Topic

Privacy & Data Hygiene

Know what tools remember, what not to upload, and how to handle work data responsibly.

16 stories (7 articles · 9 videos)

Start here

A few good first pieces before you browse the full feed.

More in this topic

20 minutes
Video

Permissions & Access Control for RAG - a Deep Dive Tutorial

Paragon. Walks through the production RAG permission problem and compares tool-calling, namespaces, ACL tables and relationship-based permissions. That directly supports the article's core rule: retrieval must only return sources the current user is allowed to see, and source-system permissions cannot be treated as an afterthought.
Advanced
10 min read
Article

Company knowledge RAG: permissions, leakage, and source boundaries

A company knowledge assistant is only safe if retrieval respects permissions. How to design RAG source boundaries, ACL filtering, document ownership, logging, stale-source handling, and refusal behavior.

Design a company knowledge RAG with permission-aware retrieval, source ownership, leakage controls, and refusal behavior.

Advanced
9 min read
Article

EU AI Act for SMEs: a practical governance plan

The EU AI Act is not just a legal problem for large vendors. A practical SME plan for inventory, risk classification, human oversight, transparency, vendor records, and rollout discipline.

Create a practical AI governance baseline for an SME using AI tools, automations, or customer-facing systems in the EU.

Advanced
10 min read
Article

Local AI on your Mac: Ollama, LM Studio, and what 7B models can really do

Running AI locally has matured. With Ollama or LM Studio and a modern Mac, you can run capable models offline, free, and private. What works, what doesn't, and the use cases that actually benefit.

Evaluate the implementation pattern, failure modes, and guardrails before building.

Intermediate
6 min read
Article

Sharing images with AI: what you can (and shouldn't) upload

Modern AI can read photos, charts, screenshots, and handwriting almost as easily as text. A practical guide to what works, what doesn't, and the thirty-second privacy checklist before you upload anything.

Understand the idea well enough to try it safely in a low-risk setting.

New to AI
6 minutes
Video

LM Studio Tutorial: Run Large Language Models (LLM) on Your Laptop

Kevin Stratvert. Same workflow as Ollama but in a GUI: download LM Studio, pull a Llama or Gemma model, chat, drop a PDF in and ask questions about it. Good for readers who'd rather not live in the terminal — also useful for getting a feel for how a 1B–3B model actually performs against a heavier one.
Intermediate
14 minutes
Video

Learn Ollama in 15 Minutes - Run LLM Models Locally for FREE

Tech With Tim. A tight, no-nonsense Ollama walkthrough — install, pull a model, chat, then poke at the local HTTP API from Python and create a custom model with a Modelfile. Covers exactly the workflow the article describes for daily use on a Mac, including how to think about model size vs. your machine's RAM.
Intermediate
25 minutes
Video

OWASP's Top 10 Ways to Attack LLMs: AI Vulnerabilities Exposed

IBM Technology. Zooms out from prompt injection to the wider OWASP Top 10 for LLMs — insecure output handling, sensitive information disclosure, excessive agency — which is exactly the failure-mode catalogue you want in mind before you grant Gmail or HubSpot scopes to anything.
Intermediate
11 minutes
Video

What Is a Prompt Injection Attack?

IBM Technology. Jeff Crume's "buy an SUV for $1" example is the cleanest 10-minute explanation of why direct and indirect prompt injection are different problems, and why filtering can't fully solve either. It pairs directly with the article's argument that you need least-privilege scopes, a dedicated agent account, and a human in the loop on anything irreversible — not a cleverer system prompt.
Intermediate
11 minutes
Video

What is Shadow AI? The Dark Horse of Cybersecurity Threats

IBM Technology. Sits below our usual 100K bar but earns the slot because it's the single best short explanation of why an employee using a personal ChatGPT account on work problems is the actual risk most companies face. Crume's "don't say no, say how" framing is the same posture the article takes — you're not trying to ban AI, you're trying to make safe use the easy default.
Beginner
13 minutes
Video

How to Secure AI Business Models

IBM Technology. Jeff Crume's lightboard explainer of the three places generative AI introduces risk — the data, the model, and the usage — and what good controls look like for each. Useful for the article's argument that "be careful" isn't enough; you need to think about which category of risk you're actually exposed to as an employee.
Beginner
93 minutes
Video

Sam Altman | This Past Weekend w/ Theo Von #599

Theo Von. The section roughly twelve minutes in, where Altman admits there is no legal privilege for ChatGPT conversations and that OpenAI can be ordered to hand them over in a lawsuit, is the single most-quoted piece of footage on this topic — and worth hearing in his own voice rather than via a news clip. The rest of the conversation is wide-ranging, but that one exchange is the honest answer to the question the article asks: "what does the company actually do with what I type?"
New to AI
4 minutes
Video

Live demo of GPT-4o vision capabilities

OpenAI. Four minutes of someone holding up a handwritten linear equation to the camera and ChatGPT tutoring them through it without giving the answer. It is the clearest, shortest demo of "the model can actually see what I'm showing it" and frames the use cases the article recommends — handwritten notes, simple math, captured documents — better than any walkthrough we found.
New to AI