The Cyber Why: What We Read This Week...
... and why you should too! (3/24/2023)
Welcome back to this week’s edition of The Cyber Why (TCW). We can't get enough of AI as we continue deep diving into the threat landscape, AI hacks, and even open vs. closed approaches to AI business. Today, Rick brings up the disgusting topic of “3D printed FOOD!” and we make a link between politicians and the WWE’s “ The Hardy Boys.” Indeed, last but not least, we have a healthy debate about the worst actor in Hollywood as the world prepares to consume yet another John Wick movie.
The last thing to mention in this week’s opener is that one of the summaries below was generated 100% using AI. Can you figure out which one it is? Vote on the poll below, and I will let you all know next Friday which summary we still need to lift a finger to create.
OpenAI co-founder on company’s past approach to openly sharing research: ‘We were wrong’ (The Verge)
OpenAI's long-awaited next-generation AI language model, GPT-4, has been launched as a "closed" model, causing disappointment among researchers and experts. Despite sharing benchmark and test results, OpenAI has yet to offer any information on the data used to train the system, its energy costs, or the specific hardware or methods used to create it. Critics argue that this lack of transparency makes it difficult for others to replicate its work and develop safeguards against the potential threats posed by AI systems like GPT-4.
OpenAI has finally embraced its inner Gollum and is keeping its precious AI model to itself. Who needs transparency and collaboration when you can hoard all the knowledge and potentially cause harm with your powerful models? Plus, why bother with pesky safeguards when you can just let your AI run wild and see what happens? It's not like anything could go wrong. 🙄
SVB Collapse Could Trigger More Corporate M&A, Tech Leaders Say (WSJ)
Tech leaders say Silicon Valley Bank's collapse and macroeconomic factors may lead to more technology-focused corporate mergers and acquisitions. This is expected to present opportunities and challenges for CISOs and CIOS as many security products they use could disappear or be acquired. In short, Silicon Valley Bank may be gone, but its impact on the industry will not be forgotten - kind of like the startups it used to fund.
New Incident Response Tool & IAM Guidance (CISA - Rick Pick)
Two quick ones for you. First, CISA and the NSA released "Recommended Best Practices for Administrators: Identity and Access Management." This 26-page pdf gives solid advice to harden and monitor your IAM infrastructure. For some, it won't be groundbreaking, but for many, there are good suggestions you can implement into your programs. Next, CISA released the "Untitled Goose Tool," a python-based hunt and incident response tool for Microsoft environments. Now, if only CISA could develop a tool to help me understand Microsoft licensing and the millondee” Defender products.
Five brutal hours for TikTok: CEO raked over coals amid privacy, security concerns (CyberScoop - Rick Pick)
Congress called TikTok CEO Shou Zi Chew to speak on Thursday in front of the House Energy and Commerce Committee. The *riveting* hearing had your traditional political grandstanding, but hell apparently froze over as this issue continues to have strong bipartisanship support. Democrats and Republicans took their time tag teaming like The Hardy Boyz on data privacy risks, risks to children, ByteDance's links to the Chinese Communist Party, and Chinese political influence risks. Shou Zi Chew said little to ease their concerns. My favorite moment of the hearing was when Congressman Russ Fulcher said, "artificial intelligence is difficult to manage once it is on auto cruise control." With the way he said it, it wasn’t a complete “the Internet is a series of tubes” moment, but it was close. Also, he’s not wrong.
Congress members coming out to question TikTok’s CEO
Facebook accounts hijacked by new malicious ChatGPT Chrome extension (Bleeping Computer - Rick Pick )
OpenAI rolled out support for 3rd party ChatGPT plugins this past Thursday. Within days, threat actors had uploaded a malicious ChatGPT extension into the Chrome Web Store, impacting 9,000 people. This fraud wasn't related to the AI models themselves; instead, it capitalized on the interest in ChatGPT to steal cookies. Like browser extensions and WordPress plugins, these new ChatGPT plugins are attack surface we need to consider. From a pure hacking perspective, it’s exciting to see what techniques people use to bend AI to their will. Although, from a Skynet perspective, we might be bending the knee to some Cyberdyne Systems T-800s. I'm convinced John Wick can take down any Terminator though. Fight me.
Tyler, the Editor’s note: John Wick, the character, is amazing and, Keanu (Canoe) is still the worst actor in Hollywood. FIGHT ME!
PitchBook’s new tool uses AI to predict which startups will successfully exit (TechCrunch)
Oh, if only it were this easy. Pitchbook has just launched a new product called VC Exit Predictor. It's an AI-backed system trained on Pitchbook's historical data set in an attempt to predict the chances that a company will go public, be acquired, or never exit due to becoming a lifestyle business or going bankrupt. The current accuracy is 74%; however, given the advances in AI, I expect this to increase quickly, drastically changing how VCs and other investors choose where to allocate capital.
How Old Are Successful Tech Entrepreneurs? (Kellogg Insight)
A rather lengthy study focused on this exact question yielded some surprising results. You have a much better chance of creating a runaway startup success when you are 45 than when you are 25. There’s always so much talk about the young tech college dropout that goes and starts the next hot thing when, in reality, older people like me are a much better bet to be successful. I want you to picture me when you watch this gif…
Response Shaping: How to Move from AI "Prompts" to AI Whispering (Daniel Miessler)
I can’t seem to get enough of the AI content lately. In this piece, Unsupervised Learning founder Daniel Miessler again drops a knowledge bomb. This time he outlines how to move past AI prompts and become an AI whisperer using something called “response shaping.” I used Daniel’s techniques and whispered the following shapes to our robot friends: “Make a joke about Daniel Miessler summarizing this article in the voice of Chris Rock”… I don’t think it came out half bad.
"I was reading this article by Daniel Miessler on how to talk to AI, and I was like, 'Damn, Daniel! You really think you can control them robots? You must be the AI whisperer or something!' I mean, this guy's telling the AI who to pretend to be, what format to use, how to behave, what steps to take... Shit, if he could do that with people, he'd be president by now! But seriously, Daniel, good luck with that. I'm gonna stick to talking to Siri like she's my ex-girlfriend: 'Hey Siri, can you find me a new girl?'"
Have your cake and print it: the 3D culinary revolution is coming (The Guardian - Rick Pick)
So software really is eating the world. Columbia University researchers wanted to demonstrate the potential for 3D printing food. It took the team seven attempts, but they successfully printed a "cheesecake." I use the quotes because it’s not something you would order at The Cheesecake Factory (ICK). One of the engineers said, "We can print chicken, beef, vegetables, and cheese. Anything that can be turned into a paste, liquid, or powder." There are exciting applications. I could see Matt Damon-esque astronauts sciencing the shit out of crucial ingredients on Mars and printing their food. YUM! The researchers even shared the cheesecake's digital recipe on GitHub. Can you imagine how Ralph Fiennes' character in The Menu, Chef Slowik, would react to 3D-printed s'mores?
A Journalist Believes He Was Banned From Midjourney After His AI Images Of Donald Trump Getting Arrested Went Viral (Yahoo News)
Journalist Eliot Higgins spent a bit of time making some fun, deep fakes of Trump getting arrested, and the results were absolutely hilarious. For his efforts, he was banned from the AI image generator Midjourney - OOOPS! For a great laugh, go to this Twitter feed and scroll!
If you’ve made it this far, you either found our musings at least semi-entertaining, OR you enjoyed the pain and kept going regardless. No matter how you made it to this point, you should know that we appreciate you. Please do us a solid and share The Cyber Why with your friends. We would love to reach a bigger audience, and referrals are how we do it. Help us out, and we’ll see you next week!