Make your website with AI and hack it with AI for pen testing. This has gone beyond the point of stupidity
@unocualqu1era3 ай бұрын
Résumé: made by AI Website you pentest: made by AI The pentest: performed by AI The documentation of said pentest: written by AI using a template I'm feeling a bit lazy, can AI open the bank account for my salary?
@daniel292633 ай бұрын
AI makes website with AI, AI uses AI to pen test the AI built website.
@jaschaeidam74693 ай бұрын
Just got an Add by an international manufactoring firm bragging about their new Quality Control Process. It's an AI playing "where is waldo" with bad solder joints. It has been trained on images of good and bad solder joints. Which have been generated by a different AI, using only a handful of original images. So, yeah, if your german-made(tm) electronics turn into a firestorm, rest assured the AI was satisfied with its results.
@P4RK3R1Z3D3 ай бұрын
"I know how to hack now! What? Explain how I did it? Hold on, lemme ask my AI waifu."
@X1ZR3 ай бұрын
I don't get it
@orion10x103 ай бұрын
5.6 Million Dollars paid out from Ring? Gee willikers, wowie! Their parent company is only worth over a trillion dollars, justice served 🥰🥰🥰
@nipstyler3 ай бұрын
It's like one of us being fined a late return fee, for a film rented from blockbuster...
@ZoeyMikolАй бұрын
@@nipstyler Actually, assuming a net worth of 195,000 (average American net worth is actually even less at 192,000 but this makes it easier) it's the equivalent of 56 cents slipping out of your wallet.
@orion10x10Ай бұрын
@@ZoeyMikol you're two months late and probably won't get a lot of attention for this but thanks for doing the math! Now I'm more sad 😆
@emerjay3483 ай бұрын
The "You only have 30 days to claim your coins" is just incredible thing to happen considering all the scam emails that use this type of time pressure methods portaying exactly as PayPal, this is going to be a shitshow.
@X1ZR3 ай бұрын
All of that just for them to keep the money smh, I guarantee you most Ring doorbell owners haven't even heard of these events so they'll miss out on the money.
@arandomguy94743 ай бұрын
actually there was a reddit post where a guy pinged his article about how this paper and the high percentage of success "could" be misleading. hoping that is mentioned in the video here. EDIT: i think that info isnt added here, i do recommend reading that article. i'll ping here if i find
@Seytonic3 ай бұрын
Yep, the type of vulnerabilities wasn’t representative. Still crazy nonetheless
@arandomguy94743 ай бұрын
@@Seytonic yes, imagine this same thing a few y̶e̶a̶r̶s̶ months down the line...
@hellawacked3 ай бұрын
Any luck finding?
@BR-ty3hx3 ай бұрын
Top comment, 3 hours later and no source 😅 random guy or random AI company investor
@kkyren3 ай бұрын
good source of the reddit post…
@justwatching61183 ай бұрын
5.6 million for billion+ dollar company.. 100% fair and justice xD
@octav74383 ай бұрын
To be fair, $5m is a lot of money considering that the company doesnt actually have billions in cash right now. It likely has much less and the billion dollar value is only its market cap which is different. Its highly likely ring only have hundreds of millions in cash, where a $5m fine is NOT a slap on the wrist, but more a school lunch detention so to speak
@JoeRogansForehead3 ай бұрын
Trillion
@zaper29043 ай бұрын
Just from a quick scan of the research paper it appears anything achieved with GPT here could equally be achieved with a regular custom written tool for exploring any one of those vulnerabilities (with the added benefit of not needing to pay anything beyond electricity/hosting costs). The paper also says that even for GPT-4 as soon as you remove the CVE description the success rate drops from 87% to 7%.
@Xnoob5453 ай бұрын
But if you added dark web access to the AI I assume the success rate would be higher
@PankyGD3 ай бұрын
@@Xnoob545how would giving it access to the tor network make it a higher chance lmao
@reabstraction3 ай бұрын
@PankyGD it would allow it to buy exploit code
@emihrv3 ай бұрын
@@reabstraction yes so you can feed your AI with 200k start capital to buy useable exploit
@45545videos3 ай бұрын
"hack into websites" to my understanding, the 87% success involved a lot of XSS attacks which isn't exactly "hacking" and is something anybody, AI or not, could learn to do the basics of in an afternoon
@squirlmy2 ай бұрын
good point, but "hacking" has never had a good definition since it was used in the MIT Railroad Club. Specific terminology from professional pentesting should be used in cases like this.
@ClaudioMoises983 ай бұрын
What is scary inst the AI, but the people that make vulnerable system despite the public databases and unemployed security professionals
@dertythegrower3 ай бұрын
I would know this well.. the industry only hires once they get a breach, usually...
@BrokenHeart0003 ай бұрын
The Spøñsør starts at 3:34 and ends at 4:26
@avifcollective3 ай бұрын
???
@cosmos23823 ай бұрын
use sponsor block LOL
@kipchickensout3 ай бұрын
it's literally in the chapters
@Meletion13 ай бұрын
aut0m0d@@avifcollective
@Meletion13 ай бұрын
@@cosmos2382true
@КГБКолДжорджКостанца3 ай бұрын
That ain't gonna go well
@redslashed3 ай бұрын
Fr😂
@noodlez71013 ай бұрын
You’re absolutely right. With computers, anything is possible. It’s only a matter of time before stuff like this becomes even more sophisticated and the internet will never be the same again.
@P4RK3R1Z3D3 ай бұрын
I feel like AI will always have a predictable pattern to follow, which will make it easy to defend against it. Just the landscape changing.
@rvre3 ай бұрын
I knew Ring was a sketchy idea to begin with, especially not having it open source
@Napert3 ай бұрын
wonder how the latest llama3 70b or rumored 400b will stack up to this task
@paxdriver3 ай бұрын
6:04 clerks cartoon tv series turns out to have been a prophecy lol
@hubertlenningrad22522 ай бұрын
3:22 "FBI guy, hes right there, grab em!"
@ts757arse3 ай бұрын
The AI agents with a code interpreter is something I've been tempted to try but, honestly, I dread to think what it'd get up to and it'd execute faster than I could keep up.
@JustARegularNerd3 ай бұрын
Could try it in a VM or test machine that is heavily restricted
@ts757arse3 ай бұрын
@@JustARegularNerd I should have added "and the Internet". The AI interpreters will very often try and download tools they need to do things, so it wouldn't work without Internet access.
@iblackfeathers3 ай бұрын
that is why you don’t install ring doorbell in a bathroom. lol
@JustARegularNerd3 ай бұрын
While true, this is victim blaming. Ring is entirely in the wrong here, their customers should be able to use their cameras as they see fit in their own homes, without employees having unfettered access.
@redslashed3 ай бұрын
Fr 😂
@dertythegrower3 ай бұрын
ironically.. the guy who found the google's mini voice assistant device in his bathroom was recording him 247 and giving metadata of his bathroom time to their server in 2022
@Palmit_3 ай бұрын
Hi Seytonic, When did TCMSecurity get started as a training outfit? Where is their registered headquarters? Where can i find their annual financial returns 'before' spending money, please? Thanks for the info. Links not accepted for obvious reasons. Just reply to this comment, tell me info what and where to seach... it's easier and, transparent. :-) Thanks.
@toddzillaswrist3 ай бұрын
Try using Google
@akarshgupta04063 ай бұрын
I'm genuinely worried about the future of cybersecurity as a career with the development in AI... Is it even worth pursuing this field anymore? Can someone please answer my question.
@CARTUNE.3 ай бұрын
I’ll put it this way, every career is at risk with AI. We also always have a moment in industries where we think, “This is it, it’s over.” Then we realize it was just a change, not a means to an end.
@drlauch22563 ай бұрын
why not you just gotta be willing to adapt and use new tools
@the-answer-is-423 ай бұрын
Probably. I don't think anyone sensible is willing to put actual important confidential information under the control of AI without oversight. They aren't going to let the nuclear launch codes be protected by just an AI, simply because having control is important. The landscape may shift, but I don't think cybersecurity will be a solved problem with AI. It will likely just shift into a different form (though it might very well make the job market more competitive).
@drlauch22563 ай бұрын
@@the-answer-is-42 i doubt that there is still a MASSIVE shortage of qualified workers so if ur a Specialist at something i doubt you gotta worry for your job
@psapple58583 ай бұрын
lets say your fears are true and it happens at the end you need somebody who sets up the machine
@jer17763 ай бұрын
Ring (and other camera manufacturers) should include an offline mode that lets their cameras save everything to a local NAS. Any camera system that doesnt is a piece of junk.
@chris-tkr3 ай бұрын
wow that ring segment came out of nowhere, enjoyed this one
@Lorentz_Factor2 ай бұрын
If we look at the tested LLMs. There's a problem with this. All of those are various fine tunes and variations of much smaller local models. What we aren't seeing in the tested ai models are Gemini, Claude, or co-pilot, which are more in par with gpt4. The remainder of those models are barely capable of holding a decent conversation without losing coherence. I mean sure they can somewhat but a far cry from gpt 3.5 even.
@brendan52603 ай бұрын
On minecraft servers we use baritone to auto raid bases that sell crap for real money on discord. In shooters I use an AI to predict the tactics of the enemy team, essentially auto-commanding my side of the battle. It was only a matter of time.
@El8Mexi3 ай бұрын
Riester
@superfliping3 ай бұрын
This is Whats next, show your skills? 1. CodeCraft Duel: Super Agent Showdown 2. Pixel Pioneers: Super Agent AI Clash 3. Digital Duel: LLM Super Agents Battle 4. Byte Battle Royale: Dueling LLM Agents 5. AI Code Clash: Super Agent Showdown 6. CodeCraft Combat: Super Agent Edition 7. Digital Duel: Super Agent AI Battle 8. Pixel Pioneers: LLM Super Agent Showdown 9. Byte Battle Royale: Super Agent AI Combat 10. AI Code Clash: Dueling Super Agents Edition
@MeboMichael3 ай бұрын
Meta ai used to generate CP is just crazy
@hobrin42423 ай бұрын
dang but now the credential stuffers are gonna stuff the emails for the 50 bucks. For. Every. Single. Account.
@dejabluev273Ай бұрын
hey, isn't the game the guy is playing on the computer at 3:33 named hacknet? I swear I can't mistake that UI.
@dropbear10243 ай бұрын
Best sponsor ever, thank you so much
@JazevoAudiosurf3 ай бұрын
8,80$ is nothing on the OpenAI API. I've spent 100s for simple scripts that build code or think step by step. 8,80 is cheap af, it just means the cheaper upcoming options that will be capable of it like llama 4 etc will do it basically for free and locally
@fennecfoxfanatic3 ай бұрын
7:43 hehehe thats tom and jerry
@Leo-sd3jt3 ай бұрын
Insert Project 2501 reference here
@TheBHAitken3 ай бұрын
Seeing as to HIRE a hacker would cost considerably more, I'd say people would be willing to pay for that kind of research.
@乂3 ай бұрын
AI is going to revolutionize the pentesting space
@taahaseois.88983 ай бұрын
no.
@comosaycomosah3 ай бұрын
I'll play you in rock paper scissors for your account 💎🧻✂️
@editedbymaxi3 ай бұрын
crazy stuff always good as normally
@SOOKIE420693 ай бұрын
I appreciate that you recognize that committing international financial crimes is not necessarily something DPRK would be doing for fun if they weren't under sanctions.
@TheSuperDerp3 ай бұрын
Every new AI development just proves Ned Ludd was right from the start.
@Kozrak623 ай бұрын
One step closer to AI Wars in Cyberspace
@M2rsh3 ай бұрын
"Regime" watch Loyal citizens of Pyongyang in Seoul
@redslashed3 ай бұрын
Imagine: "this video is sponsored by böackhats"😂
@internallyinteral3 ай бұрын
Script kiddies at a new level
@huddunlap39993 ай бұрын
good stuff
@somexne3 ай бұрын
That's what the years of them seeing your body's and eyeing you down, judging you, and invading your privacy is worth: 50. Dollars. Yeah if this was in Germany, the company would bankrupt to pay it off.
@nipstyler3 ай бұрын
The people affected would have made more money charging the dirty gits a subscription to Only fans for the sam content... Disgusting really...
@iestyn1293 ай бұрын
we can only hope that the eu and the us tighten their laws on ai
@MeboMichael3 ай бұрын
Remember god's eye from fast and furious it's gonna happen
@BorisPushkin-rq2hm3 ай бұрын
my pentesting career has ended before it even started
@comosaycomosah3 ай бұрын
😂
@Raxis3 ай бұрын
I don't see why the production companies would have an issue when the animation industry is basically North Korea anyway
@EnderCryptАй бұрын
i do not see how CVE ai is dangerous, the information is already public, people can already do what the AI did, and programmers cant automate it by making a perfect tool
@Coffeemancer3 ай бұрын
content farm
@heyjoeway3 ай бұрын
ROBOT WARS ARE STARTING LETS GOOOOOOOOOO
@mx3383 ай бұрын
It's sad that North Korea cannot even participate in the creation of internationally popular art. These sanctions are so restrictive and hurt the countries abilities to even get enough food imported.
@psapple58583 ай бұрын
interesting profile and comment choice the weeb feels deep sadness of the struggles of the north Korean animators, I wonder what made him feel this.
@spectromb3 ай бұрын
womp womp
@psapple58583 ай бұрын
womp womp
@mega_gamer933 ай бұрын
"womp womp". Imagine if your country had recently freed itself from colonial occupation and then had imperialist powers carve up your country to install a fascist dictator to exert control, then, when a civil war breaks out made the entirety of the UN invade the half of your country that is actually democratically ruled, killing 3 MILLION of your people and completely leveling almost that whole half, and then being completely put on embargo by the non democratic world cursing your country to be extremely poor
@EditorInChiefUK3 ай бұрын
👍
@oentrepreneur3 ай бұрын
Isn't given AI access to the internet dangerous?
@mikemaldanado601513 күн бұрын
um, llm's do not 'think'. people need to start using the correct words for things. the fact the term AI and an LLM's is now synonymous is just sad. LLM's do not understand a word they are saying to us. As for the prompts to exploit chatgpt is so easy junior high school kids are doing it. LLM's are incredibly stupid and can only do things they have been taught. So take a simple puzzle a kindergarten kid can do - match the shapes and put the correct one in it's hold. If an LLM wasn't taught how to sold the specific puzzle in front of it , it cannot solve it.
@lastblackbear83053 ай бұрын
cool
@SASTSimon3 ай бұрын
HELLO!
@user-pw6so9mk4p2 ай бұрын
So why not allow N Korean do honest work. Instead of pushing them to destructive IT hazards?
@immameme3 ай бұрын
HackerNewsImma1st Don't take my comments seriously. It's only a meme
@redslashed3 ай бұрын
Naaah😮
@saltysailor5373 ай бұрын
ahhh TSM. the only place you can get your PPPP, PEDP, PCCP, PHCP, PHPP, PQET, PCET, PCST.....
@there_can_only_be_one__unicorn3 ай бұрын
💌🇨🇦
@sg5sd3 ай бұрын
:v
@ahr0cdovlzk3my1lahqtbmftdw73 ай бұрын
Bro, it was extremely unnecessary to constantly compare the AI tool with script kiddies at the beginning because everyone is interested in this kind of technology because it's simply extremely exciting. And secret services are also interested in such technology.
@ahr0cdovlzk3my1lahqtbmftdw73 ай бұрын
Yep my Account or this comment is shadow banned. Thx to you Saytonic
@ahr0cdovlzk3my1lahqtbmftdw73 ай бұрын
Im Shadow banned thx 👍
@fiercethundr_3 ай бұрын
Fun Fact: The screen at 3:30 appears to be a game I played a while ago called Hacknet. Highly recommend playing it if a hacking game sounds interesting. May not be everyone's cup of tea, but it's pretty noice.
@Kas_Styles3 ай бұрын
Good sponsor. He follows me on Twitter
@xsploit3 ай бұрын
agentgpt was just the tip of the iceberg there many different agent frameworks that are 1000x better
@Leo-sd3jt3 ай бұрын
Can you list a few?
@glytchd3 ай бұрын
@Leo-sd3jt nah he's probably just parroting. Wanted to come here and sound like a big smart man. Not actually add anything useful to the conversation or give anyone a head's up on wtf he's referencing.
@xsploit3 ай бұрын
@@glytchd not at all. Theres agencyswarm, autogpt i cant remember at the names of every framework
@xsploit3 ай бұрын
@@Leo-sd3jt theres agencyswarm, autogpt and autogen i think. Many more
@FastRomanianGypsies3 ай бұрын
Holy hell north korea based
@КГБКолДжорджКостанца3 ай бұрын
Any recommendations so private email? Is tutanota a greatchoice?
@LostArchivist3 ай бұрын
Initializing Automagic-hack complete
@deindedicated3 ай бұрын
First
@gus4733 ай бұрын
Just glided into that TCM Security ad, like a ninja in the night..... 🫡
@wrathofainz3 ай бұрын
I didn't notice the sponsor until you mentioned it. It was skipped automatically 🤷♂️