NO. 376 | AI transforms security, existential risk, and how to stay in front…


Exploring the intersection of security, technology, and society—and what might be coming next…

Standard Web Edition | April 3, 2023

Happy Monday—I hope you’re doing well!

I find myself disoriented by the pace of the AI innovation right now. I can barely pay attention to anything but AI. I suppose it’s because I believe AI’s acceleration is more important than nearly anything else. And every time I check Twitter I’m hit with another idea, company, or development that would have been the biggest thing in tech just 5 months ago. It’s truly remarkable.

Also, here’s Rick Rubin describing all of our jobs after GPT-5. 🤣

 

NO. 376 | AI transforms security, existential risk, and how to stay in front…

Let’s attack the week.

NO. 376 | AI transforms security, existential risk, and how to stay in front…

📢 Spring/Summer 2023 Sponsorship Window
We are opening the window for new sponsors for Spring/Summer 2023. If you would like to get your company seen by over 55,000 of the best and most influential people in security and tech, you should reach out! CONTACT THE TEAM

In this episode:

🧠 Existential AI Threat: Get up to speed on AI’s impact
🔒 APT43: North Korea’s new cyber threat actor
🛡️ Microsoft’s Security Copilot: AI-powered security app
🔌 Socket AI: Detecting malicious dependencies
🐦 Twitter Internals: Algorithm insights
🤖 Auto-GPT: Making GPT-4 autonomous
🦄 Character.AI: Becoming a unicorn
📉 Zoom Downshifts: AI-powered features
💔 Preference Falsification: Online dating data
📚 Reading Post-AI: Future of books
🕸️ Vampiric Blogging Platforms: Substack’s fate
🔍 Discovery: AI tools, surveillance tech, and more!

MY WORK


import alignment
An idea for how to address the AI Alignment Problem using a coding library. MORE

AI Revolutionizes InfoSec
How I believe AI will specifically affect security programs and security products by adding two primary features we don’t have today. MORE

The Post-AI Software Architecture
Our architecture for what software will look like post-AI/GPT. It’s no longer about hard-coded queries; it’s about state, policy, question, and actions. MORE

SECURITY NEWS


Existential AI Threat
Here are a few sources I highly recommend you consume, sooner rather than later, to get up to speed on the existential threat from AI.

  1. Lex vs. Eliezer: The recent conversation between Lex Fridman and Eleizer Yudkowski on Lex’s podcast. This was Lex at his best, and the result was a look at one very smart man’s frightening belief system about what is about to hit us. Spoiler: he thinks we don’t have long to live. 
  2. Human Compatible: The new (very timely) book by Stuart Russell on the alignment problem and his radical approach to dealing with it. Just finished this, and it’s fantastic.
  3. Life 3.0: Max Tegmark’s stunning book that describes what it might look like when an AGI becomes superhuman. The first chapter is probably the best piece of sci-fi I’ve ever read, if you can even call it that. All of this thinking is why I created the import alignment project.

North Korean APT
Mandiant has found a new North Korean threat actor “supporting the interested of the North Korean regime.” They named the group APT43, and said they do strategic intelligence collection, credential harvesting, and social engineering to support their espionage activities. Typical of North Korean groups, they use cybercrime to fund their higher-importance activities. MORE

Security Copilot
Microsoft is coming in hot to the AI and Security scene, They have a new app called Security Copilot that they think will bring us “the new era of security”. It’s in closed beta so it’s hard to say what all it does, but what’s clear is that it’s an AI Chat interface on top of lots of security functionality. some reported features include:

  • Reverse engineering
  • Responding to incidents
  • Offer guidance and action plans
  • Alert on threats in realtime
  • Anticipate attacker next moves
  • Etc.

Remember, they were using GPT-4 for months inside Bing before it was released. They have a headstart, and they’re using it. Spoiler: this is the interface all security tools will have within 6-18 months. MORE

Socket AI
Socket, which identifies malicious dependencies, can now use ChatGPT to examine npm and PYPI package for security issues. The system looks at injection, credentials, vulnerabilities, backdoors, and even data exfiltration issues. MORE

Twitter Internals
Musk released Twitter’s algorithm to the public last week, and the main takeaway is that likes get the most boost (30x), followed by retweets (20x), and replies mean almost nothing (1x). MORE

Sponsor
 

CrowdSec – The Massively Collaborative Cyber Defense Solution

 
Discover CrowdSec, an open-source and collaborative intrusion detection and prevention solution. Analyze visitor behavior & remediate various attacks such as brute force, scans, scraping, scalping, and more.

Each time an IP is blocked, all community members are informed so they can also block it as well—making the solution not only reactive but also preventive.

Thanks to the collaborative CTI, CrowdSec users experience 90% fewer attacks on their servers. As of today, the tool is being used in 160+ countries, and the community flagged over 2 million malicious IPs.
 

TECHNOLOGY NEWS


⚒️ Auto-GPT — Fully Autonomous GPT-4
This is a project that is attempting to make GPT-4 autonomous, and the author just gave it the ability to write and execute Python code. MORE 

Character.AI Becomes a Unicorn
Character.ai has become a unicorn with a new $150 million raise. It’s interesting because I don’t see a deep moat here. They’re basically a front-end to ChatGPT, but with character skins. It does make it feel more personal and cool to get information from the service, they’re really competing with the digital companion space, since it’s easier to make a digital companion that has access to ChatGPT than it is to make a ChatGPT interface that’s a compelling companion. MORE 

Zoom Downshifts
Zoom, after laying off 15% of its workforce, is introducing AI-powered features to compete with Slack, Google, Microsoft, and Calendly. These features include meeting summaries, email responses, and whiteboard generation, aiming to transform Zoom into an all-in-one workplace tool beyond video conferencing. MORE 

Bloomberg GPT
Bloomberg built its own 50-billion parameter GPT model for finance. They combined their own archive of English financial documents with a public dataset, and trained the new model using a subset of that data. The model was then validated against industry benchmarks and it outperformed existing open models. This building of custom models is the future we’ve been talking about here at UL. MORE 

HUMAN NEWS


Preference Falsification
Online dating data show that people tend to be far more restrictive than they claim in their bios. As a specific example, women who claim height doesn’t matter have a similar height bias to those who demand tall men. TLDR: Some biases are so strong that it really comes down to whether you’re honest about them or not. MORE 

America’s Shape
77% of young Americans are too fat, too mentally ill, or on too many drugs to join the military. MORE 

Procrastination Hack
Andrew Huberman says the way to overcome procrastination is to do something more unpleasant than the thing you’re procrastinating first. MORE

IDEAS & ANALYSIS


Reading Post-AI 
As soon as a book drops we’ll be able to explore it using your personal digital assistant. You’ll be able to ask for a 1-sentence summary. Or to give you a summary in 10 bullets. Or extract the main points and give you counter-arguments. So who will read the full book anymore? I know I will, but probably not for as many books as I do now. MORE 

NOTES


Vampiric Blogging Platforms
My Spidey Sense is telling me that Substack has peaked, and that it’ll start heading towards a Medium-like fate from here. The question is—when will we learn that these types of platform, where everyone’s content looks the same, and where it’s hosted on someone else’s domain, are not good for the creator?  To be fair, it’s a great way to go from 0 to something, and that’s the trap. But for anyone who actually gets going and gets some traction, leave as soon as possible and do your own thing. 

DISCOVERY


⚒️ gamma.app — Tell a GPT what you want in a slide deck, and it’ll make the slides. MORE

⚒️ e2b — A GPT-powered IDE that creates UI for you. You describe forms, and they show up. MORE

The Posthumous Specification — A way to control how people speak on your behalf after you’re gone. MORE 

Dubai is going all-in on AI-powered surveillance tech. MORE

Someone asked ChatGPT (with browsing enabled) to find him some money, and within a minute it had $210 dollars in the mail to him from California. MORE

I don’t often include dog/cat videos here, but this one fits with UL because of the amount of love evident in the dog’s face. MORE

How not to design a volume control interface. Hilarious. MORE

He who submits a resume has already lost. MORE

No dates, no sex, no weddings, no kids. MORE

RECOMMENDATION OF THE WEEK


Add ChatGPT to Your Mac
I have been seriously enjoying MacGPT, a clean little utility for calling GPT for simple queries on the Mac. I have the global option set to cmd-G, and it pops up this interface. Not well-suited for advanced prompt work, but wonderful for quick questions and responses. Highly recommended. SCREENSHOT

Add Interactivity to Your Prompts
Tired: You’re a professional trip planner specializing in the London area. Make me the ultimate vacation for a 10 day work/pleasure trip with a focus on museums and bookshops. Wired: You’re a professional trip planner specializing in the London area. I love bookshops and museums and I’m looking for the ultimate 10-day work pleasure trip in the city. Ask me anything you need to know to plan the best possible trip.

 
APHORISM OF THE WEEK


“The future belongs to the curious. The ones who are not afraid to try it, explore it, poke at it, question it, and turn it inside out.”

Anonymous





Source link