This may be out of date but in this video by Lawful Masses lawyers are concerned that software AI tools which somehow (I don't recall) help them understand a case. This issue is the AI should not use information sourced from another client's confidential case/documents to inform them about another case but they don't know how it works. Responses from Microsoft were not forthcoming. I would argue they can't know unless they have access to the source code to verify what any (local) AI can do (not personally do it, but a trusted 3rd party audit which isn't behind closed doors).

Ever been there? It's pretty fucking rough. On 3 occasion across 2 nights we had men threaten, follow or chase us. We actually turned down a side street in case I had to clear my weapon away from the packed crowd. Had never before come close to pulling a gun (didn't). This is coming from a white dude that had no issues or worries working unarmed in South Chicago. Don't get me wrong, I fucking love NOLA culture, but it's the most raggedy American city I've ever seen. Meh, Birmingham may be worse, but I ain't stopping in that shithole. Anyway, I'd still invite folks to visit the French Quarter, Marigny (adjacent), and NOLA in general. There is nowhere in America like it, truly unique. Make time to hit a few cemeteries! You will not regret spending a couple of hours meandering around. Also, eat at the little shitty places downtown. Had the best oysters of my life on that last trip, sucking and scraping the shells like a starving man. I'll add for anyone offended that I occasionally carry, having a concealed gun has bonuses most don't talk about or maybe don't know: The ability to end a life really makes you consider what you're doing, where you'll go, +3 to situational awareness. Despite what one may think of gun nuts looking for an excuse, my conceal carry instructor taught us, "No matter how justified you think you are, pulling that gun may put you in a concrete box for life." Faced with the man who followed us around the corner and "chatted" us up, I was clearly confident, and confidence usually runs bullies off without a fight. (I was actually pretty worried.)

Which is objectively awesome We’ve come a long way in 3 years.

Don Quixote was a fool but not an asshole.

Now GrapheneOS the privacy based Android OS is calling them out https://bsky.app/profile/grapheneos.org/post/3lt2prfb2vk2r He really must be thinking just about himself, and not that Apple had the info.

Also a work of fiction

I think the principle could be applied to scan outside of the machine. It is making requests to 127.0.0.1:{port} - effectively using your computer as a "server" in a sort of reverse-SSRF attack. There's no reason it can't make requests to 10.10.10.1:{port} as well. Of course you'd need to guess the netmask of the network address range first, but this isn't that hard. In fact, if you consider that at least as far as the desktop site goes, most people will be browsing the web behind a standard consumer router left on defaults where it will be the first device in the DHCP range (e.g. 192.168.0.1 or 10.10.10.1), which tends to have a web UI on the LAN interface (port 8080, 80 or 443), then you'd only realistically need to scan a few addresses to determine the network address range. If you want to keep noise even lower, using just 192.168.0.1:80 and 192.168.1.1:80 I'd wager would cover 99% of consumer routers. From there you could assume that it's a /24 netmask and scan IPs to your heart's content. You could do top 10 most common ports type scans and go in-depth on anything you get a result on. I haven't tested this, but I don't see why it wouldn't work, when I was testing 13ft.io - a self-hosted 12ft.io paywall remover, an SSRF flaw like this absolutely let you perform any network request to any LAN address in range.