As threatening as malicious LLMs might be, Kang says, “At the moment, this doesn’t unlock new capabilities an expert human couldn’t do. As such, I think it’s important for organizations to apply security best practices to avoid getting hacked, as these AI agents start to be used in more malicious ways.”
milicent_bystandr@lemm.ee
on 19 Apr 12:40
collapse
So the risk is the llm makes vulnerabilities more accessible to less-expert hackers, and able to be targeted more easily to more victims by more attackers.
Security through obscurity is not something that should be relied upon anyway. This just necessitates fixes to be implemented faster.
milicent_bystandr@lemm.ee
on 19 Apr 18:06
collapse
Shouldn’t rely on obscurity, but it still reduces the threat. Especially when you’re talking the difference between a few targeted attacks and an imminent worldwide attack.
If every wannabe hacker had the resources of the state sponsored groups (I realise that’s more extreme) a lot of our current and worthwhile security practice would be moot.
Unfortunately, this is why we need Web³ (“NFT-based memberships” and login via crypto wallet) integration, even if it’s incredibly inconvenient to re-learn online transactions and yes, even if “fintech” is a giant financial bubble that will probably burst with horrible economic consequences. Built-in, standardized FOSS encryption is now the only way forward aside from (possibly) PayPal.
What’s worse is that this makes Windows and Mac OS untrustable. Linux fares better but would need to implement best practice as only practice.
Everything will need to be sandboxed like on smartphones now. Thanks a fucking lot, OpenAI.
threaded - newest
So the risk is the llm makes vulnerabilities more accessible to less-expert hackers, and able to be targeted more easily to more victims by more attackers.
Security through obscurity is not something that should be relied upon anyway. This just necessitates fixes to be implemented faster.
Shouldn’t rely on obscurity, but it still reduces the threat. Especially when you’re talking the difference between a few targeted attacks and an imminent worldwide attack.
If every wannabe hacker had the resources of the state sponsored groups (I realise that’s more extreme) a lot of our current and worthwhile security practice would be moot.
Unfortunately, this is why we need Web³ (“NFT-based memberships” and login via crypto wallet) integration, even if it’s incredibly inconvenient to re-learn online transactions and yes, even if “fintech” is a giant financial bubble that will probably burst with horrible economic consequences. Built-in, standardized FOSS encryption is now the only way forward aside from (possibly) PayPal.
What’s worse is that this makes Windows and Mac OS untrustable. Linux fares better but would need to implement best practice as only practice.
Everything will need to be sandboxed like on smartphones now. Thanks a fucking lot, OpenAI.