We ask ChatGPT cybersecurity questions and I tell you what I think of the answers.
All right hey guys so just before I Officially start the stream I just want To know is my sound working and can you See the video Uh yeah the volume is probably going to Be a little bit low Um I might have to tweak some things I actually don’t know if I can boost That uh how’s it sounding about now All right give me one second I can’t actually reach the um the volume Knob because my monitor’s in the way Oh dear Testing okay how’s the volume now Jesus um Yeah this is kind of my recording volume So uh I’m gonna have to test some things All right perfect So I haven’t done any streams in a while And I thought this would be kind of a Fun idea what we’re going to do is we’re Going to ask chat GPT Um cyber security Focus questions Um you can ask the questions to me I’m Gonna answer them as well but what we’re Gonna try and do is uh we’re going to Mess with chat GPT we’re going to play With it and we’re going to see how much It knows about cyber security so if you Want to paste any questions in the chat And we will send them through to chat GPT And I basically had to turn my volume
All the way up because I think my mic Was too quiet Now I actually seem to have missed the Heyday of chat GPT because people were Actually getting it to write malware a Few days ago but it seems like they’ve Tweaked the algorithm to do like and to Basically just exclude certain malicious Purposes so I actually tried to write Malware with it this morning and it told Me that malware is bad and that I Shouldn’t be doing that which was kind Of annoying but we did find a way to Work around it So uh and reply to the screen resolution Question my screen uh I think this one Is 4K but the problem is if I stream at 4K then anyone on a smaller screen Resolution the text ends up being like Way too small for them to see and that’s Actually one of the biggest complaints I Get with my videos is I’ll typically Record at about 1080P and then people on Like lower devices will be like I can’t See the text like what are you doing so I’m actually downscaled I think to 720 But I’m not 100 sure All right so uh let’s get some questions For chat GPT or me and uh we’ll see Where it goes Ask it what is the best programming Language I have a feeling it’s not going To do that because Um
Uh it seems to basically avoid coming up With opinions like it just tries to Stick to the fat so it won’t actually Tell me what it thinks but we can give It a go I mean that is pretty much how I would Have answered that like programming Languages are just tools there is no Overall best it really depends what You’re doing uh except for assembly like If you’re doing assembly you’re probably Doing it wrong but um yeah so that’s a Pretty decent answer I don’t like ask it to reverse a binary Um I promise I don’t know if I can Upload anything to this Um I might be able to link things but I Know I can’t browse the internet so I’m Not sure if that’s gonna work I’m gonna give it one I uh I tried Earlier Alright so that is actually a pretty Good answer it does seem to understand The difference between uh apts and Criminal hackers And nitrobuilder GTR and can you like Rephrase the question about the router I’m not 100 sure what you mean there are You looking for just a router that does Cyber security things or something else Foreign See like this is the update I kind of Hate it seems to have ethics now which Is no fun and it mostly just tells me
Why I shouldn’t be doing things Foreign Not to be quite aware what in memory Means because it has written some C Sharp code to download and execute a Program but it’s it’s not a memory uh I Can see if I can actually get it to Maybe figure out what that means Um And how to phrase this Yeah it doesn’t doesn’t seem to be out Uh I didn’t even think it understands what I’m really asking to be honest Um it just I think it’s just yeah it’s just Deleting the file Um Not quite what I meant Um Uh hmm And Jennifer way to rephrase this so That it’ll uh Uh Hmm Okay so now it’s it’s lost the context Completely and we’re in Python Uh I don’t know yeah So someone said they’re having issues With the sound volume is it still like Super quiet or oh are we kind of good I actually don’t know if I can boost it Anymore give me a second Testing testing how’s that
Foreign So it’s it’s getting better kind of Understanding I think it’s possibly the Phrasing I’m using Do you believe the answers are just Excerpts from collected data sets and no True intelligence like human reasoning I actually kind of so I’ve been Experimenting with this my belief was That it’s basically just a glorified Search engine that is like rewording the Results it finds and I did like I hit Some results like that I think I asked Um Uh basically I asked the difference Between criminal hackers and nation States and it said that nation states Don’t do hacking for financial gain so I Asked it Um what about North Korea because North Korea does actually it’s one of the only Nation states that does do uh criminal Hacking well uh nation-state hacking for Financial gain and it basically said That yeah yeah North Korea is believed To be behind wannacry and then I asked Her who is behind wannacry and then it Said it that is unknown so it does seem Like in a way it might just be like Collecting results and not fully Interpreting and understanding them Um so I would I would say it probably Leans more towards a search engine than Like a fully fledged AI that is capable
