"AI is giving attackers a huge advantage!"
Uncategorized
128
Posts
38
Posters
0
Views
-
@iagox86 @cR0w I used to love writing short blog posts for my company. Nothing earth shattering, but just interesting enough that it kept our name circulating and maybe, just maybe, helped out a few people interested in the same problems.
Then we got bought, and the blog was all shaped by marketing from then on. (same at the company after, as great as it was in other ways). Community engagement became just plain engagement.
Find me another small company of nerds who just want to help out others, and share bits of what they've learned for the community, and I'll be happy.
@darthnull @iagox86 Seems to be the way most of the current orgs that claim community involvement are already heading too.
-
@cR0w @Viss @FuturisticRobert Unfortunately, I suspect all of us will be trying to just survive in some post apocalyptic hellscape.
-
@cR0w @Viss @FuturisticRobert Unfortunately, I suspect all of us will be trying to just survive in some post apocalyptic hellscape.
-
@cR0w @Viss @FuturisticRobert Unfortunately, I suspect all of us will be trying to just survive in some post apocalyptic hellscape.
@krypt3ia @Viss @FuturisticRobert Realistically, that's where I'm at too. But there's too much planning and luck for that so I'm doing what I can and accepting the rest of the risk. Like another Cascadia earthquake.
-
@darthnull @iagox86 Seems to be the way most of the current orgs that claim community involvement are already heading too.
@cR0w @darthnull Then labs/research makes their own blog, then that ALSO gets filled with AI slop because more quantity = better right?
I'm gonna start embedding one of those "email me for a $100 gift card" into every slop post to prove that nobody reads them
-
@cR0w @darthnull Then labs/research makes their own blog, then that ALSO gets filled with AI slop because more quantity = better right?
I'm gonna start embedding one of those "email me for a $100 gift card" into every slop post to prove that nobody reads them
@iagox86 @cR0w @darthnull If I had a dollar for every time I was looking up PoC/exploits for a given CVE, and its some slop report from a website that just seems to scrape cve.org and regurgitate it along with very generic remediation recommendations, I probably wouldn't be rich, but like, I could have a fairly nice lunch.
-
@iagox86 @cR0w @darthnull If I had a dollar for every time I was looking up PoC/exploits for a given CVE, and its some slop report from a website that just seems to scrape cve.org and regurgitate it along with very generic remediation recommendations, I probably wouldn't be rich, but like, I could have a fairly nice lunch.
@da_667 @cR0w @darthnull omg, it's the worst.
The WORST part is that I've found that an LLM is the best way to deal with that shit.. it's way better at filtering results down to just useful PoCs (having to use AI to fight AI makes me incredibly sad though :( )
-
"AI is giving attackers a huge advantage!"
"Yes, it is. It's amazing how quickly it has destroyed dev, sec, ops, management, company missions and priorities, regulations, information literacy, and civil society, making everyone more vulnerable."
People, not the machines, have chosen to destroy these things by pretending that LLMs are the AGI they were hungry for, and told they were getting, and investing accordingly despite all evidence to the contrary.
-
@da_667 @cR0w @darthnull omg, it's the worst.
The WORST part is that I've found that an LLM is the best way to deal with that shit.. it's way better at filtering results down to just useful PoCs (having to use AI to fight AI makes me incredibly sad though :( )
@iagox86 @cR0w @darthnull what's incredibly fun is looking at nuclei-templates repo, thinking you've found something that can serve as a proof of concept for some thing you really needed, and its a GET request that they parse with regex for version strings.
Thanks for that, I guess.
-
@FuturisticRobert @krypt3ia @cR0w my hottub runs off the powerwall. when the grid goes down that party's ay my place. bring swimtrunks and something for the smoker
-
@FuturisticRobert @cR0w @krypt3ia yup. need big long term stuff to go behind the high discharge lipos. also need to see how many zinc and copper poles are needed to get 12v at any reasonable amperage out of an earth battery
-
"AI is giving attackers a huge advantage!"
"Yes, it is. It's amazing how quickly it has destroyed dev, sec, ops, management, company missions and priorities, regulations, information literacy, and civil society, making everyone more vulnerable."
