of LLM Agents in Real-World Environments
The rapid deployment of Large language model (LLM) agents in critical domains like healthcare and finance necessitates robust security frameworks. To address the absence of standardized evaluation benchmarks for these agents in dynamic environments, we introduce RAS-Eval, a comprehensive security benchmark supporting both simulated and real-world tool execution. RAS-Eval comprises 80 test cases and 3,802 attack tasks mapped to 11 Common Weakness Enumeration (CWE) categories, with tools implemen…

{nplyr} has helper functions to work on nested dataframes: #rstats #datascience

This https://arxiv.org/abs/2505.21677 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csLG_…

What happens when generative AI models train recursively on each others' generated outputs?
The internet is full of AI-generated content while also serving as a common source of training data for generative AI (genAI) models. This duality raises the possibility that future genAI models may be trained on other models' generated outputs. Prior work has studied consequences of models training on their own generated outputs, but limited work has considered what happens if models ingest content produced by other models. Given society's increasing dependence on genAI tools, understanding do…

Non-Abelian orbifolds of the SO(32) heterotic string
Miguel Hernandez-Segura, Saul Ramos-Sanchez
https://arxiv.org/abs/2506.08370 https://

Non-Abelian orbifolds of the SO(32) heterotic string
Non-Abelian toroidal heterotic orbifolds have received comparatively little attention, mainly because of the significant computational challenges they pose, even at the level of computing their matter spectrum. Similarly, the SO(32) heterotic string remains relatively unexplored. In this paper, we provide some useful tools to handle this situation. We find that certain non-Abelian orbifolds can be studied using the techniques that are common to Abelian compactifications. In such cases, we show …

Got a little post about how to use #SSH from #Windows workstations; hopefully will complement folks running #Linux game servers to easily manage their game files with

Howto SSH with graphical app on Windows
The game servers we offer to clients usually run Linux for cost and performance reasons, but one of the common complaints from people is that managing the files on those servers is too difficult. "I can't just drag and drop files to it" or "There's no graphical interface to browse files". This guide will provide a couple tools to hopefully alleviate those issues.

SLURM Heterogeneous Jobs for Hybrid Classical-Quantum Workflows
Aniello Esposito, Utz-Uwe Haus
https://arxiv.org/abs/2506.03846 https://

SLURM Heterogeneous Jobs for Hybrid Classical-Quantum Workflows
A method for efficient scheduling of hybrid classical-quantum workflows is presented, based on standard tools available on common supercomputer systems. Moderate interventions by the user are required, such as splitting a monolithic workflow in to basic building blocks and ensuring the data flow. This bares the potential to significantly reduce idle time of the quantum resource as well as overall wall time of co-scheduled workflows. Relevant pseudo-code samples and scripts are provided to demon…

How much is too much? Measuring divergence from Benford's Law with the Equivalent Contamination Proportion (ECP)
Manuel Cano-Rodriguez
https://arxiv.org/abs/2506.09915

How much is too much? Measuring divergence from Benford's Law with the Equivalent Contamination Proportion (ECP)
Conformity with Benford's Law is widely used to detect irregularities in numerical datasets, particularly in accounting, finance, and economics. However, the statistical tools commonly used for this purpose (such as Chi-squared, MAD, or KS) suffer from three key limitations: sensitivity to sample size, lack of interpretability of their scale, and the absence of a common metric that allows for comparison across different statistics. This paper introduces the Equivalent Contamination Proportion (…

The Spurious Factor Dilemma: Robust Inference in Heavy-Tailed Elliptical Factor Models
Jiang Hu, Jiahui Xie, Yangchun Zhang, Wang Zhou
https://arxiv.org/abs/2506.05116

The Spurious Factor Dilemma: Robust Inference in Heavy-Tailed Elliptical Factor Models
Factor models are essential tools for analyzing high-dimensional data, particularly in economics and finance. However, standard methods for determining the number of factors often overestimate the true number when data exhibit heavy-tailed randomness, misinterpreting noise-induced outliers as genuine factors. This paper addresses this challenge within the framework of Elliptical Factor Models (EFM), which accommodate both heavy tails and potential non-linear dependencies common in real-world da…

Survey: Graph Databases
Miguel E. Coimbra, Lucie Svit\'akov\'a, Alexandre P. Francisco, Lu\'is Veiga
https://arxiv.org/abs/2505.24758 https://

Survey: Graph Databases
Graph databases have become essential tools for managing complex and interconnected data, which is common in areas like social networks, bioinformatics, and recommendation systems. Unlike traditional relational databases, graph databases offer a more natural way to model and query intricate relationships, making them particularly effective for applications that demand flexibility and efficiency in handling interconnected data. Despite their increasing use, graph databases face notable challen…

Moments of the shifted prime divisor function
Mikhail R. Gabdullin
https://arxiv.org/abs/2505.24050 https://arxiv.org/pdf/2505.24050

Moments of the shifted prime divisor function
Let $ω^*(n) = \{d|n: d=p-1, \mbox{$p$ is a prime}\}$. We show that, for each integer $k\geq2$, $$ \sum_{n\leq x}ω^*(n)^k \asymp x(\log x)^{2^k-k-1}, $$ where the implied constant may depend on $k$ only. This confirms a recent conjecture of Fan and Pomerance. Our proof uses a combinatorial identity for the least common multiple, viewed as a multiplicative analogue of the inclusion-exclusion principle, along with analytic tools from number theory.

This https://arxiv.org/abs/2504.09642 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_ees…

HBS -- Hardware Build System: A Tcl-based, minimal common abstraction approach for build system for hardware designs
Build systems become an indispensable part of the software implementation and deployment process. New programming languages are released with the build system integrated into the language tools, for example, Go, Rust, or Zig. However, in the hardware description domain, no official build systems have been released with the predominant Hardware Description Languages (HDL) such as VHDL or SystemVerilog. Moreover, hardware design projects are often multilanguage. The paper proposes a new build s…

Confidence intervals for forced alignment boundaries using model ensembles
Matthew C. Kelley
https://arxiv.org/abs/2506.01256 https://

Confidence intervals for forced alignment boundaries using model ensembles
Forced alignment is a common tool to align audio with orthographic and phonetic transcriptions. Most forced alignment tools provide only a single estimate of a boundary. The present project introduces a method of deriving confidence intervals for these boundaries using a neural network ensemble technique. Ten different segment classifier neural networks were previously trained, and the alignment process is repeated with each model. The alignment ensemble is then used to place the boundary at th…