Ha ha ha ha ha!
Oh wait, you’re serious. Let me laugh even harder.
HA HA HA HA HA!
But it’s true. Security teams will be pointless once things become completely unsecurable.
Ex-CISA head.
Thankfully.
The current administration believes the same stuff. She left with the admin change yet agrees with things like the current admin’s approach to AI regulation.
I wonder why they don’t work there anymore…
Replaced by AI, ironically.
Because the inept AI is surprisingly less inept than this moron.
Genius strategy:
- Replace Juniors
- Old nerds knowing stuff die out
- Now nobody knows anything about programming and security
- Everything’s now a battle between LLMs
I’ve already had to reverse engineer shitty old spaghetti code written by people who didn’t know what they were doing, so I could fix obscure bugs.
I can wait until I have to do the same thing for AI generated code.
This is a generalized problem. It’s not only programming. The world faces a critical collapse of expertise if we defer to AI.
If it’s good enough for COBOL…
I’ve already had to reverse engineer shitty old spaghetti code written by people who didn’t know what they were doing, so I could fix obscure bugs.
I can wait until I have to do the same thing for AI generated code.
Just apply for any top company, especially Shit Valley. They’ll 100% use GenML.
Not with any of the current models, none of them are concerned with security or scaling.
Is that why she’s Ex-CISA? 🤣
couldn’t ai, then also, break code faster than we could fix it ?
AI WRITES broken code. Exploiting is is even easier.
How do you exploit that which is too broken to run?
Self-exploiting code.
AI should start breaking code much sooner than it can start fixing it.
Maybe breaking isn’t even far, because the AI can be wrong 90% of the time and still be successful.
A few years back someone made virus that connected to an llm server and kept finding ways to infect computers in the simulated network. I think it was kind of successful. Not viable for a virus though, but an interesting idea non the less
I mean, at a high level it is very much the concept of ICE from Gibson et al back in the day.
Intrusion Countermeasures Electronics. The idea that you have code that is constantly changing and updating based upon external stimuli. A particularly talented hacker, or AI, can potentially bypass it but it is a very system/mental intensive process and the stronger the ICE, the stronger the tools need to be.
In the context of AI on both sides? Higher quality models backed by big ass expensive rigs on one side should work for anything short of a state level actor… if your models are good (big ol’ “if” that).
Which then gets into the idea of Black ICE that is actively antagonistic towards those who are detected as attempting to bypass it. In the books it would fry brains. In the modern day it isn’t overly dissimilar from how so many VPN controlled IPs are just outright blocked from services and there is always the risk of getting banned because your wifi coffee maker is part of a botnet.
But it is also not hard to imagine a world where a counter-DDOS or hack is run. Or a message is sent to the guy in the basement of the datacenter to go unplug that rack and provide the contact information of whoever was using it.
In the context of AI on both sides? Higher quality models backed by big ass expensive rigs on one side should work for anything short of a state level actor… if your models are good (big ol’ “if” that).
Turns out Harlan Ellison was a goddamn prophet when he wrote I Have No Mouth And I Must Scream.
I have no clue how you think these two are related in any way, except for the word “AI” occurring in both.
Tbf, every day that goes by is starting to feel more and more like we’re all being being tortured by a psychotic omnipotent AI… With a really boring sense of humor.
It’s like the “bla bla bla, blablabla… therefore God exists”
Except for CEOS it’s “blablablabla, therefore we can fire all our workers”
Same shit different day
Ah yes, I’m sure AI just patched that software so that other AI could use that patched software and make things so much more secure. What a brilliant idea from an Ex-CISA head.
It takes a good person with
a gunAI to stop a bad person witha gunAI.Yeah, good luck with that…
1+1=your mom
I’m not holding out any hope for “good” AI for a very long time…
I don’t think the poster means that, I think they are drawing parallels to the flaws of gun anti-regulation to AI. Both arguments are bad is the point
Perhaps I came on too strong but I took it as just joking around.
But if the argument was to be real, then I note that a gun is actually quite an effective tool to accomplish its purpose, whereas AI is not truly “I”(ntelligent).
If an AI can be used for automatic scalable defense, it can also be used offensively. It’ll just be another digital arms race between blackhats and everyone else.
This is central plot premise of Neuromancer.
Except that most risks are from bad leadership decisions. Exhibit A: patches exist for so many vulnerabilities that remain unpatched because of bad business decisions.
I think in a theoretical sense, she is correct. However, in practice things are much different.
My old job had so many unpatched servers, mostly Linux ones. Because of the general idea that “Linux is safe anyway”. And because of how Windows updates would often break critical infrastructure, so they were staggered and phased.
But we’ve seen plenty of infected Linux packages since, so it’s almost a given there’s huge open holes in that security somewhere.
I’m glad you left that old job. They were just lax and stupid.
No. Her “theory” is full of garbage assumptions.
Easterly said that if cybercrime was a country, it would be the third biggest in the world, just behind the US and China.
Clearly she’s never seen AI code.
Good idea 👍
