There are situations [1] where you could reliably BGP-hijack the IP prefix of the target domain authoritative nameserver, and obtain your own domain-validated cert for the target (by effectively controlling the zone file contents). And yeah, CAs do have their BGP protections, but still there's at least partial assumption BGP is secure enough to run DNS-based validation for new SSL certs, in our world where DNSSEC is still rare.
[1] https://www.ietf.org/proceedings/104/slides/slides-104-maprg-dns-observatory-monitoring-global-dns-for-performance-and-security-pawel-foremski-and-oliver-gasser-00.pdf (see slide 15; yeah, it's already a bit old, yet still the case from my practice)
Making it convincing certainly was. Being able to generate an image in 30 seconds is completely different from having to dedicate an hour of your day to it.
In the gun debate, there's something called "Weapon Instrumentality Effect"
"Easily in the pre-AI era" is different from "easier" & "easier" wasn't the claim.
To answer your question, relative ease is a function, in part, of one's skills & resources, so, it's certainly a reasonable claim to make, but will be different person to person.
Background image of some local street. Image of a wolf and object selection tool (pre AI era version). Touch up a little and add some filters to drop the quality.
Sure a little bit more involved than the two second AI prompt, but 3 min job for the lulz photoshoppers.
No, it’s not “a little bit more involved”, it’s significantly more involved because it also requires the skills to even know what you’re talking about, the experience of having done it before to be convincing, the inclination to spend the time on it, downloading Photoshop itself, possibly cracking it… There are a lot of steps, most of which most people haven’t done and don’t know how. With generative AI, you just open a website and type a few words.
There are significantly more people able to type a few words into a prompt than people who can use an image editor fast and convincingly and would be inclined to waste their time on this kind of fake.
> This is the kind of thing it was very easy to hire people for.
But would you? People grumble about $0.99 for an app they’ll use everyday, I doubt paying even $5 (and waiting for a result!) for a fake image to mislead police is high on anyone’s list.
Making this image was likely fast and free. It’s a crime of opportunity.
This argument has always seemed a bit silly to me. It's like responding to someone saying that it's easy to set up a hello world web server without AI with "but but but first you need to know what a web server is and how to use the command line and download a compiler/runtime and and and", as if there were some dire shortage of people who are already programmers. There are literally millions of us, the existence of one who would want to put up a website about pretty much anything you can think of is not some huge shock. We know this because we were literally there in that pre-AI world full of sites about all sorts of things! Just because you can now do the same thing with a prompt doesn't mean it was magically unlikely to find a site about, I don't know, the social lives of cane rats before.
And there are literally billions of everyone else.
Do you not see that the amount of fake images has exploded with free access and ease of use? That’s what a tool does. It’s silly to argue generative AI doesn‘t make a difference in the proliferation of fake images, just like it’d be arguing that digital photography on a small multi-purpose device that is always with you doesn’t make people take more pictures.
I very much disagree, since you went on to make your whole point with an unrelated matter and apparently I misunderstood your point. Maybe you don’t know how to make your point clearer, but that isn’t the same as it being impossible to be clearer.
> and it's rather silly to twist my words
There was no twisting intended, and if I misconstrued your point I’d appreciate the correction (i.e. clarification).
Specifically: If you do agree that access to generative AI increases the proliferation of fake images (do you? I’m really asking. Sounds like you might), then what exactly is your objection to the original point?
Why does it HAVE to be my relative when the actual question is whether hello world web servers exist?
I don't know why people are so determined to miss the point that "people can do [image manipulation] faster with AI" does not magically mean that people weren't doing it before AI, at scale mind you. Did y'all really unironically believe EVERY single image you saw on the internet prior to the past few years was entirely real and entirely what it was presented as? My goodness
> Why does it HAVE to be my relative when the actual question is whether hello world web servers exist?
No, that is not the question. I mean, maybe it’s the question you are asking, but no one else is.
> I don't know why people are so determined to miss the point that "people can do [image manipulation] faster with AI" does not magically mean that people weren't doing it before AI, at scale mind you.
That is not the point. The argument is simple: easier and cheaper access to a tool makes more people use the tool more often. Manual image editing is harder and takes longer than typing words into a box, thus more people do it more often and with fewer thought.
If you have the idea to manually edit a wolf into a street, you’ll first have to go to your computer or tablet, have a bunch of skills, and spend time doing it. You have plenty of opportunity to say “fuck it, I’ll do something else”. Most people drop at that point
because they can’t be bothered.
With generative AI, you can be so drunk you can barely stand, sitting on a portable toilet at a concert, haphazardly type a few words and get the result, immediately and for free.
Do you not see the difference between those two?
We can go further back: You could do image manipulation on film, before digital was a thing. But few people knew how or had access to the necessary chemicals and dark room. Do you not think the ease of access and digital tools increased the amount of people doing it?
> Did y'all really unironically believe EVERY single image you saw on the internet prior to the past few years was entirely real and entirely what it was presented as?
No, no one believed that and no one is making that argument and I think you know that.
Can IDE's be configured so that it won't allow to save the file changes if it contains the usual suspects; buffer overflows and what not. LLM would scan it and deny write operation.
Like the Black formatter for Python code on VSCode, that runs before hitting CTRL+S.
These are all relics from the innocent 90's Internet. We had our global village and everything was fine. A couple of bad actors spamming blue pills here and there and that was it.
Now we have actual criminal organizations and other real bad actors.
I'm sure we can come up with something better than advertise our whole local computing platform on every HTTP request.
This whole reactionist protectionist sovereignity fuss will blow over in a year or two. Way too costly to force mass migrate gazillion users and services. Even if just to move away from AD and Entra. Forget about it. Local gov all around the world is stuck with these permanently.
One little hint to all the European providers: just provide a better and more cost effective service than the US competitors, and the users will come. Innovate something new and interesting. Don't just copy paste Microsoft, Amazon and Apple.
(disclaimer: I work in European municipality IT infra)
Sure — we can play that game. Worked for a state org in an EU country too.
I disagree, I note that multiple countries have digital ministries drafting plans to drop Microsoft products or to begin a wholesale migration due to sovereignty and security.
Once something becomes policy at the highest levels, the individual orgs will have to follow, even if slowly.
I really think you are grossly misreading the last 12 months or so. There is a big difference between a municipality migration as a cost-saving move and the very state saying declaring a national security threat from foreign-based vendors.
Gaining (more) strategic independence, costly as it may be, is cheaper than the potential price a deranged US government can inflict.
We have >3 more years of Trump, that is plenty of time to get a ball rolling. I hope Europe finally does what we should have done in 2016 and gains more independence.
Your explanation is just as good as the Fermi paradox. In Futurama, the Omicronians know about the Earth from old TV show signals, that's been constantly sent from Earth by then. Would any alien civilization have the patience to constantly send hello world for a millenia or maybe hundred thousand years.
Both assume that there _is_ some other life, but that it's hard to reach. We don't know if there is anything else.
Earth could be completely unique in the existence, even with all the endless multiuniverses. Mathematical propabilities are not proof that there _must be_ life somewhere else. The answer could just as well be '0'. Only life that was, is and will ever be. When we are eventually gone, that's it. No more life.
edit: sorry about the negativity in my reply; just pondering out loud :D
No need to be sorry I really enjoy discussing all thoughts and beliefs regarding our existence and the question of if we are all alone.
Our very existence makes absolutely zero sense. I just can't understand how we exist. How did our universe come into existence. I am not talking about the big Bang if that is actually accurate but before that. And if the big Bang comes from singularity of almost infinite dense energy or whatever then what was before that and why did it come into existence. And so on.
Obviously we will never know. I am also fairly confident that most likely there is more life across the universe but that we will also never confirm that to be true. The size of the universe is just too immense and unless we discovered some new physics breakthrough like some sort of particle or way to transmit a signal much faster then the speed of light, milky way is like 100000 light years across and next galaxy over 2 million light years away, so even something going 10 times the speed of light is massively too slow to be significant. We would need to be able to send a signal at minimum 1,000,000 times the speed of light and even at that speed it would still be extremely slow and not likely fast enough to matter.
I do believe there is life out there but most likely it is millions or billions of light years away. And at that distance with our current technology and knowledge it would be impossible for us to find them.
Humans are good at distilling the word salads into actually coherent and useful bits of information. That's about the only thing left for us that we are good at. The machines will eventually catch up, and the AI slop blog writer agents will get good enough, so that 99.9 % of all text content on the Internet will be machine generated.
Huawei Enterprise devices tend to have a CAPTCHA by default on their BMC/OOB GUIs or the other various system/infrastructure service GUIs (such as the HuaweiCloud/FusionCloud products). I'm guessing the reason is that people leave the management ports and GUIs wide open to the public Internet, so the CAPTCHA is protecting at least from the very basic script kiddie bots.
Absolutely worthless pieces of paper. We had the ISO 270001 and the physical security "walk tour" or whatever it's called; I could've outsourced that to a bunch of preschoolers walking around the offices and data center rooms and would've gotten the same result. The only _actually_ working way to protect your org is to continuously attack your own systems and see what part of it breaks or leaks data.
Could it be possible to train LLM only through the chat messages without any other data or input?
If Guppy doesn't know regular expressions yet, could I teach it to it just by conversation? It's a fish so it wouldn't probably understand much about my blabbing, but would be interesting to give it a try.
Or is there some hard architectural limit in the current LLM's, that the training needs to be done offline and with fairly large training set.
reply