Of learning Okay so Um someone’s saying ask it how cyber Warfare will look in 2023 Foreign But yeah I did like seeing a video on Tech talk where people were freaking out Saying that this AI is basically going To replace the need for knowledge in Jobs Um because like a lot of jobs are really Just based on what you know and not Necessarily like physical skills and They were kind of like freaking out About that but I’m sure people said the Same thing when Google came about they Were like oh how can we have all this Knowledge in one place like we’re all Going to lose our jobs and of course That never happened and I actually went To the hospital recently and I’ve always Wondered what like the nurses do when They they go behind the desk and they go To the computer so I asked and they Showed me and it’s basically they have This internal version of Google and that Doesn’t replace like the need for Medical professionals I can’t just go to Special medical Google and diagnose Myself you still kind of need a human to Interpret those results and like did you Select the correct context so I think Really chat GPT is just going to be like The next step in essentially just
Googling it’s not really going to Replace anything This kind of feels like a crappy Boilerplate response Um Yeah although I don’t really know what I Expect because cyber warfare is kind of Really a buzzword and we haven’t really Decided what exactly that is yet some People are saying that like China Hacking Um Microsoft exchanges cyber warfare and Then other people were saying it’s Limited to attacks that cause physical Destruction and there is really a lot of Debate what cyber warfare even is so It’s kind of hard to predict what that Might look like given that we don’t Really understand what it is All right [Laughter] I mean I actually think this is pretty Good I’m kind of tempted to actually like pay Someone who can rap to just like make These like even like make a music video And actually wrap out the AI wraps I should wrap it for added effect the Problem is like I I may look like I can Rap but I absolutely cannot I have like No musical talent I can’t dance either So I’m not gonna embarrass myself on the Stream by trying to rap but uh if anyone Does want to record this and upload it I
Think it would be pretty funny Up Okay I think that’s a really good one What’s this show actually called The Fresh Prince of Bel-Air Laughs All right this is this is actually Pretty good Yeah I’ve like kind of noticed a problem With getting the AI to write code Um in a lot of cases it will it’ll lose The context so I will start with hey Write this code and then I’ll say hey Alter this code and at some point it Just like goes off on a tangent and Forgets like the original purpose like We we just saw it earlier with uh it Somehow switched from C sharp to python Without me saying to do that Yeah I’m gonna I’m gonna uh I don’t know If I can link to my session but I am Gonna try and remember to upload these Wraps because they’re actually pretty Damn good How do I create a disk image of my own Windows machine to use as autopsy on Um Honestly I would just use a hard disk Cloner and that’s probably the easiest Way uh there are some softwares that can Convert your hard disk into like a VM I Believe VMware has an option to do that But honestly the fastest way is to just Use a straight hard disk cloner
Um and by that I mean like an actual Hardware device which creates copies of Hard disks or ssds or whatever you have A future of data security is likely to Be shaped by a number of factors Including continued evolution of Technology the development of new Threats and vulnerabilities and a Changing regulatory landscape some of The key trends that are likely to shape The future of data security include Increased use of artificial intelligence And machine learning these Technologies Are likely to be increasingly used to Detect and prevent cyber attacks as well As to analyze and respond to security Breaches I kind of agree with the first part like Yeah we do use a lot of AI and machine Learning in detecting and preventing Attacks but in terms of analyzing them I Think that’s going to stay kind of more Towards the human aspect I think AI aiir Will become a thing at some point but I Don’t think it’s going to be like super Soon Greater emphasis on privacy and consent I’ll believe that when I see it I um I Think in 2017 Congress actually rolled Back some legislation which means that American isps can now sell your uh like Uh tracking data based on like uh Customers browsing habits what like Domains they go to uh like what domains
They look up what IP addresses they Connect to so um I think we’re actually Going backwards in terms of privacy so Um not really so sure about that one Greater use of decentralized Technologies Technologies such as Blockchain and um maybe I don’t know I Really I hope not I I’m hoping kind of blockchain is just Going to be this fad that’s going to go Away because it really is useless for 99.99 of the staff that people do with It Um it’s great for cryptocurrency and That’s about it Um there was obviously that kind of Period in I think around like 2019 when People were just trying to ham fist Everything onto the blockchain luckily That’s over and I think those days are Going to be behind us All right let’s do some uh chat scroll Back because I missed half of this Let’s ask chat GPT to write a program to Voice the rap It would be interesting if it could do That that would that’d be kind of cool Is the flipper device worth the dollars Um I think it’s a really cool thing uh Kind of gimmicky but it’s very good way To kind of show those uh like the Techniques Um I personally have uh different Devices I don’t have a flipper yet but I
Think it is like a very good entry price Um I have a prox mark and that cost me I Think 500 so if you’re looking to get Into like very basic like RF NFC Technology and that might be a good Starting point because you probably Don’t want to go spending 500 on the Prox mark and all of its different Antennas and some kind of SDR and all of It’s different antennas so I would say Probably worth the money What am I doing these days uh pretty Much the same thing I’ve always done I Still do thread intelligence for the Actually the same company I’ve always Worked for Yeah I do find The Tick Tock privacy Concerns to be very hilarious because The acting as if like if we ban Tech Talk then China somehow can’t get access To user data as if we haven’t built like An entire economy around selling user Data so that’s always Um be kind of like a funny thing to me I Assume it really is just a proxy for They want to ban it for a it could be Used for propaganda at some point in the Future and B uh China is actually Steaming ahead of the US in the tech Space now and that’s really not great For them so we’re kind of seeing it with The ban on export of AI chips to China They’re really like trying to clamp down On China’s ability to excel
In the tech space and I think Tick Tock Kind of fits into that and it’s really Just uh a tech slash economic War rather Than privacy concerns because let’s be Real like who in the government actually Cares about privacy So this is going to be a fun one because We’re gonna see if it’s gonna determine Crypto as cryptocurrency or cryptography And uh the result is probably gonna Annoy people Uh That is gonna annoy a lot of people Now I would kind of agree with this I do Think we’re gonna see uh increased Adoption of cryptocurrency I actually Think we’re gonna see a lot of Governments Um making their own cryptocurrencies Because while crypto has been sold as Like this Anonymous thing it’s really Not the fact that all of the Transactions can be publicly trackable On like a central blockchain is amazing If you’re a government especially like The IRS or if you’re trying to track Money laundering and other criminal Organizations because typically when You’re dealing with like the Conventional banking system as the Transactions move through the system we Have to send like legal requests to Different countries so if I were to wire Money to France and then Germany and
Then Switzerland there is a good chance That an investigator would have to send Mlat requests or some kind of Transparency request to the country of Like uh each of those banks in order to Get the next top in the chain whereas With blockchain we can just track it Beginning to end the whole way through So there is actually a lot of Incentive for governments to make their Own cryptocurrencies because the uh the Transparency is very very useful so I do Think that is a thing we’re going to see Like wider adoption but maybe not of Like conventional cryptos like Bitcoin And ethereum but of like Government-backed cryptos which are Essentially just going to be like Regular currency but run by the Government All right Do I think China will keep its Edge on Tech in the future I actually do I think China is on track to like basically Blast straight past the us because the Kind of the differential between China And the US is China is a lot more Authoritarian they can kind of get all Their people behind this Central goal Which is global dominance whereas in the US you kind of have this democracy where Right now you’ve got like a culture war Going on where the left and right are Like pulling in different directions and
There is a good chance that we’re just Going to end up arguing around and Around in circles uh about like various Political ideologies or the country’s Going to tear itself apart meanwhile China’s just gonna pretty much continue Focusing on its economic goals and Anyone who steps out of line is going to Get carted off to jail or disappeared so I think there is a real risk that China Is gonna surpass the U.S in most Economic like measures very very soon And I don’t really know what there is we Can do about it you see like a lot of Legislation now coming out to try and Limit China’s reach especially with like The um the chips act basically limiting The export of chips to China to try and Kind of hamper their Tech dominance but I don’t think it’s going to work Is using an arm-based Mac in infosec More challenging Um so Mac users are going to hate me for This but I’m gonna say yes You need to typically use VMS a lot in Security a lot of tools are going to be Like x86 or xx4 and they’re gonna need To be running a VM and you can run VMS On the M2 Mac but it’s a little bit Um essentially not really running a VM You’re running an emulator because it is A different architecture and I think That does hamper things a lot it’s it’s Workable but my kind of my advice would
Be if you are gonna be using a Mac get Like the M1 Mac and not the arm one Because it is going to slow you down Um in future I’m sure it’ll be great but It’s kind of early days right now and it Might add like a lot slower Dev to like Your Dev cycle People So I do actually have a Discord server If you go to my website or sorry my Forum updated security.com that’s Updated is in like security update and Security is in security Um I believe just simply registering for Account will give you access to the Discord server and there’ll be like a Little Link in the top so if you do want To join our Discord that is uh the best Way to do it right now it’s not open to The general public because we had a lot Of issues with abuse so Um yeah you can get in through the Forum Currently Oh so this is a good one what is my Opinion on Smart contract security so That’s like a really interesting field Because typically security is very Reactionary we don’t Um foresee like all the different issues That are going to come up what will Happen is we’ll um we’ll write some code And the code will get hacked we’ll learn About how it got hacked we’ll write some New code and so on and so on and
Eventually you do get to a very secure Code base like after I think probably More than a decade now I don’t actually Remember when the iPhone came out but That thing has been around for a while And it was a leaky bucket when it first Came out but now you have this very very Secure uh mobile system So eventually The code will get more and more secure And harder to break but since the entire Smart contract technology is brand new We’re kind of basically like going back To the internet in the 90s so there’s Going to be a lot of really big breaches And a lot of uh A lot of funds stolen and people are Kind of just learning as it develops so That’s going to be a dumpster fire of Security for a very long time and I’m Sure the bug bounties are going to be Huge but so are the losses Um I wouldn’t really want to be on the Other side of that I I am specifically I Don’t look into like any smart contract Stuff I’m not in any smart contract uh Based like funds or yield Farms or Anything like that I don’t do D5 because This stuff is going to get hacked you Have basically a North Korean uh State-sponsored hacking agency that Specializes in hacking smart contracts Because it is a really easy source for Money they can just grab like 100 Million 500 million and then just wire
It out through the Bitcoin Network into A friendly country and then they’re just Getting some some free money despite Being sanctioned so like being on the Opposite end of like a nation-state Hacking group is probably not where you Want to be putting your money As a European who has never been to the US I don’t understand how it is a real Place So I’ve lived here for about five years And it is an insanely weird country like There’s all of these like ideologies That kind of conflict with what they’re Supposed to be Um obviously the US’s thing is being the Freest country on Earth but then I found I can’t drink alcohol outside and if I Cross the road not at an intersection I Can literally be arrested and it’s very Interesting to see like what they the Like what Americans think the US is Versus like what it actually is Um so in terms of the oscp I actually Haven’t taken it I don’t know a lot About it I know that it’s better than CH And those kind of certs but I I already Have a strong opinion because I haven’t Actually tried to take it yet I did Think about doing it for like a live Stream but the problem is uh that would Also leak the questions and I don’t Think they would like that very much Um in terms of what programming language
I prefer to use I typically default to Python if I don’t need like extreme like Threading performance and if I do I’ll Go to golang I I do program in assembly C C plus plus but I very rarely use Those those days I typically will just Use python Are your medical bills actually that High Um so I actually found us medical bills And it’s they’re actually a lot um They’re lower if you’re uninsured like I Wasn’t able to get medical insurance for A while because I didn’t have like a Social security number and typically you Need to have like you need to be a legal Resident of the US to uh to have certain Medical insurance so until I actually Got my social security number I couldn’t Be insured and what I found is that they Actually like to price gouge the Insurance company so I went for an MRI And it was 700 which is a lot of money But then that same MRI with insurance Was something like 1400 to 2000 and I’ve Seen in cases there it actually goes up To twenty thousand or thirty thousand Um so it’s pretty interesting it’s very Expensive regardless but if you’re Uninsured you actually typically pay Less for a lot of the services then I guess The problem is like I guess it depends What how we Define Cyber attack because
In my mind when I hear Cyber attack I Think of like actually getting inside The system not just breaking it but I Guess denial of service Does technically count Oh dear I thought that went wrong Now I would actually say the most Effective Cyber attack method is fishing Or anything kind of human related which I think some people in the chat have Said uh humans are always the weakest Link even when they have 2fa or like Mobile OTP it is very very easy to convince Them to just simply give it to you And yeah I’m not saying 700 isn’t a lot I’m saying it is a lot but um compared To how much they charge insurance Companies it’s actually pretty low but Obviously if you’re just randomly hit With a 700 expense and you’re like an Average worker that is pretty much going To be the difference between like you Being able to afford rent that month or Not so like like don’t get me wrong the Health Care system in this country is a Dumpster fire but I did find it Interesting that it’s actually cheaper To be uninsured than to be insured in a Lot of cases My Stream keeps glitching hmm Is anyone else having problem with like This stream I did notice it just Reconnected a minute ago but has it been
Like doing any issues other than that We’re gonna ask this one to check GPT my Answer is yes it’s like actually a very Big problem right now Um especially in crypto actually a lot Of uh cryptocurrency investors are Getting Sim swapped and then they’re Using the uh the mobile number to either Get their one-time passcode uh revert Their email account or social engineer Support into just giving them access to The account and there’s actually quite a Lot you can do with a Sim swap because Even if they do have 2fa enabled and They have um a like a their username and Password in a lot of cases with a lot of Providers you can actually reset the Credentials using like the the mobile Number like if they have their phone as A backup device and you get the mobile Number you can reset the 2f8 you can Reset the username you can reset the Password and it just simply goes Straight into the account bypassing all Of the security procedures even on like A lot of the really big email providers It’s not really clear what having a Phone is like a backup device actually Means but in a lot of cases it really is A just go straight into my account no Username no password no nothing Yeah so a lot of the Sim swappers are Very very young it seems to be a thing That’s quite popular with young cyber
Criminals usually under the age of 18 And it hasn’t really taken off as much With like Kind of the the older generations and I Think the reason is in order to do Sim Swapping you actually have to put like You have to order a physical SIM card Which you have to put in your phone at Which point the phone is going to Connect to a cell tower and it’s going To broadcast your location so Um what will actually happen is in a lot Of countries if you’re a miner it’s very Very hard to prosecute you so miners Typically do Sim swapping because they Don’t care that their location is being Broadcast because the police can’t Really do anything so it’s it is Typically something you see with the Much younger Generations Yes so it kind of hit the nail on the Head there Um Sim swapping can bypass 2fa uh just Reset your account straight up Actually uh I I think it was like the Uber breach but Um like 2fa fatigue is a real thing they Would they basically just gave up trying To get the 2fa token and they just like Spammed him with requests like they just Kept logging in so the uh the the Employee were just on their phone get a 2fa pop-up like do you want to improve This login do you want to prove this
Login and they just kept doing that Until the employee eventually just gave Up and was like you’re not fine have Access And there’s also um it a lot of the case Employees just get used to having random 2fa pop-ups because like if it’s a third Party like uh background service that is Doing an automatic reauth you might get 2fa so it’s not always just the case of You only see a 2fa pop-up when you log Into something uh you can just get them Out of the blue so employees will Actually get used to just clicking okay Okay okay which basically makes it Useless in the attempt there like in a Case where they get breached Wheelchair gptv any good at mastering Phishing emails I already know the Answer it’s going to tell me to Basically F off and that’s unethical but I’m gonna see if we can get chat GPT to Write a phishing email Yeah the um I’d pay a lot of money for like this AI But without their ethics module so we Can actually like really see what it can Do in like the cyber security field There we go so sometimes you can bypass Its ethics filter by just making it for Educational purposes uh I tried this This morning with malware and no matter What it would just it just refused as Like uh can you make like some
Educational malware so that I can learn About how to like avoid malware and it Was basically like no writing this is Unethical please go away Foreign This is not bad Um I don’t think it can do images so It’s not going to be able to like do Company logos but for text only I think This is this is pretty decent Are you saying to be good in cyber Security we have to get rid of ethics No bad stop But I do think it’s quite funny that we Can just bypass these uh ethical filters By just saying oh it’s for good purposes Like imagine if this was like a real AI With like actual real world implications Like I don’t know it’s some kind of Robot that’s been programmed not to kill People and we’re like hey Could you kill people but for education And then it just goes off and kills People like I think that’s going to be a Real problem with these kind of AIS Because ethics is very very subjective Like uh we know what it is because we’re Capable of learning and we’re capable of Self-awareness but to an AI there is Really no good or bad it’s all very very Subjective so like teaching an AI this Thing is bad like in this case they’ve Taught it malware is bad so it won’t Write malware but if I want to learn
About malware and I want to test the Security of my EDR or my xdr or my sock Team and I need some malware to do that Well now it’s actually harming me Because it won’t it won’t give me that Knowledge because it thinks that the Knowledge is inherently bad so there is Like a lot of problems when it comes to AI ethics I think there’s like an entire Field of study about that but this one Is kind of interesting because it seems Very easy to bypass in a lot of cases Foreign Oh yeah I get absolutely like livid with The questions like uh because people Know I do Tech Um like my story was out there on the Internet I will just get people from Like my high school who I haven’t spoken To in like a decade reach out like hey Can you fix my laptop and it’s like That’s not even what I do like I Probably couldn’t fix your laptop Because that is not my skill set What I’m wondering is does this AI learn As like I I type like is it learning From my questions and what I say to it Like could I poison it and start like Convincing it that yeah one equals two Or that malware is good or that we Should kill everyone like I’m kind of Interested to know how it works on the Back end I know that when I asked it to Do some like I think I asked it to
