OpenAI's 2023 breach, CISA Safe language, 10B unique passwords, Apple push back, Microsoft encryption
7/1-7/7/2024: AI Upheaval, Hackers Run Wild, and Google's iPhone Ambitions
This week in the digital world, we continued to see a collision of innovation and disruption, with AI making waves across industries while hackers continued to exploit vulnerabilities in unexpected ways.
Note: New book report on the first half of 2023 is AVAILABLE.
![[FREE e-book] GenAI safety and security](https://substackcdn.com/image/fetch/$s_!jS8G!,w_140,h_140,c_fill,f_webp,q_auto:good,fl_progressive:steep,g_auto/https%3A%2F%2Fsubstack-post-media.s3.amazonaws.com%2Fpublic%2Fimages%2F8cbc4b00-c7d2-4b5d-8795-3d2715fd20c8_731x731.png)
The Rise and Risks of AI
OpenAI, the company behind ChatGPT, found itself in hot water twice.
First, it accidentally revealed its internal instructions for ChatGPT and DALL-E, sparking concerns about transparency and control. Source: TechRadar
Later, news broke of a 2023 security breach where hackers accessed internal discussions, raising fears about foreign adversaries stealing valuable AI secrets. Source: The New York Times
A security researcher discovered that the ChatGPT app for Mac was storing user conversations locally without encryption. This meant the data was potentially accessible to other apps or malware on the device. Source: Engadget.
OpenAI's CEO Sam Altman, in a recent interview, acknowledged the need for global cooperation and regulation as AI rapidly evolves. Source: YouTube
Speaking of regulation, CISA and other cybersecurity agencies issued a call to action for software manufacturers.
They urged companies to prioritize memory-safe programming languages and publish roadmaps outlining their plans to eliminate memory-related vulnerabilities. This follows a CISA report revealing that over half of critical open-source projects rely on memory-unsafe languages. Source: CISA , The Register
Meta threw its hat into the ring with a bombshell announcement.
The company unveiled pre-trained AI models that use a novel multi-token prediction approach, promising a leap forward in efficiency and performance for large language models. Source: VentureBeat
Microsoft Research unveiled GraphRAG, a new tool for data discovery.
GraphRAG uses a graph-based approach to enable question-answering over private or previously unseen datasets. Source: Microsoft Research
The Hacker Landscape
A massive password leak sent shockwaves.
A hacker claiming to be 'ObamaCare' uploaded a database containing almost 10 billion unique passwords to a criminal forum, highlighting the ongoing threat of credential stuffing attacks. Source: Forbes
Data breaches continued to make headlines.
Twilio confirmed a breach where hackers leaked 33 million phone numbers associated with its Authy app, and Ticketmaster was targeted by hackers who claimed to possess barcode data for hundreds of thousands of Taylor Swift concert tickets. Source: SecurityWeek, The Guardian
The alarm about a new breed of AI-powered attacks.
Deepfake audio is increasingly being used in scams, making it harder to distinguish real voices from fake ones. Source: The US Sun
The Battle for iPhone Users
Google is setting its sights on Apple's iPhone user base.
The company reportedly wants to increase the share of iPhone searches conducted through its apps, particularly Chrome, to 50%. This move could have significant implications for Apple's Safari browser and its lucrative revenue-sharing agreement with Google. Source: Forbes
Apple is pushing back with a privacy-focused approach to AI.
"Apple Intelligence" system hightlights uses on-device processing and end-to-end encryption to protect user data. However, Personal Cloud Compute poses smore questions about privacy similar to Google Android Hybrid AI. Source: Wired
Microsoft patented a system to encrypt documents visually.
This technology aims to prevent "visual hacking" and protect sensitive information from being viewed by bystanders. Source: TechSpot
Cloudflare blocked access to two pirate streaming sites.
This move, prompted by a complaint from Web Sheriff, highlights the ongoing efforts to combat copyright infringement online. Source: TorrentFreak
As the digital landscape continues to evolve at breakneck speed, it's clear that we are entering an era where AI, security, and privacy will be increasingly intertwined. Stay tuned for more updates as we navigate this exciting and challenging terrain.