Log in
 | submitted by /u/Iceolator80 to r/oddlysatisfying [link] [comments] |
reply
We may earn a commission from links on this page.
If you need a reminder that summer has finally landed, berries are here to remind you. Home gardens are spotted with tiny colored jewels of strawberries, currants, and oso berries. Cherries, raspberries and blueberries are beginning to blush with color as they ripen, just as the peonies and irises fade. Peas are popping off of tall vines, nasturtiums have begun to sprawl across garden beds, and spring-planted spinach and chard are sky high. This is your first chance to enjoy the spoils of your summer garden.
Cherries, blueberries, and raspberries about to ripen.
Credit: Amanda Blum
Pruning and trellising
Within two weeks of your lilacs finishing blooming, you should consider pruning them back. This is when plants will determine blooms for the next season, and in some lucky cases, you can spur a second, fall bloom. You want to take as much as ⅓ of the plant's stems, so you encourage new growth each year. This is the case for all your early summer blooming shrubs and trees, like azalea, forsythia, Japanese kerria, weigela, deutzia, mock orange, St. John's wort, viburnums, and red or yellow dogwoods.
Lilac after blooming
Credit: Amanda Blum
The pruning should extend to your tomatoes, now established in the ground. You’ll want to prune for suckers, depending on what kind of trellis system you have set up. If you’re allowing indeterminate tomatoes to only have one strong “leader” or stem, prune aggressively, but you’ll need tall trellises. Also be sure to cut away any diseased parts of the plant, but remember you only want to touch your tomatoes after the morning dew has dried, and with clean shears. Spray with Lysol or other disinfectant in between plants, so you are not spreading any disease.
Tomato plants growing in trellises.
Credit: Amanda Blum
Once your strawberries are done fruiting, mow them back and mulch them, so they won't continue to spend their energy growing runners, but will focus on root growth for next year.
Fruit-thinning
Fruit drop is when a tree drops fruit it cannot support (left). The remaining fruit, on the right, ripen.
Credit: Amanda Blum
Your pears, apples, stone fruit—like peaches, plums, cherries and nectarines—and even fig trees will have set fruit by now, and also gone through fruit drop, a normal phenomenon where the trees drop what they can’t handle. With the fruit still on the tree, you must decide on quantity or quality. Thinning the fruit on each branch will allow the tree to create larger, tastier fruit. You can also shroud the fruit at this point, covering the fruit with gauze bags, to protect it from invasive bugs or animals. The same is true of grapes. Your vines should be well flushed out at this point, which means you can harvest grape leaves to use fresh or preserve for use later, and then shroud all your growing grape bunches. This will make them much easier to harvest, and also protect them from birds, raccoons, and rats.
Small grape clusters shrouded in gauze bags.
Credit: Amanda Blum
Fertilizing
It’s important to not simply water your vegetables in raised beds, but also feed them. In addition to plant -pecific fertilizer (tomato fertilizer, blueberry and azalea fertilizer, etc.), you should consider a weekly treatment of compost tea. If you don't have a vermicomposter to make your own compost tea with, purchase compost tea bags and make some. Apply the tea with a sprayer folicularly (over the whole plant). Your tomatoes can also benefit from a treatment of Cal-Mag or Rot Stop, which will provide the plant more calcium to help prevent tomato blossom rot on forthcoming fruit. With most asparagus done harvesting by June, apply a nitrogen-heavy fertilizer for next year.
Your lawn should get a low-nitrogen-based fertilizer in June. Your roses should get a phosphorus-based fertilizer treatment after their first bloom, which should be about now. All your trees and shrubs should get a summer fertilizer before July 4. Your garden center can help you find the right fertilizers, since not all plants should get the same one—and fertilizer is heavy, so you'd do well to buy it locally instead of have it shipped to you.
Preventing and eradicating pests
Cabbage moths.
Credit: Amanda Blum
Garden pests are absolute terrorists this time of year. Just this morning I noticed many bean seedlings peeking through the soil had been thwarted by slugs. Sprays won’t be the only solution at this point—you’ll need to manually remove the pests from your plants as well. Aphids may be sprayed off with water, but without a treatment like soapy water or a nearby trap plant like nasturtiums, they’ll be back. If you don’t have nasturtiums nearby, plant them now—the aphids will be more attracted to the nasturtiums and will choose them instead. You just leave the aphid-infested nasturtiums in place. Treatments like Sluggo can help reduce the slug population, but manual extraction is still necessary. Leave shallow lids of beer or yeasty bread starter around as a trap, and collect the slugs that run to it each day.
Each plant in your garden has a number of pests that are trying to feed off of it; a daily walk around your garden will help you notice what might be attacking your plants. Get a butterfly net, and use it to capture and kill the white cabbage moths flitting about the garden.
Dealing with sick plants
Diseased leaves on a cherry tree.
Credit: Amanda Blum
Gardens are highly susceptible to virus and fungus; one of the best ways to prevent them is to water at the root of plants, rather than overhead, which splashes onto the ground, causing water to spray back up onto plants. As you see blight or mosaic virus in your garden, you must cut it out quickly, dispose of those plants in the trash (not compost), and be sure you wash your hands and tools before moving onto the next plant. If you see powdery mildew on your plants, you can treat it with a diluted vinegar spray. Now is when you might catch sign of infections like leaf curl on your stone fruit trees, which can be treated if caught quite early with copper foliar sprays. Fungicides can go a long way to helping prevent problems like black spot on roses. You want to be very judicious when using fungicides and copper sprays: These are mostly preventative treatments, not reactive. If you’re questioning what you see in your garden, take a picture and head to the garden center.
What to plant
The summer vegetables should all be in the ground by the end of June. Your tomatoes, eggplants, peppers, and tomatillos need to be planted in early June, and if the weather hasn’t met planting conditions yet, you need to consider putting mitigations like Agribon in place and planting anyway. The Agribon tenting will create the warm conditions you need, and you can remove it when temperatures get warm enough on their own.
Beans, cucumbers, corn, edamame, eggplants, melons, okra, summer squash, and sweet potatoes should get planted this month. If it’s early enough, they can still be direct seeded, but by mid-June, you should plant starts instead.
Sweet peas.
Credit: Amanda Blum
You can still plant almost all your summer annual flowers, including zinnias, cosmos, sunflowers, salvia, and celosia from seed or as starts. Planting them in waves ensures multiple successions of flowers later in the season. Remember when planting these flowers to check seed labels for heights, so you can vary them.
Now that your spring flowers are wilting, deadhead them appropriately. Your tulips need to have just the heads cut off, but no lower—remember they need leaves to mulch in place to return next year. Iris stems may be cut to the ground, but in a chevron, to ensure good growth next year. If you commit to religious harvesting of your sweet peas, you can make them last well into the summer. Each day, cut fresh blooms at the base of the stem, and you'll notice that the stems get shorter and shorter. Once the sweet peas go to seed and produce pods, it's time to pull the flowers out of the ground and plant something else. Deadheading your snapdragons will encourage the plants to branch, creating more blooms, but as soon as the snaps go to seed (the flowers will look like skulls), they should be cut to the ground, in hopes they might return the next year.
Through June, the best course of action is to take a walk through the garden once a day, even if it’s a quick one. Each morning, I wander the garden, grabbing weeds as I find them. Harvest what you can, take note of action items like pests or pruning, and be sure to take pictures and write in your garden journal. It’s the reason you planted the garden: to enjoy it.