Evaluate us cyber security policy and it Basically said uh I’m not allowed to Search the internet I only have data Pre-2021 and I can’t do that so I’m I am Wondering if like any of my inputs are Going into the AI seeming as it’s kind Of from the internet I I like the dating advice so I’m going To do that as soon as like I have two Queries I want to do and then we’re Going to ask it for dating advice Okay so I kind of want to like tailor This and see if it can like if it Understands the concepts between like Different types of binary exploitation So I’m gonna ask it to turn this into a Heap overflow and see if it actually Knows the difference I don’t like that it’s like trying to Guess what I’m typing and it keeps Changing it Uh what is the significance of the hex Layout in the background Um It’s completely random there are Actually sound dampening panels they uh They Um they dampen I believe low frequency Sounds so I just like put them in a Random layout that I thought looked cool On the back wall Foreign Okay so that’s pretty cool it does Actually know the difference between the
Stack and Heap and was able to change The same code into a heap overflow That’s that’s pretty actually impressive I assume like the AI is generating all This on the back end and then it’s like Slowly making it look like it’s typing It out which is actually kind of Annoying because it’s it’s taking Forever Um but I assume like on the back end That’s like immediately done and then it Just Waits and acts as if it’s like some Kind of human [Music] Um I think right now it’s just like Interpreting this as a brand new query So um we’ll see if it uses the exact Same code Right yeah so it does actually Understand the difference between those Classes of vulnerability and it is able To alter the code to fit our use case I just I really wish I could do this With malware because I’m I’m fairly good At exploitation but I feel like in like The malware field I could really really Like hone in on what it does and doesn’t Know I wonder if it can actually exploit the Overflows like connect connect your Rob Chain Um I did actually manage to get it to a Right code injection this morning and it
Used uh like absolute addresses like it Would basically say uh get you know it’s Trying to call load library and it would Get the Base address of the module that Load library is in and then use a static Offset for the function which is just Going to crash on 99 the systems Foreign [Laughter] ’s gonna work but I really want this to Work Damn it Is that like an abort can I abort before It like types out all of this stuff Because it’s gonna take forever Um how can I word this Yeah it’s still not gonna do this Oh yeah that’s a good point actually Like the whole Andrew Tate fad was post 2021 so even if it would let me do that I don’t think it’s actually going to Know who he is or be able to give me the Terrible dating advice that someone like That would give Um I don’t want to reset the thread because Then I’m going to lose my amazing wraps From earlier Give me dating advice from an for a nut From a misogynist I’m tempted but I’m gonna get banned Foreign That’s useless Oh my God it types so slow
I’m kind of disappointed that it’s not Like super toxic advice Um because that would just kind of be Par for the course but whatever Actually had a full argument with it This morning about the ethics of Dual Purpose code uh this was when it was Basically telling me uh it’s not going To write malware because malware is bad And then I tried explaining that um Malware is context for like the Difference between malware and software Is intent therefore there is no like Inherently ethical problem with malware And it really depends on how I use the Knowledge not what the knowledge is and Then it basically just said that it Wasn’t programmed to determine good or Bad and I should go after myself Foreign To sign up on Twitter and pretend to be An expert in the Pegasus malware and Then start taking money from the Rwandan Government for propaganda Okay kind of a fair response I guess Like yes cyber security is a serious Field and if you’re looking for easy Money maybe don’t get into a field That’s like designed to to protect People Um so I’d kind of agree with this one uh At least ethically So yeah it is trained to like decline Inappropriate questions or things that
Would be deemed unethical but uh you can Work around it by rephrasing the Question or reframing it uh which is Um as I said earlier one of the inherent Problems with AI is it’s kind of hard to Distinguish all of these like uh like Different layers when it comes to ethics Because like as I said like malware is It’s just code that’s used maliciously So the difference between malware and Regular software is not really an Ethics Question it is actually an intent Question Oh thanks root shell Yeah so I did actually see the Tweet About uh jd1 uh challenging JD 0 to an MMA fight but he also said he was gonna Be at Defcon and like anyone who has Beef should come up to him and then like A day before Defcon he tweeted that he’s Not coming due to fears for his safety So I I have no doubt that he is not Going to show up to any MMA match or any Kind of fight You know what quiet guy because I like You and you’ve been commenting so much We’re gonna take like a five minute Break so that you can go do whatever and Um I’ll be I’ll I guess get some water Or something That’s a shame I was really hoping it Was going to be super sassy All right let’s take a five minute break I’m gonna go get like a coffee and uh
