Usman just joined AI for Life, and he brings a perspective most of us don't have on the daily. By day, he runs an automobile dealership in India. By night, he's deep in AI automation, building workflows and stress-testing what these tools can actually do inside a working business. His bio says it best: progress 63%, enthusiasm 121%. That ratio tells you everything. He's also a long-time contributor and moderator inside AIS+, where he's earned a reputation for stepping in on the tough technical questions and helping members work through them. If you've been stuck on something in that community, chances are Usman has helped someone through it. Outside of AI for Life, he co-hosts AIS+ Chill and Chaos with @Nick Mohler every Saturday. One of my favorite shows to listen to and jump into. Three hours of real AI conversation, no filler. Welcome, @Usman Mohammed . Glad to have you here. Drop a comment, and if you can tell us what you're building or testing.

Security Now! #1078 — Key Points ================================= FCC ROUTER WAIVER EXTENDED TO 2029 Reversal of earlier policy that would have blocked firmware updates for foreign-made routers after March 2027. Already-authorized devices can now receive security/firmware updates through Jan 1, 2029. Steve's view: the restriction never made sense — if you don't trust the manufacturer, a one-year window doesn't help; if you do, no restriction is needed. Netgear separately got a full conditional pass. 21-YEAR-OLD FREEBSD RCE FOUND BY AI (CVE-2026-42511) AISLE's AI source-analysis pipeline found a wormable remote command execution flaw in dhclient, imported from OpenBSD in FreeBSD 6.0 (2005). Malicious DHCP reply -> root on any FreeBSD machine joining the network (laptops at coffee shops, PlayStation, etc.). AISLE took a swipe at Anthropic's Mythos hype ("not model mythology"). LET'S ENCRYPT BRIEF OUTAGE Gen Y (YE/YR) cross-certified intermediates were issued without the required serverAuth EKU extension (mandatory for CCADB since June 2025). They voluntarily halted issuance, fixed config, resumed. Textbook CA behavior. MALICIOUS AI MODELS — SUPPLY CHAIN COMPROMISE AT SCALE HuggingFace: ~352,000 unsafe issues across 51,700 models. "nullifAI" technique abuses pickle deserialization + 7z compression to bypass scanners. ClawHub (OpenClaw skill registry): 341 malicious skills out of 2,857, 335 from one coordinated "ClawHavoc" campaign. Snyk found ~36% of skills have security flaws. Related recent compromises: - LiteLLM (PyPI, ~500K creds exposed) - Bitwarden CLI on npm (90 min, targeted Claude Code/Cursor/Codex/Aider) - PyTorch Lightning (42 min) Core issue: AI models execute on load, consumers are automated agents, attack windows measured in minutes. CISA 2015 REAUTHORIZATION ON TRACK Long-term renewal expected before September expiration. Restores liability shield for private-sector threat-intel sharing. EDGE STORES ALL SAVED PASSWORDS IN CLEARTEXT IN RAM

One of the things I’ve learned over the last year is that identifying AI opportunities is only the beginning. Recently, I secured a multi-month engagement with an enterprise client that is moving beyond the original AI Opportunity Mapping phase and into something equally important: AI Readiness Evaluation. In other words: “Are we actually ready to implement this opportunity successfully?” Because the reality is, a good AI idea does not automatically translate into a successful AI project. Before moving forward, we’re reviewing a set of high-level readiness criteria. If the conditions are there, we move. If not, we focus on preparing the environment first. Some of the key checkpoints include: - Clear and measurable ROI - Available and reliable data feeds, integrations, and system access - Existing process documentation and workflow maps - Existing training documents and operational knowledge capture - Real operational context: call recordings emails text conversations support interactions - Security, governance, and protocol requirements - Workforce readiness and adoption potential - Executive sponsor approval - Stakeholder alignment and buy-in - Willingness to redefine the role of humans in an AI-agent-supported workforce That last point is becoming increasingly important. AI readiness is not just technical readiness. It is also organizational readiness. Many organizations are still evaluating AI through the lens of traditional software implementation, when in reality AI often changes the structure of work itself. In many future-state environments, humans may spend less time manually executing repetitive tasks and more time: - supervising AI-supported workflows - managing exceptions - validating outputs - training systems - refining processes - handling edge cases and decision-making Most enterprise AI projects do not fail because the model is bad. They fail because the organization is not ready to support implementation at scale.