"The Doctor is dead. Long live the Doctor!" writes Space.com. (Spoilers ahead...) "The era of Ncuti Gatwa's Fifteenth Doctor came to a surprise end on Saturday night, as the Time Lord regenerated at the end of "Doctor Who" season 2 finale... [T]he Doctor gradually realises that not everything is back to normal. Poppy, his daughter with Belinda Chandra in the "Wish World" fantasy, has been erased from history, so the Time Lord decides to sacrifice himself by firing a ton of regeneration energy into the time Vortex to "jolt it one degree" — and hopefully bring her back. It goes without saying that his madcap scheme saves Poppy, as we learn that, in this rewritten timeline, the little girl was always the reason Belinda had been desperate to get back home. But arguably the biggest talking point of the episode — and, indeed, the season — is saved until last, as the Doctor regenerates into a very familiar face... Hint: They played the Doctor's companion, Rose Tyler, "alongside Christopher Eccleston's Ninth Doctor and David Tennant's Tenth Doctor during the phenomenally successful first two seasons of the show's 2005 reboot." Showrunner Russell T Davies called it "an honour and a hoot" to welcome back Billie Piper to the TARDIS, "but quite how and why and who is a story yet to be told. After 62 years, the Doctor's adventures are only just beginning!" Although the show's post-regeneration credits have traditionally featured the line "And introducing [insert name] as the Doctor", here it simply says "And introducing Billie Piper". The omission of "as the Doctor" is unlikely to be accidental, suggesting that Davies is playing a very elaborate game with "Who" fandom... Another mystery! The BBC and Disney+ are yet to confirm if and when "Doctor Who" will return for a third season of its current iteration. "There's no decision until after season two..." Davies told Radio Times in April (as spotted by the Independent). "That's when the decision is — and the decision won't even be made by the people we work with at Disney Plus, it'll be made by someone in a big office somewhere. So literally nothing happening, no decision." "For a new series to be ready for 2026, production would need to get under way relatively soon," writes the BBC. "So at the moment a new series or a special starring Billie Piper before 2027 looks unlikely." The Guardian adds: Concerns have been raised about falling viewing figures, which have struggled to rally since Russell T Davies' return in 2023. Two episodes during this series, which aired in May, got less than 3 million viewers — the lowest since the modern era began airing in 2005. The Independent has this statement from Piper: "It's no secret how much I love this show, and I have always said I would love to return to the Whoniverse as I have some of my best memories there, so to be given the opportunity to step back on that Tardis one more time was just something I couldn't refuse, but who, how, why and when, you'll just have to wait and see."
Read more of this story at Slashdot.
To fully adopt Artificial Intelligence (AI) and realize the benefits, agencies and enterprises need to address how they will secure AI models, agents, LLMs, data sources and more. Due to the nascent nature of AI security, enterprise security teams and AI teams need to develop new relationships, procedures, testing methods and skills to address the increasing threats to AI. While there has been much discussion and progress around “responsible AI”, this series of articles will lay out the problem space common to many enterprises and agencies that are delaying the deployment and adoption of AI and give direct guidance on how, at every level, enterprises can unify around Securing AI. These two topics, Secure AI and Responsible AI, are related, but come with very different requirements. This coming together will need to be led between the CIO and CISO to meet mission and business objectives with AI.
Road to Securing AI
It has been nearly a year since my initial article about balancing AI, Copilot and Security to help leaders understand the intersection of this multidiscipline challenge, so I thought this would be the perfect time to bring together the Federal Microsoft Team of experts to address the challenges of deploying secure AI in a four part blog.
- Part 1 - Executive Business Imperative: Overview of business need to proactively assemble teams to address enterprise mission and explanation of common challenges and solutions with respect to the intersection of AI and Security
- Part 2 – Building Joint AI and Security Teams: Building a Common Language between AI and Security; Best Practices for AI Security
- Part 3 – Testing AI for Security Vulnerabilities: Understanding Security Red Teaming Forfor AI Teams and understanding Zero Trust Landscape that AI will need to embrace
- Part 4 – Security for AI Vulnerabilities Detection: Understanding Tools and techniques for Security Teams engaged in validating AI security
Business Imperative
Federal Agencies and every commercial organization are looking for benefits in productivity, customer service, mission agility, supply chain analysis, battlefield insights, security and efficiency. However, security concerns due to the newness of AI have often delayed or stalled the quick adoption of AI throughout these same enterprises. As a business leader, you may hear about the benefits, uses and terminology of AI from AI vendors and experts. As a Security Leader, CISO, you will generally focus on traditional security like endpoints, servers, networks, data and identity. The morphing behavior of AI also presents a type of ever moving target versus a static approach that many Cyber Ops folk are most familiar with.
What neither leader will generally understand is the “seam” between AI and Security and how to address it. AI is all about focusing the organization on the connective tissue and lines of responsibility between the disciplines (Security and AI) to avoid vagueness of where responsibility lies. The seams and connective tissue like many new technologies will be the biggest weakness and vulnerability, so needs the siloed approach will need to be overcome for success.
To understand the threat landscape to AI, we need to look at common threats to AI from all vectors. Additionally, we want to understand where Microsoft is building in security to aid in threat mitigation and alerting.
A quick review of AI threats bubbles up a litany of new and re-purposed traditional terms like prompt injection, crescendo attacks, jailbreaking AI, DAN and more. Generally, this leaves most outside the AI field at a lack of understanding due to the technology specific terminology.
A quick review of Security threats dives deep into terms like red teaming, kill chains, horizontal movement of threat actors, NIST 800-53 and more. Again, this leaves many outside of Security and those specialists in the AI field without an understanding of enterprise security requirements to allow pilots to mature to secure enterprise deployments.
The NIST AI RMF and the NIST AI RMF Generative AI profile are government created, well respected and thought-out frameworks for assessing AI risk, security and more that help organizations on this journey and overcome some of the challenges mentioned above. These frameworks are a great place for any agency to start and align to a best practices approach to identify, measure, mitigate and operationalize AI security; AI Risk Management Framework | NIST and Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile | NIST
Lastly, in this fast, paced innovative space of AI, Microsoft just announced on April 4th the public preview of the AI Red Teaming Agent as an extension to the PyRIT (Python Risk Identification Tool) toolkit that is being used throughout the industry for risk identification and mitigation. This AI Red Teaming Agent is specifically targeted at both content safety and security related risks.
For leaders, it is a business and mission imperative that we lead, support and bring AI personnel and Security personnel together to realize our collective desire to benefit from AI. Like many new technologies that are democratized, a recent survey by Microsoft called the Work Trend Index shows that 70% of employees are using AI that is not provided by IT or the enterprise for work productivity. Users “will find a way” if the enterprise doesn’t provide user productivity tools like CoPilot and other AI services. Thus, it is this imperative and inherent risk that this article will address by establishing a baseline understanding and architecture for AI and Security to foster conversations, actions, deployment, user enablement, and collaboration in the follow-on articles.
Source: 2024 Annual Work Trend Index from Microsoft and LinkedIn
Not all AI Security Needs are the Same
While much of the hype and excitement has been around generative AI, there are many types of AI. Below is a chart of AI models that span from custom built AI to Software-as-a-Service (SaaS) AI. This is an important distinction that the AI and Security Teams will need to understand and develop standards that are appropriate to the type of AI deployment.
If your team is unfamiliar with AI, I would encourage you to start on the right (SaaS) and move toward IaaS “Custom AI,” since the baseline techniques can be leveraged across the spectrum. For example, securing data with Purview, DRM and Information barriers to enable M365 Copilot, would develop the team muscle of data policy that will become critical as you move to develop your own customer AI models and services.
Source: AI shared responsibility model - Microsoft Azure | Microsoft Learn
New, not New
Many of you will remember the early days of software development in the 2000s where organizations struggled to bring together software development and security. Security was often an afterthought and not built-in or was mainly focused on the “castle walls.” Lessons from that early time can be applicable here. In the same way, Secure Development Lifecycle and the newer ISO 27034 created a common approach for development and security, so too can the new initiatives across the industry bring together AI and Security.
To that end, the below diagram will serve as a roadmap for the rest of the article and helps start the understanding of common terminology, threats, language and Zero Trust solutions for cross-discipline coordination and teaming.
Looking at the above diagram through the eyes of a security person, it appears very much like any other application. It has inputs, data, storage, agents/add-ins and in-memory actions based on logic rules.
The AI team can look at the above and get a sense of how the solution can be secured, some of the tools to consider and threats at each exposure point in the AI chain.
ATLAS – A map to Securing AI
The industry seems to be moving in the direction of dual mapping to bring together AI and Security. A great example of this bringing together is a new iteration of the popular security approach of MITRE ATT&CK™ framework into Adversarial ML Threat Matrix was created under the name ATLAS.
The MITRE ATT&CK™ framework is a core methodology for traditional cyber operations to define and organize tactics, techniques and procedures (TTPs). The image below shows how bad actors will attack AI using AI vulnerabilities, Security vulnerabilities or a combination of both AI and Security (IT) Vulnerabilities to exploit AI.
In fact, Microsoft at the onset of our inclusion of GPT-4 inclusion into Bing in 2018 Microsoft stood up a Red Team across AI and Security to address concerns and create a hybrid Red Team that is more than just traditional Security Red Teams.
This internal work contributed to the realization that better AI tools were needed and spurred the creation Azure AI Content Safety which “Prompt Shield” and six other capabilities and threat mitigation approaches.
Zero Trust
Another new, not new approach that can be applied to AI is Zero Trust (ZT). This is working at scale within the US Department of the Navy through an integrated approach that met 151 of the 152 activities (60 of which are ahead of the 2027 deadline).
What is new is that Microsoft has recently updated its Zero Trust defense areas to include AI Cybersecurity and Secure and Govern AI.
Securing AI leveraging Microsoft Zero Trust and Security capabilities
There are many built-in protection rings for AI that address the full Zero Trust defense needs and allow your organization to extend to further AI protections. Many of these protections are out of box or possibly part of your existing M365 E5 or Azure Security investment, but simply need activation or enterprise specific policy configuration.
Below you see the concentric rings of defense that customers may use to protect their enterprises using Zero Trust principles for IT systems like collaboration and devices. This same infrastructure can be leveraged to protect and extend AI’s security.
There are many specific features that can immediately be engaged to protect data against unintentional and intentional (Insider Risk) threat against your AI models using back end data (RAG) to tune the model to the agency or enterprise specific vision for AI:
- Advanced Threat Protection
- Data Loss Prevention (DLP)
- Identity and Access Management (IAM)
- Endpoint Security
- Cloud Security
Advanced Threat Protection
Microsoft’s threat protection that leverages artificial intelligence and machine learning to identify and mitigate potential threats. By continuously monitoring IT and AI systems, these tools can detect unusual activities or patterns that may indicate an attempt to exploit vulnerabilities. Advanced threat protection helps in preemptively addressing security issues, ensuring that AI models are safeguarded against malicious attacks and data breaches.
Data Loss Prevention (DLP)
Data loss prevention (DLP) tools are crucial for safeguarding sensitive information within AI systems. Microsoft Security products provide robust DLP solutions that monitor and control the flow of data, preventing unauthorized access or data leaks. These tools can identify and block sensitive data transfers, ensuring that AI-driven processes remain secure and compliant with data protection regulations.
Identity and Access Management (IAM)
Effective identity and access management (IAM) is essential for protecting AI systems from unauthorized access. Microsoft Security's IAM solutions offer multi-factor authentication (MFA), role-based access control (RBAC), and other mechanisms to ensure that only authorized users can access AI resources. By implementing strong IAM practices, organizations can prevent bad actors from exploiting vulnerabilities through unauthorized access to sensitive AI data and systems.
Endpoint Security
Endpoint security solutions provided by Microsoft Security help protect devices and endpoints that interact with AI systems. These solutions include anti-malware, firewalls, and intrusion detection systems that safeguard against threats originating from compromised endpoints. By securing the devices that access or contribute to AI processes, organizations can mitigate the risk of security vulnerabilities and data leaks caused by endpoint-related attacks.
Cloud Security
As AI systems often rely on cloud infrastructure, securing cloud environments is vital. Microsoft Security products offer comprehensive cloud security solutions that protect AI workloads and data stored in the cloud. These solutions include encryption, access control, and continuous monitoring to detect and respond to security incidents. By securing cloud environments, organizations can ensure that their AI systems are resilient against threats and data breaches.
The above quick overview of the AI landscape, solutions, challenges and products that can assist with securing your enterprise AI solution was meant for you to have a primer on this space. In the follow-on articles we will be going deeper into the what technology, testing and settings that should be configured to support secure AI.
Get Those Teams Going
If your organization is struggling with getting going on AI and addressing Security concerns, we hope the above shows there is a myriad of frameworks, technologies and products that are already available to jump start your teams. If we convinced you at least in principle that Securing AI is maturing to support mission critical usage, we encourage you to engage with your AI Leads and Security Teams to foster a working virtual team. AI is an opportunity to force "bridge building" across the traditional silos of enterprise security and mission/business. Our goal is to help you understand key communication channels, where the lines of responsibility fall, and who own the AI/ML remediation efforts "WHEN”, "NOT IF" the ecosystem is threatened.
The next three articles in this series will address how these teams can quickly come together in a common terminology and effort to secure your AI and realize your organization’s AI goals.
Let’s get going together. Build those teams, share your vision, share this blog with your team to facilitate conversation and give us feedback, so we can help you on this journey in the follow-on technical blogs.
Next Page of Stories