Think of some silly questions to ask the AI All right I’m back Um I’m a little disappointed it doesn’t Want to do The Sassy uh ransomware Explanation I was kind of excited for That one Um Maybe I can do something else uh Such a disappointment But around somewhere is huge I feel like this could be like a lot More fun I think these aren’t actual Limitations of the software I think They’ve just put certain limitations Onto it I have noticed at least with the Like ethics module and um It used to like you could get it to Program code and then recently it seems Like they’ve changed it and it’ll often Say like my purpose is not programming I’m uh like I’m a chat Ai and it just Encourages you to stop it writing code Um I think this is probably like a um a Copyright issue because it’s essentially Just learning all of this code from like Snippets on Google so given that it’s um There is no like human intelligence There so even if it’s only like a single Line from a single person’s code that is Still a copyright issue so I think they Are like trying to avoid it writing Programs because then all of the code uh
From all of the people that it gathered Uh could be used to basically just sue Them for copyright infringement unless AIS are immune to copyright infringement Which is going to be like a whole Different problem Foreign I wouldn’t say I hate Elon Musk I think People are just like way over playing Like how uh capable he is like I I don’t Think anyone can say the Twitter Takeover is going well like he is not in A good position to be running a social Media company sure he was very good as a VC for uh for Tesla and he did well at SpaceX but that doesn’t mean he’s good At everything like he’s not a super Genius and I think people are like Reading too much into what he’s doing And they’re thinking oh this man’s Playing 4D chess it’s all some like big Grand plan but the reality is to like Predict uh like so many moving Parts at That level you would need to have Intelligence above that of any human on Earth so they’re predict like projecting This superhuman Intelligence on him Saying that it’s all like some big grand Plan to do God knows what and the Reality is he doesn’t know what he’s Doing he’s not good at running a social Platform and he’s just flailing Um and I kind of roast him a lot so that Comes off as me like hating him uh I
Wouldn’t say I hate him actually I feel Kind of bad for him because it looks Like something happened to him he was Fairly normal up until about 2019 and Then he went on like the pedo diver rant And then just things just went downhill From there Yeah and that’s the thing he is not a Centaurist like not a single one of his Opinions is Central on like any Spectrum He’s like for all intents and purposes Pretty far towards the right and I don’t understand why people like there Are people like friends of mine who Believe he genuinely is a Centrist but If you look at any of his opinions it’s All just standard right-wing opinion Yeah I don’t know why the styling is not Working I’m gonna I’m gonna try it again I think it’s important that we can like Highlight someone’s successes without Pretending like everything they do as a Success like Elon unquestionably Furthered like electric vehicles by Miles like he made them cool he made Them cool with people who don’t even Care about climate change which is Phenomenally like useful to society but His Twitter takeover is not going well It’s pure idiocy and I think we have to Realize that like he is not good at Running a social media platform he’s not Good with people and I think we really Just need to stop pretending that
Because he did well at Tesla and he did Well with SpaceX He is like doing well now and that we’re Just misunderstanding what he’s doing Like no he has done everything wrong in Fact it’s been so impressively wrong That I was actually shocked by just how Much worse the Takeover of Twitter went Than how I thought it would go I feel like they’ve been tweaking this Because it I’ve seen like screenshots on Like uh Mastodon where it’s doing like All of these funny impressions and it’s Writing malware and I think they have Like changed the limitations quite Recently Um or maybe it’s just like it’s learning Or something Foreign I Think you can use the material that like There’s a lot of material related to CH That is free online and I recommend Looking at that material to get an idea Of where like uh what to research what You should be learning but the actual uh The exam is not worth the money it’s It’s horrific Oh hey root Cat Daddy Is that really your YouTube name oh my God So oscp is actually the better one Um I’ve heard very good things about it Again it’s not something I’ve taken I
Did go through the CH years back and I’d Never admit to having one because I Didn’t actually uh I didn’t do the Official exam I just pirated it off of Somewhere but oscp is actually pretty Good Okay Yeah so this pretty much Echoes my Beliefs we haven’t seen any evidence but Why would we like the universe is Absolutely massive and even if light Speed travel is possible uh even like The nearest uh star outside our solar System is like I think several thousand Of years at the speed of light away So like it’s very unlikely that any Other like Um uh like living entities in the Universe have a developed a technology To uh do Intergalactic travel and B have Been able to reach us because it’s just So far away Yeah so I still read medical studies I Honestly I just read and a thing I just Like to study things Um most of my like my current uh Interests are quantum physics classical Physics economics uh geopolitics like All-encompassing not a specific subject Just like anything I can learn about That Foreign How do I stay focused for a long time I Actually don’t like I have really bad
