"AI is giving attackers a huge advantage!"
-
"AI is giving attackers a huge advantage!"
"Yes, it is. It's amazing how quickly it has destroyed dev, sec, ops, management, company missions and priorities, regulations, information literacy, and civil society, making everyone more vulnerable."
@cR0w permission to pop this up on LinkedIn?
-
@cR0w Yeah but it will protect the children…
@lycanoid I wish I could tell if you were being genuine or sarcastic, but this is the Internet so... help me out please.
-
@cR0w permission to pop this up on LinkedIn?
@neurovagrant Hell yeah. Rile some bros up.
-
@cR0w @jackryder I would go a lot further than that. LLMs are a "tool" in the same sense as chainsawing off your own leg is a "tool."
Except chainsawing off your leg does a shitload less damage.This isn't lead in the paint where it's safe till the paint starts failing. This is Bhopal including the UCAR response.
-
@jackryder Or PFAS in flame retardant, cooking pans, rain gear, etc. Or methanol in moonshine.
@cR0w I got this great idea, right?
So you know the game darts? You throw a sharp pointy metal spike at a wall... right?What if... get this... instead of a tiny little bitch spike, we go full 9inches? Have kids throw them just straight in the air... see what happens.
What'cha think?
-
@cR0w I got this great idea, right?
So you know the game darts? You throw a sharp pointy metal spike at a wall... right?What if... get this... instead of a tiny little bitch spike, we go full 9inches? Have kids throw them just straight in the air... see what happens.
What'cha think?
@jackryder Sounds like good, wholesome fun to me. I'm in. But only if there's lots of booze and / or weed to make it more interesting.
-
@jackryder Sounds like good, wholesome fun to me. I'm in. But only if there's lots of booze and / or weed to make it more interesting.
@cR0w Well hell yeah! What else are we gonna do at the lake? Too rowdy with the bonfire and beer keg to really fish anyway!
-
@cR0w Yeah, that's a much better description.
Lead in the paint, asbestos in brake pads...is such a good description. That's exactly right.
So many people thought that stuff was so innocent.
@jackryder @cR0w the worst part there is that you're being unfair to lead and asbestos. Those work. They put lead in paint because it is a fantastic white pigment. Asbestos is virtually fire proof.
-
@jackryder It's not even a tool though. It's more of a component. Like asbestos in brake pads. Or lead in paint. They made people feel like they were improving the product while in reality they were killing the customers and the environment.
@cR0w @jackryder Asbestos in brake pads and lead in paint did improve the product though. If they weren't so horriffic to human health, we would still be using them. Conversely, I've yet to see an instance where AI has actually improved anything. At best it lets people who are mediocre at their jobs output a higher quantity of mediocre work.
-
@cR0w @jackryder Asbestos in brake pads and lead in paint did improve the product though. If they weren't so horriffic to human health, we would still be using them. Conversely, I've yet to see an instance where AI has actually improved anything. At best it lets people who are mediocre at their jobs output a higher quantity of mediocre work.
@Mustardfacial @jackryder That's completely fair.
At best it lets people who are mediocre at their jobs output a higher quantity of mediocre work.
But that is the "benefit" as seen by so so many people.
-
@cR0w @jackryder Asbestos in brake pads and lead in paint did improve the product though. If they weren't so horriffic to human health, we would still be using them. Conversely, I've yet to see an instance where AI has actually improved anything. At best it lets people who are mediocre at their jobs output a higher quantity of mediocre work.
@Mustardfacial @cR0w @jackryder exactly this. And they also were not DIRECTLY harmful. Asbestos wrapped around pipes is totally safe, UNTIL you disturb it or it starts breaking up into fibers. Lead paint is safe as long as it isn't crumbling because the lead content is fully contained.
Slop is immediately harmful for no benefit. There is no safe state. It only APPEARS to increase mediocre output when in fact it only increases DEFECTIVE output.
-
"AI is giving attackers a huge advantage!"
"Yes, it is. It's amazing how quickly it has destroyed dev, sec, ops, management, company missions and priorities, regulations, information literacy, and civil society, making everyone more vulnerable."
@cR0w
It briefly amazed me, now it just dismays me. I work for the government. Almost all our management and about half the devs are all-in for AI. I'm older and more sceptical. I've seen a few silver bullets fly by in the past, and I don't have much desire to rearrange my job to prompting, reviewing, and hoping the AI code turns out okay. I should be able to hold out until retirement, but younger folks don't have that luxury. -
"AI is giving attackers a huge advantage!"
"Yes, it is. It's amazing how quickly it has destroyed dev, sec, ops, management, company missions and priorities, regulations, information literacy, and civil society, making everyone more vulnerable."
@cR0w Until recently I worked somewhere that was pressuring developers into using the AI tools it was paying for.
One feature of working for that company was its "security" - pretty well anything you tried to do ran into some roadblock or other because "security".
So I asked the AI: "How do I get round this 'security' feature?"
And instead of reporting me to security it actually gave me an answer. Which, in the nature of code generated by AI, didn't actually work, but it gave me a clue as to how to come up with something that did.
-
@Mustardfacial @jackryder That's completely fair.
At best it lets people who are mediocre at their jobs output a higher quantity of mediocre work.
But that is the "benefit" as seen by so so many people.
@cR0w @Mustardfacial Yup
and it gives them the justification they need. -
@Mustardfacial @cR0w @jackryder exactly this. And they also were not DIRECTLY harmful. Asbestos wrapped around pipes is totally safe, UNTIL you disturb it or it starts breaking up into fibers. Lead paint is safe as long as it isn't crumbling because the lead content is fully contained.
Slop is immediately harmful for no benefit. There is no safe state. It only APPEARS to increase mediocre output when in fact it only increases DEFECTIVE output.
@rootwyrm @cR0w @jackryder Asbestos was directly harmful to the people producing the sheets that you wrapped around pipes, lead in the paint was directly harmful to the people producing the paint. It was awful to the factory workers themselves more than to the average consumer.
-
@Mustardfacial @jackryder That's completely fair.
At best it lets people who are mediocre at their jobs output a higher quantity of mediocre work.
But that is the "benefit" as seen by so so many people.
@cR0w @jackryder
But that is the "benefit" as seen by so so many people.This is unfortunately the truth.
-
@rootwyrm @cR0w @jackryder Asbestos was directly harmful to the people producing the sheets that you wrapped around pipes, lead in the paint was directly harmful to the people producing the paint. It was awful to the factory workers themselves more than to the average consumer.
-
@rootwyrm @cR0w @jackryder God dammit. This is the worst fucking timeline.
-
@cR0w @jackryder Asbestos in brake pads and lead in paint did improve the product though. If they weren't so horriffic to human health, we would still be using them. Conversely, I've yet to see an instance where AI has actually improved anything. At best it lets people who are mediocre at their jobs output a higher quantity of mediocre work.
I'm extremely good at what I do - belonging to that mythical home computer generation that started programming in ASM and never stopped learning how _everything_ works. To no one's surprise I'm thus working in cybersec today, partly as an ethical hacker focusing on hw/fw exploits at the really tricky low level stuff.
A few days ago I tested, for fun, having Mistral AI's Devstral-2 model do an analysis of a firmware dump of an eMMC I had just extracted from a fully proprietary ARM-based IoT device.
In a minute or so it had made the same conclusions as I would myself, nicely documented, on not just standard partitions and what they contained but also the fully custom stuff with no standard markers at all - including making "educated guesses" at the likely boundaries between headers and data, and what the data could be based on number of bits/bytes and entropy.
The question is whether you will now consider me to be mediocre.
-
I'm extremely good at what I do - belonging to that mythical home computer generation that started programming in ASM and never stopped learning how _everything_ works. To no one's surprise I'm thus working in cybersec today, partly as an ethical hacker focusing on hw/fw exploits at the really tricky low level stuff.
A few days ago I tested, for fun, having Mistral AI's Devstral-2 model do an analysis of a firmware dump of an eMMC I had just extracted from a fully proprietary ARM-based IoT device.
In a minute or so it had made the same conclusions as I would myself, nicely documented, on not just standard partitions and what they contained but also the fully custom stuff with no standard markers at all - including making "educated guesses" at the likely boundaries between headers and data, and what the data could be based on number of bits/bytes and entropy.
The question is whether you will now consider me to be mediocre.
@troed @cR0w @jackryder No, you're looking for a fight.
What's that thing Socrates said? "I may be the smartest man alive because I know I don't know anything at all"Be humble bro.
