Displaying items by tag: chatgpt

As we head into Hacker Summer Camp in Las Vegas, the emails are already flowing freely into my inbox. Some of them are the regular players that I see every year and others are new. Still more are people that I hear from each year but with new faces to talk to. This is part of what I love about going out to Black Hat, talking new people, talking to well known people in the industry and then getting an understanding of what everyone thinks is the “big thing” for cybersecurity. This year, by far, it is AI and automation.

Wait, another danger of AI article? Yes, another one. Since far too many people and companies are ok with ignoring the dangers simply for the sake of the next big shiny thing, we thought we would at least be part of the awareness of it. I might also say “I told you so” when things do start to go sideways… ok I would not be that much of a jackass, but I do think that making sure to point out issues with new technology while others seem ok with glossing them over is a good idea.

After learning that there were malicious ads containing links to ChatGPT apps (for Windows), Apple launched a legitimate app for IOS. The app brings the very popular LLM to Apple users at a time when some are becoming more hesitant about its use. It has not been that long since Samsung accidentally leaked confidential information via the platform. This prompted both Microsoft (a heavy investor) and OpenAI themselves to start work on private environments where data put into the model is not used to train it.

It was only a matter of time before something like this happened. As services like ChatGPT, Midjourney, Bard and other “AI” platform we viral, threat actors were bound to start trying to get in on the action. ChatGPT and Midjourney were easy targets for this as neither has a standalone app yet. To use them you have to get to their online presence; ChatGPT’s website or Midjourney’s Discord. This gap allowed the threat group known as BatLoader to start impersonating both of them via cleverly crafted Google search ads.

There is a quote from the movie “The Matrix” that has always stuck with me. It was a scene where Morpheus (Lawrence Fishburne) is explaining to Neo (Keanu Reeves) the state of the real world and the history that allowed it to get there. The line is “We marveled at our own magnificence as we gave birth to AI.” There is another important line from the HBO series “From the Earth to the Moon. This line take place when Frank Borman (David Andrews) was asked what caused the Apollo One fire, he replied “A failure of imagination.” These two lines compete for how I view the state of AI development. As we marvel at our own magnificence, we should not stop thinking about the potential risks involved as we push to advance AI. Yet that seems to be what is happening.

A recent incident where ChatGPT users at Samsung unknowingly exposed sensitive data via ChatGPT has raised concerns in multiple industries. The banking and finance industry saw several companies put a stop on the use of ChatGPT and certain regulators began investigating how its use could leak PII, or other financial information. To combat this new obstacle to business adoption, Microsoft is looking to offer a private business model which would exclude user input from being used to train the LLM.

If you are a fan of science fiction movies, then you have probably seen multiple movies where an AI (Artificial Intelligence) has gone mad and decided that humankind needed to be eradicated. Everything from the Terminator series, through to the Matrix warns us of the dangers of creating something that is smarter and more powerful than ourselves. Of course, these are works of fiction, but they do represent an understanding of humankind’s hubris when it comes to creating artificial intelligence.