• higgsboson@dubvee.org
    link
    fedilink
    English
    arrow-up
    12
    ·
    7 months ago

    As threatening as malicious LLMs might be, Kang says, “At the moment, this doesn’t unlock new capabilities an expert human couldn’t do. As such, I think it’s important for organizations to apply security best practices to avoid getting hacked, as these AI agents start to be used in more malicious ways.”

    • milicent_bystandr@lemm.ee
      link
      fedilink
      English
      arrow-up
      18
      ·
      7 months ago

      So the risk is the llm makes vulnerabilities more accessible to less-expert hackers, and able to be targeted more easily to more victims by more attackers.

      • Player2@lemm.ee
        link
        fedilink
        English
        arrow-up
        8
        ·
        7 months ago

        Security through obscurity is not something that should be relied upon anyway. This just necessitates fixes to be implemented faster.

        • milicent_bystandr@lemm.ee
          link
          fedilink
          English
          arrow-up
          7
          ·
          7 months ago

          Shouldn’t rely on obscurity, but it still reduces the threat. Especially when you’re talking the difference between a few targeted attacks and an imminent worldwide attack.

          If every wannabe hacker had the resources of the state sponsored groups (I realise that’s more extreme) a lot of our current and worthwhile security practice would be moot.

          • Gadg8eer@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            edit-2
            7 months ago

            Unfortunately, this is why we need Web³ (“NFT-based memberships” and login via crypto wallet) integration, even if it’s incredibly inconvenient to re-learn online transactions and yes, even if “fintech” is a giant financial bubble that will probably burst with horrible economic consequences. Built-in, standardized FOSS encryption is now the only way forward aside from (possibly) PayPal.

            What’s worse is that this makes Windows and Mac OS untrustable. Linux fares better but would need to implement best practice as only practice.

            Everything will need to be sandboxed like on smartphones now. Thanks a fucking lot, OpenAI.