Yes, “AI” will compromise your information security posture. No, not through some mythical self-aware galaxy-brain entity magically cracking your passwords in seconds or “autonomously” exploiting new

The way “AI” is going to compromise your cybersecurity is not through some magical autonomous exploitation by a singularity from the outside, but by being the poorly engineered, shoddily integrated, exploitable weak point you would not have otherwise had on the inside.

LLM-based systems are insanely complex. And complexity has real cost and introduces very real risk.

  • rysiek@szmer.infoOPEnglish
    2·
    21 hours ago

    Is the stance here that AI is more dangerous than those because of its black box nature, it’s poor guardrails, the fact that it’s a developing technology, or it’s unfettered access?

    All of the above I guess. Although I am not keen on making a comparison to these previous things. I have previously written about how IoT/“Smart” devices are a massive security issue, for example. This is not a competition, the point is not whether or not these tools are worse by some degree from some other problematic technologies, the point is that the AI hype would have you believe they are some end-all demiurgs when the real threat is coming from inside the house.

    Also, do you think that the “popularity” of Google Gemini is because people were already indoctrinated into the Assistant ecosystem before it became Gemini, and Google already had a stranglehold on the search market so the integration of Gemini into those services isn’t seen as dangerous because people are already reliant and Google is a known brand rather than a new “startup”.

    I don’t know about Gemini’s actual popularity. What I do know is that it is being shoved down people’s throats in every possible way.

    My feeling is that a lot of people would prefer to use their tools and devices the way they had before this crap came down the pipeline but they simply don’t know how to turn it off reliably (partially because Google makes it really hard to do so), and so Google gets to make bullish claims on line-going-up as far as “people using Gemini” are concerned.

    • atrielienz@lemmy.worldEnglish
      1·
      21 hours ago

      My main concerns are mostly to do with the fact that Google in my experience has always had the benefit of enticing software and services that are extremely invasive but also very convenient (even if we remove IoT from the table for a moment). This is mostly due to how invasive Google Play Services is, and how invasive the Google app has been since the first iterations of Google Assistant (Google Now). I’m concerned that even those of use who have done what we can to turn off Gemini and not use Generative AI are still compromised regardless because big tech has a choke hold on the services we use.

      So I suppose I’m trying to understand what the differences are in how these two types of technology compromise cyber security.

      • rysiek@szmer.infoOPEnglish
        1·
        19 hours ago

        So I suppose I’m trying to understand what the differences are in how these two types of technology compromise cyber security.

        Again, it does not make sense to me to make that kind of comparison.