Tuesday, May 23, 2023

I’ll keep an eye out for similar articles…

https://venturebeat.com/security/forrester-predicts-2023-top-cybersecurity-threats-generative-ai-geopolitical-tensions/

Forrester predicts 2023’s top cybersecurity threats: From generative AI to geopolitical tensions

The nature of cyberattacks is changing fast. Generative AI, cloud complexity and geopolitical tensions are among the latest weapons and facilitators in attackers’ arsenals. Three-quarters (74%) of security decision-makers say their organizations’ sensitive data was “potentially compromised or breached in the past 12 months” alone. That’s a sobering cybersecurity baseline for any CISO to consider.

With attackers quickly weaponizing generative AI, finding new ways to compromise cloud complexity and exploiting geopolitical tensions to launch more sophisticated attacks, it will get worse before it gets better.

Forrester’s Top Cybersecurity Threats in 2023 report (client access reqd.) provides a stark warning about the top cybersecurity threats this year, along with prescriptive advice to CISOs and their teams on countering them. By weaponizing generative AI and using ChatGPT, attackers are fine-tuning their ransomware and social engineering techniques.





This makes perfect sense if you consider everyone a potential criminal. You might even want to make extra effort to identify the ones who haven’t done anything criminal yet.

https://www.wired.com/story/europe-break-encryption-leaked-document-csa-law/

Leaked Government Document Shows Spain Wants to Ban End-to-End Encryption

SPAIN HAS ADVOCATED banning encryption for hundreds of millions of people within the European Union, according to a leaked document obtained by WIRED that reveals strong support among EU member states for proposals to scan private messages for illegal content.

The document, a European Council survey of member countries’ views on encryption regulation, offered officials’ behind-the-scenes opinions on how to craft a highly controversial law to stop the spread of child sexual abuse material (CSAM) in Europe. The proposed law would require tech companies to scan their platforms, including users’ private messages, to find illegal material. However, the proposal from Ylva Johansson, the EU commissioner in charge of home affairs, has drawn ire from cryptographers, technologists, and privacy advocates for its potential impact on end-to-end encryption.

For years, EU states have debated whether end-to-end encrypted communication platforms, such as WhatsApp and Signal, should be protected as a way for Europeans to exercise a fundamental right to privacy—or weakened to keep criminals from being able to communicate outside the reach of law enforcement. Experts who reviewed the document at WIRED’s request say it provides important insight into which EU countries plan to support a proposal that threatens to reshape encryption and the future of online privacy.





Inevitable.

https://www.schneier.com/blog/archives/2023/05/credible-handwriting-machine.html

Credible Handwriting Machine

In case you don’t have enough to worry about, someone has built a credible handwriting machine:

This is still a work in progress, but the project seeks to solve one of the biggest problems with other homework machines, such as this one that I covered a few months ago after it blew up on social media. The problem with most homework machines is that they’re too perfect. Not only is their content output too well-written for most students, but they also have perfect grammar and punctuation – something even we professional writers fail to consistently achieve. Most importantly, the machine’s “handwriting” is too consistent. Humans always include small variations in their writing, no matter how honed their penmanship.
Devadath is on a quest to fix the issue with perfect penmanship by making his machine mimic human handwriting. Even better, it will reflect the handwriting of its specific user so that AI-written submissions match those written by the student themselves.
Like other machines, this starts with asking ChatGPT to write an essay based on the assignment prompt. That generates a chunk of text, which would normally be stylized with a script-style font and then output as g-code for a pen plotter. But instead, Devadeth created custom software that records examples of the user’s own handwriting. The software then uses that as a font, with small random variations, to create a document image that looks like it was actually handwritten.

Watch the video.

My guess is that this is another detection/detection avoidance arms race.



No comments: