Hijacking Instagram: Behind The Massive AI Exploit
Ejaaz:
Now let's say you want to steal a $200,000 Instagram handle.
Ejaaz:
The old way would be to send a phishing email or install malicious malware or
Ejaaz:
maybe even buy a leaked password off a shady website on the dark web.
Ejaaz:
Well, yesterday, hackers discovered a new way, sweet talking an AI assistant
Ejaaz:
into handing over someone else's password.
Ejaaz:
Here's how it worked. You open up a chat with Meta's AI assistant.
Ejaaz:
You tell it you're locked out of your account. Maybe you sound a little bit panicked.
Ejaaz:
Maybe you tell them that you lost your phone and the
Ejaaz:
AI trying to be helpful to you resets the password
Ejaaz:
all for you done just hands over the keys to someone else's
Ejaaz:
account now this resulted in accounts worth over 1
Ejaaz:
million dollars including the white house official account getting stolen right
Ejaaz:
in front of their eyes and the craziest part was this technically wasn't a security
Ejaaz:
exploit meta security systems worked as they were designed but someone managed
Ejaaz:
to convince an ai and the ai trying to be helpful just handed over the keys What's.
Josh:
Crazy is in the time it took you to say that intro, we watched on screen this
Josh:
video of them actually doing the exploit and completing the exploit in what
Josh:
happened. So what actually happened here?
Josh:
I guess the terms that we're going to use are going to be a little fuzzy because
Josh:
this very much is an exploit.
Josh:
And although no code was hacked, there is a new threat vector that we're going
Josh:
to explore, which is this AI support agent.
Josh:
So recently, Meta has been testing out this AI-powered account recovery assistant
Josh:
on some Instagram accounts.
Josh:
And the assistant could actually trigger password reset emails which allowed
Josh:
you to recover an account in the case that you lost it the problem
Josh:
is that there's no hard authentication checkpoints
Josh:
and no rate limiting meaning you can continue to ping this thing over and over
Josh:
and over again so while attackers didn't exactly find a bug in the code they
Josh:
used social engineering which is very popular it's basically convincing the
Josh:
person on the other side to give you something that you should not have access
Josh:
to and that's what they did so through a series of prompts they were able to actually
Josh:
Exploit the system, convince it to send a password recovery email to an account
Josh:
that did not belong to them.
Josh:
And they were able to acquire the most valuable handles on the platform.
Josh:
Starting with Barack Obama's White House account was hacked.
Josh:
It was totally compromised. It was posting content that certainly should not have been there.
Josh:
And more importantly, there's a lot of businesses and a lot of individuals who
Josh:
are really affected by this.
Josh:
Like if you're running a business on Instagram, and that is the primary source for your income,
Josh:
you may have just lost your account if it was a high value handle,
Josh:
like one letter or like the word, hey, or there's just a series of Instagram
Josh:
handles that generally go for hundreds of thousands of dollars that were stolen.
Josh:
And currently people are trying to get them back. Matt is saying they're solving it.
Josh:
But before we get into all of the
Josh:
downstream effects, you want to walk us through exactly how easy it is.
Josh:
Like you could, we can do this ourselves in like five minutes.
Josh:
I think it's, it's no more than six steps, it's really, this is a serious problem.
Ejaaz:
Okay, so the craziest part about this for me was how simple it is to pull off.
Ejaaz:
And there are three ways that hackers were able to exploit this.
Ejaaz:
So I'm going to walk you through the one that you're watching on your screen
Ejaaz:
right now. So it starts with the attacker spoofing their location.
Ejaaz:
So they have an idea of the account that they want, and they know where the
Ejaaz:
account holder resides.
Ejaaz:
So they use a VPN, and they target the user's specific region,
Ejaaz:
so it pretending to be the user.
Ejaaz:
Then it starts the password reset. So typically when you log in,
Ejaaz:
there's like a reset your password function, right?
Ejaaz:
So he clicks that and he clicks the account is hacked.
Ejaaz:
So that triggers a flow which opens up Meta's AI assistant, which they are testing.
Ejaaz:
So you get connected to the support bot and you basically say,
Ejaaz:
hey, I have a new email address. This is my username. And given the username
Ejaaz:
that they don't actually own, can you just send me a code to reset this account,
Ejaaz:
please? Sorry, I don't have my phone. I've lost everything else.
Ejaaz:
And the AI trying to be helpful basically sends a verification code to the attacker's
Ejaaz:
email, which they've just spun up, and presto, that's it.
Ejaaz:
You can reset the entire account, reset the entire password,
Ejaaz:
and the rightful owner wakes up the next day and they just don't have access to the account.
Josh:
This is one of a couple of versions
Josh:
of this exploit so what people started to realize is after
Josh:
this first one went through that not only is this a specific
Josh:
exploit but this is an entirely new attack vector there is
Josh:
this bot that can be tricked into believing
Josh:
other things and it has basically god mode access
Josh:
to do anything that it wants so people were kind of pen
Josh:
testing this penetrate testing see where they can access it from other ways
Josh:
and there is a second version of this exploit
Josh:
that was shortly discovered after the first because sometimes it
Josh:
didn't work so well sometimes the ai bot
Josh:
requested some additional verification in this
Josh:
sense it was a headshot or a short
Josh:
video of the target's face it wants
Josh:
to make sure that you are actually the person you say that you are so it's requesting
Josh:
proof of personhood well turns out metis ai
Josh:
agents aren't that great at recognizing real people because people were able
Josh:
to generate ai generated video of someone's face by taking a few screenshots
Josh:
probably from the instagram profile and turning into a video and once they submitted
Josh:
that to the servers it sent a password link right to their email and now they own the account
Josh:
And it is just, oh, it's a serious problem. So the answer to this,
Josh:
I mean, immediately as I'm hearing this, I'm thinking, oh my God,
Josh:
well, I have two-factor authentication. Surely that's good. I have 2FA.
Josh:
Surely that is okay. In fact, the CEO of Epic Games, Tim Sweeney, said the same thing.
Josh:
Surely 2FA should prevent this. Well, it did for a hot second.
Josh:
But then the follow-up answer is no, it actually doesn't.
Josh:
Because it turns out this attack vector extends even further past meta onto
Josh:
the Facebook platform as well.
Josh:
In fact, on Facebook, you can actually convince the AI bot to go into developer
Josh:
mode, that you are an actual developer who works at the Meta company and who
Josh:
has admin access to changing these profiles.
Josh:
So it was able to convince the bot that it is a developer and then through that
Josh:
was able to actually send an additional password reset that gets around 2FA because...
Josh:
Asks for i want to make sure i'm getting this right it asks for
Josh:
actual proof that you are who you say that you are so
Josh:
it asks for some documentation about your name
Josh:
and your kind of id and if you
Josh:
can submit that of course ai generated then you could
Josh:
bypass the entirety of this authentication process as
Josh:
well so it's this really horrific exploit
Josh:
that has seemingly affected any account
Josh:
that was targeted and if you have made it through today without
Josh:
your account being targeted congrats you're not one
Josh:
of the most valuable accounts on the platform because it seems
Josh:
like a lot of these larger accounts ran into a lot of issues and
Josh:
i know that they tried to patch this and by taking down the bot but it seems
Josh:
like there's still api access as of this morning of recording this where it's
Josh:
still not entirely fixed so it's been a really concerning thing and we should
Josh:
probably get into like how this even happens this is this is crazy i
Ejaaz:
Mean a few crazy things as I dug into this story.
Ejaaz:
People were talking about this openly on Reddit about a month ago.
Ejaaz:
So this exploit has just been sitting in plain sight for all of Meta's cybersecurity
Ejaaz:
researchers to have picked up and dealt with, but it just was never exploited
Ejaaz:
or it just was never patched. So I think it was happening on lower level accounts.
Ejaaz:
And then the White House account was kind of like the alarm bell ringing,
Ejaaz:
being like, hey, we have a problem here.
Ejaaz:
Number two, what would happen after these accounts got hacked or stolen would
Ejaaz:
be that they were sold online via, and I'm showing you on the screen here some
Ejaaz:
Telegram groups, of people just selling the accounts for like almost up to a million dollars.
Ejaaz:
So this kind of like attack exploit has been sitting around for a while,
Ejaaz:
and it begs the question, which is like, well, how do we protect against this in the future?
Ejaaz:
And kind of like, how do I help myself understand this new world of AI where.
Ejaaz:
It goes from being a hard-coded exploit where typically hackers would look at
Ejaaz:
the code and try and exploit vulnerabilities in hard code to something a lot
Ejaaz:
softer where you're talking to almost a human being and you can sweet-talk yourself.
Ejaaz:
The attack vector goes from code to how well you can use words.
Ejaaz:
And I came across this really interesting analogy. It's called the confused deputy.
Ejaaz:
So I want you to picture the following, Josh. Imagine you are the nightkeeper
Ejaaz:
of a very secure bank vault.
Ejaaz:
And the way that it's secured is you as the nightkeeper have keys to everyone's
Ejaaz:
safety deposit box, right?
Ejaaz:
And it's jangling on you. You're the one guy and you have guns,
Ejaaz:
whatever, you can protect yourself, right?
Ejaaz:
And you have keys to every single thing. Now, what if someone can come to you
Ejaaz:
in the middle of the night and convince you that they are who they say they are,
Ejaaz:
even though they're faking to be someone else and sweet talk you into giving
Ejaaz:
them the key or opening up their safety deposit box and giving you the contents of that.
Ejaaz:
That is the new world that we're entering right now. And it's a very weird one
Ejaaz:
because technically meta, you could argue, didn't do anything wrong.
Ejaaz:
They had their security systems in place. They just weren't prepped adequately for this new vector.
Ejaaz:
And it's not just meta that is exposed to these kinds of things.
Ejaaz:
We've seen hacks recently with OpenAI's specific supply chain security,
Ejaaz:
as well as Apple themselves which recently had an exploit revealed by Claude Mythos.
Ejaaz:
It was a 55-page report where technically the hack happened by exploiting or
Ejaaz:
being able to kind of like work its way around their memory configuration,
Ejaaz:
which they had, I won't get into it.
Ejaaz:
So it's this new world where AI is kind of like opening up a different attack vector.
Ejaaz:
And the only way to protect against this, I guess, is kind of like anti-prompts
Ejaaz:
or anti-prompt injections. It's just kind of weird.
Josh:
Yeah, they need to up their security in a big way. This feels like this horribly overstepped...
Josh:
Uh implementation of this and one of the things that actually
Josh:
really rubbed me the wrong way is in meta's response they actually said
Josh:
there was no breach of our systems quote end
Josh:
quote and sure okay buddy like technically that's
Josh:
true your systems were not actually breached but like
Josh:
oh my god this is about as bad as it gets like i almost rather
Josh:
they would have been breached so there was a very clear fix with this
Josh:
there is no clear fix it's just a matter of i guess more red
Josh:
teaming and more making sure that these ai models
Josh:
are more resistant to prompt injection and it's crazy that i mean
Josh:
prompt injection is not a new threat vector it
Josh:
has been around since the beginning of ai's a lot of you'll
Josh:
see these posts online of people putting like hidden prompts
Josh:
inside their linkedin profile so when automatic bots try to email them
Josh:
it gives them the recipe for some like pie or something
Josh:
like that so prompt injecting is nothing new and that's
Josh:
kind of exactly what it was and it takes me to
Josh:
the idea that um like of meta
Josh:
as a company and i want to discuss them quickly because meta as
Josh:
a company has been very disappointing when it comes to anything outside of
Josh:
social media when you think of what about what it's accomplished right they have facebook
Josh:
they acquired instagram and they made it into this unbelievable platform
Josh:
they have whatsapp but outside of that everything has kind
Josh:
of failed they did the pivot to meta everyone remember
Josh:
i mean the company is now called meta but there's no metaverse to
Josh:
be found now they've pivoted away from the metaverse after it's
Josh:
failed over to ai there has spent an ungodly amount
Josh:
of money hiring these engineers that we've talked about plenty of
Josh:
times on the show for tens to hundreds of billions of dollars of compensation
Josh:
Only to release these seemingly small things and the small things that they
Josh:
Have released that have actually gone public into their applications are now
Josh:
acting as surface area for people to attack the platform and to ruin the user's
Josh:
experience on it so so far there really hasn't been any
Josh:
Impactful, noteworthy things that Meta as a company has shipped.
Josh:
And this is just another kind of ding, notch in the belt about kind of like
Josh:
how crappy Meta has been.
Josh:
It leaves me really disappointed. You want to trust a company like this, but they're shipping.
Josh:
I mean, this is like step number one of securing your systems.
Josh:
Like make sure that someone can't say they are someone who isn't and then offer
Josh:
them all the credentials to run your platform.
Josh:
It's just a really rough oversight. And it's a bummer to see.
Ejaaz:
This reminds me of one of the early versions of Amazon's AI chat assistant,
Ejaaz:
where people were going on it and basically making claims for orders that they
Ejaaz:
never initiated or received and just getting refunded for it.
Ejaaz:
Like someone exploited it, I remember, for like $5,000 for an individual account.
Ejaaz:
This is kind of like along the same kind of vector. Now, this couldn't have
Ejaaz:
come at a worse time for Meta.
Ejaaz:
In my opinion, they literally just laid off 8,000 people.
Ejaaz:
They have torched billions and billions of dollars on fire.
Ejaaz:
Their data centers aren't in demand because no one wants to use the Meta AI assistant.
Ejaaz:
And when they do, they end up losing their Instagram account,
Ejaaz:
apparently, so it's not working in Zuck's favor.
Ejaaz:
But one thing in, I guess, their court is, I think they're hyper focused on
Ejaaz:
building like a social media AI model.
Ejaaz:
And listen, I'm not a fan of like what their vision is, which is basically.
Ejaaz:
Let's try and capture as many people's attention as we can and get them focused
Ejaaz:
on a screen. I think that's kind of like scary and dark.
Ejaaz:
And we already know that they're working on these weird brain models that can
Ejaaz:
like initiate content to spark up certain regions in your brain.
Ejaaz:
And the new Muse Spark model helps you do that.
Ejaaz:
And then it's focused on advertising to try and, you know, pay advertisers off.
Ejaaz:
So they're focused on a very particular niche. And I don't think they're ever
Ejaaz:
going to try and compete with Anthropic and Open Air.
Ejaaz:
And that's, you know, prerogative and good luck to them.
Ejaaz:
But, you know, Meta's had a history of, you know, kind of having shady exploits
Ejaaz:
or being used for nefarious positions.
Ejaaz:
The thing I think about immediately is like the presidential elections of,
Ejaaz:
you know, of past where it was kind of like used to politically sway a bunch of different things.
Ejaaz:
I could totally see a world in the future where it's not technically a hack,
Ejaaz:
but people are like using these models to kind of coerce and advertise their own campaigns.
Ejaaz:
Now, in order to solve this, right, we need some kind of a failsafe.
Ejaaz:
We need some kind of a framework.
Ejaaz:
And ironically, yesterday, as this hack was unraveling, the White House themselves,
Ejaaz:
who had their account hacked at the same time,
Ejaaz:
released this report, or rather this mandate, this statement,
Ejaaz:
which basically says, we need to start taking AI a lot more seriously,
Ejaaz:
especially when it comes to security.
Ejaaz:
Now, the White House has been extremely involved in Claude Mythos and pre-testing there.
Ejaaz:
And they've been using and heavily involved with Anthropik's new model that
Ejaaz:
they haven't publicly released yet, purely because a lot of their defense systems,
Ejaaz:
national defense systems, are vulnerable if they were to release a model like
Ejaaz:
this. So this kind of like stems from that.
Ejaaz:
And they created this entire mandate where they basically said,
Ejaaz:
we need to take a more proactive approach to cybersecurity, as well as specific
Ejaaz:
attack vectors like this, such as prompt injections, and meta kind of like prove
Ejaaz:
the case right there and there.
Josh:
Yeah. And the thing that is difficult about this too, is the executive order
Josh:
seems like it's a little more chill. It asks for 30 days instead of 90 days.
Josh:
It seems like it mostly applies to frontier models.
Josh:
So when a new version of Mythos comes out, when OpenAI releases their GPT-6
Josh:
model or some really cutting edge model, that's what's mostly being evaluated.
Josh:
It doesn't seem to place as much of a focus on existing lower end models.
Josh:
Like they're not going to be auditing meta spark or metamuse models because
Josh:
they're just not that good um so this this wouldn't really protect us from a
Josh:
lot of the kind of novel new attack vectors that were just exposed through meta
Josh:
it's mostly on the companies to do this i
Ejaaz:
Wonder the definition of good changes josh what do you think like like good
Ejaaz:
could be like for defense systems but it could also be for like like,
Ejaaz:
I don't know, high-profile financial data at banks.
Ejaaz:
And maybe they're like different models for different niches, do you think?
Josh:
Yeah, perhaps. Or maybe there's just more red teaming that's done as it relates
Josh:
to like a harness around the models.
Josh:
Because I assume that's probably what's somewhat responsible for this,
Josh:
is they just didn't have the safeguards in place.
Josh:
They didn't have the red teaming done to actually test against all of these instances.
Josh:
Because this isn't necessarily a complicated prompt injection that uses these funny characters,
Josh:
that's kind of like more representing of a jailbreak this is
Josh:
just pure english a few sentence shows as you're on your
Josh:
way and it feels just like incompetence like there's
Josh:
no other way around it just feels like they failed to execute on basic security
Josh:
standards and in that sense it's really disappointing for me at least personally
Josh:
and when i think about us as consumers who are affected by this like thankfully
Josh:
my account wasn't impacted i don't have a very valuable account they don't care about me
Josh:
It's something that we've taken for granted. And our producer Luke for the show,
Josh:
he made a great point about Apple and how we've used Apple since the beginning of time.
Josh:
And I mean, early days when you bought a Macintosh, you bought it because Windows
Josh:
had a lot of viruses that you can get and Macs weren't susceptible to viruses.
Josh:
And that culture has kind of carried on through the entire history of the company
Josh:
where now you buy an iPhone and you just know it's secure.
Josh:
They've put privacy at the forefront. They've put security at the forefront.
Josh:
You don't need to install malware services anymore
Josh:
to scan through if you have any viruses you don't
Josh:
just you just don't have to worry about it everything's secure and what
Josh:
meta is showing us is that it's actually this luxury belief to
Josh:
feel that you are secure because it really takes a lot of hard work and effort
Josh:
and companies that aren't willing to do that work i assume we're going to continue
Josh:
to see this we i mean we talked about this earlier there's been an increasing
Josh:
amount of exploits happening every single week and the ai systems are progressing
Josh:
far faster than the security systems,
Josh:
at least in some instances, are able to revise themselves and improve.
Josh:
I mean, it's, yeah, again, weird, weird, weird news that it feels kind of eerie
Josh:
that it's so easy to do this for so many accounts. I mean, this affects people, it affects businesses.
Josh:
Yeah, just not great.
Ejaaz:
It just, yeah, it forces, it's going to force a lot of companies to kind of
Ejaaz:
completely rethink from the ground up how their security systems work in a world
Ejaaz:
where words can kind of beat and exploit your system,
Ejaaz:
maybe even for like a lot of money in the future as well.
Ejaaz:
And so the question then becomes, for now, right now, before we come up with
Ejaaz:
that framework and harness that you mentioned, how do we protect ourselves?
Ejaaz:
There are a few ways that come to mind. Number one is like multi-factor authentication.
Ejaaz:
Now, I know we had 2FA being exploited here, but there are other forms of 2FA,
Ejaaz:
right? You can firstly set up multiple forms of 2FA.
Ejaaz:
So it could be your SMS, it could be a passcode so that there's not just one vector for 2FA.
Ejaaz:
The other thing is there's these passkeys or there are UbiKeys,
Ejaaz:
like hardware devices that you can plug into your laptop. It takes your fingerprint.
Ejaaz:
I use a bunch of them and it's helpful. It generates an encrypted key every
Ejaaz:
time you use it. And that is super hard to replace or exploit.
Ejaaz:
And then you can kind of like lock down your visibility and recovery options
Ejaaz:
online. So if you're logged in, for example, you can check your account settings
Ejaaz:
and see if there are any other active sessions currently on your account.
Ejaaz:
And if you see a weird region or a weird location or a weird IP address,
Ejaaz:
you can cancel and block those out immediately.
Ejaaz:
Now, obviously, those are temporary measures. And in the future,
Ejaaz:
hopefully, you wouldn't want to even jump into these at all.
Ejaaz:
And then the obvious one, if you haven't gleaned it from this conversation so
Ejaaz:
far, is just be careful with the AI chatbots.
Ejaaz:
Don't be telling them everything. Unfortunately, with Meta specifically.
Ejaaz:
Every conversation you have on WhatsApp or Facebook Messenger or on Instagram DMs.
Ejaaz:
Coagulates around this exact same ai model and they have like a record of everything
Ejaaz:
that you speak about so nothing is really private or encrypted on meta ai that's
Ejaaz:
why i don't really use it that much or talk about vulnerable or valuable information
Ejaaz:
so just be careful about what you talk about in general.
Josh:
Yeah and then in terms of pass keys or 2fa in
Josh:
general there is a sort of hierarchy that i want to cover which is important uh
Josh:
sms being the worst so a lot of these companies they offer
Josh:
two-factor authentication in variety of ways you
Josh:
can use your phone you can use an authenticator app and the
Josh:
phone is the worst you almost never want to use your phone because it's very
Josh:
easy for the carriers to be compromised you have
Josh:
to think of the the second order attack vector so let's say you are
Josh:
a user of AT&T or Verizon if you use SMS as a backup then you are only as strong
Josh:
as Verizon and AT&T now and there are known ways to kind of social engineer
Josh:
those companies as well who are currently still run by humans to kind of take
Josh:
over your phone account capture those codes from your SMS and then use it to log into your account.
Josh:
So I would say that's the weakest form. Second to that is using Authenticator
Josh:
apps like Google Authenticator, Authy. There's a bunch of them that are really good.
Josh:
1Password in particular is excellent. It's also good to have a password management
Josh:
system because you do not want to be reusing passwords because one of these
Josh:
passwords will be exploited. I can promise you there will be a database dump.
Josh:
You will be exposed. That will be a problem.
Josh:
After you use authentication keys, there are things like YubiKeys,
Josh:
which Ejaz, you mentioned, those are probably the highest security version of
Josh:
it where you have physical hardware
Josh:
that you plug into a device to authenticate that it's actually you.
Josh:
Another thing worth noting is amongst your friends and family,
Josh:
just kind of having like safe words or phrases that you can discuss together.
Josh:
I think this is really important now that it's easy to emulate people's voices
Josh:
and faces and video and doing so at a near perfect kind of form factor.
Josh:
You really want to have your friends and family on the same page.
Josh:
Like, Hey, if you get a call from me saying I'm being kidnapped in some scary
Josh:
place, make me say the word.
Josh:
And that is a very important thing because it will be easier.
Josh:
The attack vectors for this will continue to get better. And then outside of
Josh:
that, I think it's really just kind of being careful.
Josh:
If you own a business and you have a business on one of these accounts,
Josh:
you probably want to collect a lot of proof that you own the account just for
Josh:
your own safekeeping. That way in the case,
Josh:
This ever does happen you have undisputed verifiable proof that
Josh:
you are the actual owner you are the rightful owner because i
Josh:
suspect it's going to be some ai content versus yours in a debate and you want
Josh:
to be able to you want to be sure that you could stand up against that and i
Josh:
think those are the really the best things you could do it's unfortunate because
Josh:
if you're a user of meta you had two factor on you had all your checks in a
Josh:
row you still got hit by this um so
Josh:
it's it's a sad one but i think that mostly that mostly covers the exploit that's
Josh:
that's what just happened this week and met it and it was crazy and
Ejaaz:
And listen you you might be listening to this episode and thinking
Ejaaz:
ah it is dangerous but it's also a
Ejaaz:
bit of a novelty like maybe you don't use instagram or much or maybe
Ejaaz:
you just don't care about social media account getting hacked as uh
Ejaaz:
versus your bank account i just want to make it clear that this is a very real
Ejaaz:
thing that is going to hit any and every single sector um i was reading anthropics
Ejaaz:
called mythos report recently and they gave us an update on all the testing
Ejaaz:
that they've been doing with their AGI-like model, which is called Mythos.
Ejaaz:
It has advanced cybersecurity capabilities so good that they haven't rolled it out to the public.
Ejaaz:
And their report basically said that of the 50 partners, or I think it was like
Ejaaz:
30 to 50 partners that they're working with, they discovered over 10,000 critical
Ejaaz:
vulnerabilities and they've only patched around 150 of them, right?
Ejaaz:
This was a model that was created four months ago in February.
Ejaaz:
Maybe, and they said in that blog post that within six to 12 months,
Ejaaz:
or sorry, within six months,
Ejaaz:
you will have other AI labs producing and publicly releasing mythos-level-like
Ejaaz:
models, but also by that time, clawed mythos will look dumb.
Ejaaz:
So the order of magnitude of intelligence and attack vector that these AIs are
Ejaaz:
getting is increasing exponentially, and we need to have the safeguards in place.
Ejaaz:
Now, they said that they're working on a bunch of things.
Ejaaz:
One being obviously using the AI model to defend against the exploits that it is exploiting.
Ejaaz:
So the idea is it could like patch a fix immediately as soon as it discovers
Ejaaz:
it. And that seems like the most feasible thing.
Ejaaz:
The other thing is just writing code from scratch from nowadays.
Ejaaz:
That just doesn't look like the security code that we created in the past.
Ejaaz:
It's going to look protective against prompt injections and words.
Ejaaz:
It's just going to be architected very differently.
Ejaaz:
And I think we're just entering a new world where cybersecurity companies in
Ejaaz:
particular are going to have to take their work from the ground up in a completely
Ejaaz:
different way. It's going to look very different five years from now.
Josh:
It's a new era and we're at day zero. This is the first, I guess,
Josh:
wide exploit that we've seen on a major platform.
Josh:
So scary precedent. Be careful.
Josh:
Take care of all your assets as best you can. And yeah, just be safe out there.
Josh:
And we'll hope that these companies can be responsible with their newly held superpowers.
Josh:
So that is the episode that is the meta exploit.
Josh:
You are fully now caught up. If you enjoyed this episode, please do not forget
Josh:
to share it with your friends. We have a really exciting roundup tomorrow.
Josh:
Every week we cover all the top news stories that we don't make an explicit episode on.
Josh:
We package them all into an episode that drops on Friday. it should
Josh:
be very exciting this week there's a lot of stuff to go down most importantly
Josh:
for me at least the thing i'm interested in is talking about that new glen rocket
Josh:
explosion boom pretty rough hit for the space race um but yeah if you enjoyed
Josh:
please again as always don't forget to share give us a five star rating if you
Josh:
enjoyed on your favorite podcast player and as always thank you guys so much
Josh:
for watching we will see you in the next one see you guys
Creators and Guests
