rysiek

@rysiek@szmer.info

This is a remote user, information on this page may be incomplete. View at Source ↗

https://rys.io/

⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

I see your stand from the comment above though, I’m not going to argue that. Peace.

Which is good because calling making a tech product safe “censorship” is a pretty fraught position to defend.
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
So, your strategy here was to purposefully make a convenient strawman ragebait of “we should ban general computing” – something that has exactly zero to do with the blogpost – and then ask a trick question? Clearly you are not here to have a conversation in good faith. Why bother?

But please do elaborate what my “stance on general purpose computing” is? Genuinely curious.

Regarding the question of why LLMs are “somehow a bigger problem”, I never said they are a “bigger problem”. I did not compare them to anything. Comparing LLMs to “general purpose computing” is like comparing hypermarkets to “the market economy” (and just before you go on another red herring quest: I said “market economy” not “capitalism”, that’s a whole different conversation). It makes no sense.

Hypermarkets are one possible artifact of the market economy, and LLMs are one possible artifact of general purpose computing. That does not change the fact that hypermarkets have huge issues attached to them. Just as LLMs have huge issues attached to them.

We can have general purpose computing while recognizing these issues, just as we can have market economy while recognizing issues with hypermarkets. What I wrote about in the blogpost is a particular set of the issues related to LLMs, in the context of a deluge of hype trying to convince us somehow LLMs can break passwords (they can’t), exploit vulnerabilities (they can’t) and autonomously orchestrate cyber-attacks (again, they can’t).

They add a shit-ton of attack surface due to their complexity, and will end up being a larger security problem. Honestly not sure what’s so controversial here?
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
Where, pray tell, was there even a mention of “banning” anything?
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

So I suppose I’m trying to understand what the differences are in how these two types of technology compromise cyber security.

Again, it does not make sense to me to make that kind of comparison.
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Ooof, difficult. Triceratops, I think.
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Ouch!
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

Is the stance here that AI is more dangerous than those because of its black box nature, it’s poor guardrails, the fact that it’s a developing technology, or it’s unfettered access?

All of the above I guess. Although I am not keen on making a comparison to these previous things. I have previously written about how IoT/“Smart” devices are a massive security issue, for example. This is not a competition, the point is not whether or not these tools are worse by some degree from some other problematic technologies, the point is that the AI hype would have you believe they are some end-all demiurgs when the real threat is coming from inside the house.

Also, do you think that the “popularity” of Google Gemini is because people were already indoctrinated into the Assistant ecosystem before it became Gemini, and Google already had a stranglehold on the search market so the integration of Gemini into those services isn’t seen as dangerous because people are already reliant and Google is a known brand rather than a new “startup”.

I don’t know about Gemini’s actual popularity. What I do know is that it is being shoved down people’s throats in every possible way.

My feeling is that a lot of people would prefer to use their tools and devices the way they had before this crap came down the pipeline but they simply don’t know how to turn it off reliably (partially because Google makes it really hard to do so), and so Google gets to make bullish claims on line-going-up as far as “people using Gemini” are concerned.
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
To me it’s a form of automation. I will not use it as I see no use of it in my workflows. I am also keenly aware of the trap of thinking it improves one’s effectiveness when it often very much does the opposite. Not to mention environmental costs etc.

If somebody wants to use these tools for that, whatever, have at it. But it’s pretty difficult to claim one’s an ethical hacker if one uses tools that have serious ethical issues. And genAI has plenty of those. So that’s what I’d bear in mind.
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I am not opposed to machine learning as a technology. I use Firefox’s built-in translation as a way to access information online I otherwise would not be able to access, and I think it’s great that small, local model can provide this kind of functionality.

I am opposed to marketing terms like “AI” – “AI” is a marketing term, there are now toothbrushes with “AI” – and I am opposed to religious pseudo-sciencey bullshit like AGI (here’s Marc Andreessen talking about how “AGI is a search for God”).

I cannot wait for the bubble to burst so that we can start getting the actually interesting tools out of ML-adjacent technologies, instead of the insufferable investor-targeted hype we are getting today. Just as we started getting actually interesting Internet stuff once the Internet bubble popped.
⁨Comment⁩ on ⁨AI will compromise your cybersecurity posture⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Author here, AMA.
AI will compromise your cybersecurity posturerys.io ↗
Submitted ⁨⁨1⁩ ⁨week⁩ ago⁩ to ⁨technology@lemmy.world⁩ | ⁨20⁩ ⁨comments⁩