Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will no longer be optional.
As threatening as malicious LLMs might be, Kang says, “At the moment, this doesn’t unlock new capabilities an expert human couldn’t do. As such, I think it’s important for organizations to apply security best practices to avoid getting hacked, as these AI agents start to be used in more malicious ways.”
So the risk is the llm makes vulnerabilities more accessible to less-expert hackers, and able to be targeted more easily to more victims by more attackers.
Shouldn’t rely on obscurity, but it still reduces the threat. Especially when you’re talking the difference between a few targeted attacks and an imminent worldwide attack.
If every wannabe hacker had the resources of the state sponsored groups (I realise that’s more extreme) a lot of our current and worthwhile security practice would be moot.
Unfortunately, this is why we need Web³ (“NFT-based memberships” and login via crypto wallet) integration, even if it’s incredibly inconvenient to re-learn online transactions and yes, even if “fintech” is a giant financial bubble that will probably burst with horrible economic consequences. Built-in, standardized FOSS encryption is now the only way forward aside from (possibly) PayPal.
What’s worse is that this makes Windows and Mac OS untrustable. Linux fares better but would need to implement best practice as only practice.
Everything will need to be sandboxed like on smartphones now. Thanks a fucking lot, OpenAI.
So the risk is the llm makes vulnerabilities more accessible to less-expert hackers, and able to be targeted more easily to more victims by more attackers.
Security through obscurity is not something that should be relied upon anyway. This just necessitates fixes to be implemented faster.
Shouldn’t rely on obscurity, but it still reduces the threat. Especially when you’re talking the difference between a few targeted attacks and an imminent worldwide attack.
If every wannabe hacker had the resources of the state sponsored groups (I realise that’s more extreme) a lot of our current and worthwhile security practice would be moot.
Unfortunately, this is why we need Web³ (“NFT-based memberships” and login via crypto wallet) integration, even if it’s incredibly inconvenient to re-learn online transactions and yes, even if “fintech” is a giant financial bubble that will probably burst with horrible economic consequences. Built-in, standardized FOSS encryption is now the only way forward aside from (possibly) PayPal.
What’s worse is that this makes Windows and Mac OS untrustable. Linux fares better but would need to implement best practice as only practice.
Everything will need to be sandboxed like on smartphones now. Thanks a fucking lot, OpenAI.