@cR0w AI is giving its user an advantage and that only shows how human nature is destructive in general. It's still time to apply it to better means. What are YOU doing?
-
@FuturisticRobert @krypt3ia @cR0w my hottub runs off the powerwall. when the grid goes down that party's ay my place. bring swimtrunks and something for the smoker
@Viss @FuturisticRobert @krypt3ia Swim trunks? I thought it was a party.
-
@iagox86 @cR0w @darthnull what's incredibly fun is looking at nuclei-templates repo, thinking you've found something that can serve as a proof of concept for some thing you really needed, and its a GET request that they parse with regex for version strings.
Thanks for that, I guess.
@da_667 @iagox86 @cR0w @darthnull i keep getting the impression that nuclei is just nmap nse with extra steps
-
@cR0w AI is giving its user an advantage and that only shows how human nature is destructive in general. It's still time to apply it to better means. What are YOU doing?
@TSLST Me? I can't talk about a lot of what I'm doing on the public Internet. But I can assure you that it is not with the imaginary advantage of AI.
-
@da_667 @iagox86 @cR0w @darthnull i keep getting the impression that nuclei is just nmap nse with extra steps
@Viss @iagox86 @cR0w @darthnull sometimes, it can be pretty helpful. If for no other reason, the references sometimes point to an actual write-up instead of nuclei's meta-request template bullshit.
-
@da_667 @cR0w @darthnull omg, it's the worst.
The WORST part is that I've found that an LLM is the best way to deal with that shit.. it's way better at filtering results down to just useful PoCs (having to use AI to fight AI makes me incredibly sad though :( )
@iagox86 @da_667 @cR0w @darthnull ive found making gpt 5.4 do research for me and force it to provide sources seems to take marginally less time than slogging through websites by hand and clicking through the 200 modal popups, login with google, youve reached your free article limit, solve this capacha to see the blogpost, 10 second timer newsletter popup modal bullshits
-
@TSLST Me? I can't talk about a lot of what I'm doing on the public Internet. But I can assure you that it is not with the imaginary advantage of AI.
@cR0w I read this as: rather than figure out a positive use of this tool, you would rather prevent anyone from using it? What' your policy on kitchen knives and cars?
-
@cR0w I got this great idea, right?
So you know the game darts? You throw a sharp pointy metal spike at a wall... right?What if... get this... instead of a tiny little bitch spike, we go full 9inches? Have kids throw them just straight in the air... see what happens.
What'cha think?
@jackryder @cR0w I think that;s what's happening in Ukraine right now, but the kids aren't the ones throwing the darts!
-
@cR0w I read this as: rather than figure out a positive use of this tool, you would rather prevent anyone from using it? What' your policy on kitchen knives and cars?
@TSLST Kitchen knives and cars were created for a specific benefit. AI is a grift trying hard to find a benefit beyond further enriching the rich. The fact that it's being pushed so hard while people "figure out a positive use of this tool" should be the tell.
Gli ultimi otto messaggi ricevuti dalla Federazione
-
This post did not contain any content.
-
Questo fine settimana alla Fiera di #Milano. Si può sentire qualcosa anche su Radio Popolare che ha lo stand in loco. Fa' la cosa giusta! dal 13 al 15 marzo 2026 https://www.falacosagiusta.org/
-
@filippodb @Paoblog @devol @internet perche non provare ? @towers:matrix.org se hai voglia di invitarmi. Grazie
-
#referendum #referendumgiustizia
Dove c'è potere ed elezioni c'è politica.
Su cosa si fa campagna elettorale per elezioni CSM, cosa può promettere in campagna elettorale un candidato?
Solo su quello che decide il CSM
Carriere e disciplinare.Non va bene
-
This post did not contain any content.
-
This post did not contain any content.
-
날이면 날마다 찾아옵니다. FediDev KR, 올해에는 자주 스프린트 모임을 열어보려고 하는데요. 지금까지 그래왔듯, 튜링의 사과에서 장소 후원을 해주신 덕분에 스프린트 모임을 작게 자주 열 수 있게 되었습니다. 아무튼....... 다들 언제쯤 참여하기 괜찮으신가요!?!?!?
-
@wallmask3 Oh no you're keeping track D:
