World of Warcraft players wrote about a fictional game element, “Glorbo,” on a subreddit for the game, trying to entice an AI bot to write an article about it. It worked:
And it…worked. Zleague auto-published a post titled “World of Warcraft Players Excited For Glorbo’s Introduction.”
That is…all essentially nonsense. The article was left online for a while but has finally been taken down (here’s a mirror, it’s hilarious). All the authors listed as having bylines on the site are fake. It appears this entire thing is run with close to zero oversight.
Expect lots more of this sort of thing in the future. Also, expect the AI bots to get better at detecting this sort of thing. It’s going to be an arms race.
Posted on July 27, 2023 at 7:04 AM •
Gandalf is an interactive LLM game where the goal is to get the chatbot to reveal its password. There are eight levels of difficulty, as the chatbot gets increasingly restrictive instructions as to how it will answer. It’s a great teaching tool.
I am stuck on Level 7.
Feel free to give hints and discuss strategy in the comments below. I probably won’t look at them until I’ve cracked the last level.
Posted on July 19, 2023 at 1:03 PM •
Amusing parody of password rules.
For example, at a certain level, your password must include today’s Wordle answer. And then there’s rule #27: “At least 50% of your password must be in the Wingdings font.”
EDITED TO ADD (7/13): Here are all the rules.
Posted on July 4, 2023 at 7:12 AM •
It’s called “Squid Fishering.”
As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Read my blog posting guidelines here.
Posted on July 9, 2021 at 4:03 PM •
Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.) While the report doesn’t mention which forum they were posted on (that certainly would’ve been helpful), it does say that these offerings have popped up a number of times. They have also been seen advertised in YouTube videos, where instructions were provided on how gamers can run the “cheats” on their devices, and the report says that “comments [on the videos] seemingly indicate people had downloaded and attempted to use the tool.”
Part of the reason this attack could work so well is that game cheats typically require a user to disable key security features that would otherwise keep a malicious program out of their system. The hacker is basically getting the victim to do their own work for them.
“It is common practice when configuring a cheat program to run it the with the highest system privileges,” the report notes. “Guides for cheats will typically ask users to disable or uninstall antivirus software and host firewalls, disable kernel code signing, etc.”
Posted on April 2, 2021 at 6:00 AM •
The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.”
Slashdot thread. Reddit thread. (And here’s the archived link, in case Cyber Command takes the page down.)
Posted on February 15, 2021 at 2:50 PM •
This essay makes the point that actual computer hackers would be a useful addition to NATO wargames:
The international information security community is filled with smart people who are not in a military structure, many of whom would be excited to pose as independent actors in any upcoming wargames. Including them would increase the reality of the game and the skills of the soldiers building and training on these networks. Hackers and cyberwar experts would demonstrate how industrial control systems such as power supply for refrigeration and temperature monitoring in vaccine production facilities are critical infrastructure; they’re easy targets and should be among NATO’s priorities at the moment.
Diversity of thought leads to better solutions. We in the information security community strongly support the involvement of acknowledged nonmilitary experts in the development and testing of future cyberwar scenarios. We are confident that independent experts, many of whom see sharing their skills as public service, would view participation in these cybergames as a challenge and an honor.
Posted on January 29, 2021 at 12:03 PM •
How in the world did I not know about this for three years?
Researchers at the University of Tokyo have developed a robot that always wins at rock-paper-scissors. It watches the human player’s hand, figures out which finger position the human is about to deploy, and reacts quickly enough to always win.
EDITED TO ADD (6/13): Seems like this is even older—from 2013.
Posted on June 12, 2019 at 6:22 AM •
Sidebar photo of Bruce Schneier by Joe MacInnis.