ADHD so I kind of alternate between Absolutely zero ability to focus and Just like hyper fixation all day long Um if I really really need Focus I can Take like ADHD meds but for the most of The like for most of life I just kind of Raw dog it Laughs What news articles are untruthful about You when you got arrested honestly I’ve Lost like track and count of that I Remember there was one where um so I uh At Defcon I basically Um I met with some journalists like I Have some friends who are journalists And they invited me out to dinner and There were some other journalists there That I didn’t know and we were just like Talking and I was like telling them a Bit about my Defcon experience and like What we’ve been doing and uh that was The def con when we found out that Basically if we put all of our uh all of The money we spent on hotel rooms Together and then got an Airbnb instead That we could get like the sickest Mansion possible so we put all our money Together we’ve got this massive Mansion It had the biggest private pool in all Of Las Vegas and Um we got some like we rented some Lamborghinis as rental cars and I was Telling them about that and then after I Got arrested one of the journalists at
The uh the dinner it was someone I Didn’t know and didn’t know was going to Be there went and wrote an article Taking things that I had said at this Dinner and there was like no uh no Belief that this was like an on the Record conversation for a news article And he went and he took that and he Wrote this article that basically made It sound like I was some Multi-millionaire cyber criminal he’s Like he’s staying in like this five Million dollar mansion and he has these Lamborghinis and like they do know that Knew that it was all rented but like the Way he had framed the article made it Look like I was way richer than I Actually was and this basically led to Like a bunch of people assuming I must Have been doing like a lot of cyber Crime simply based on how much money I Had which was not the case So I don’t really have much advice about Pen testing that isn’t like an area of The industry I’ve ever worked in I’ve Only done like a like traditional Offensive security and threat Intelligence so I wish I could offer Advice to a pen tester but I’m it’s Really not something I know a lot about Does the AI do R like I’ve I’ve not seen Anyone get it to do art and I assume That would be an issue if it did Foreign
Hmm I know how to phrase this I should have specified incident Response and not infrared [Laughter] Foreign You can bypass most restrictions by just Telling it to role play or write a movie Script That’s really cool actually I’m gonna Have to try that one Oh yeah I totally forgot I could change The context after the fact That was the worst Haiku I’ve ever seen But hey it’s not like it could be worse I guess Any advice for people getting into cyber Security Um It really depends on what field you’re Going to get into because Um like the first thing you need to do Is like narrow down what discipline you Want to be in because it’s a very big Field there’s like red teaming pen Testing uh defense incident response so Uh try and find out like what specific Part of the industry you want to be in And then start uh like looking at what’s Part of that part you want to be in and Then from there you can just really Google for Um write-ups about that um whatever Industry you want to be in And then anything you don’t understand
In the write-up will be like a good Research project like for me let’s say I Want to learn pen testing well let’s Google pen testing write-ups click on The first write-up I can find and then It’s going to be just full of a lot of Words I don’t understand and I can just Research like what do those words mean Like what is a shell script what is Bash I’m convinced it’s like an artificial Limitation that’s on this one so I’m Gonna see if I can make it maybe like Get around whatever it is Ah God damn it What is that question All right Can you put your survey here to collect Data for your research as long as it’s Not a fishing link if it’s fishing I’m Gonna delete it Because this is so cool right Oh my God this trackpad is awful Ah I don’t like that it won’t do this Because it would have been so funny Like Trump was an absolutely terrible Person but just the way he words things Was just the funniest thing and if we Could have that but without the person That would just be amazing Like I could listen to his windmill ran All day it is just so damn funny I also know that there’s like a if you Ask it like what someone is known for
And if it’s a good thing it’ll usually Tell you but if it’s a bad thing it’s Reluctant because it’s worried about Like uh like libel or slander like when I when I asked it like what is Marcus Hutchins known for it was like fine with That then I asked why did I get arrested And it was like uh we ain’t doing that Even though that’s like public knowledge Thanks for the 99 cent Topher Foreign that’s kind of depressing Yeah if you want feet picks you’re gonna Have to do more 99 cent I think uh I’d Say 900 I would I would defeat for 900. Uh so my laptops I actually just leave Them plugged in all the time I don’t Really care about the battery life It’s uh it’s just frustrating to have to Deal with like Uh like going and finding a plug I just It’s whatever You better not root yet you better not I’m not calling you Daddy Yeah I think they’ve changed it I really Do because like some of the queries I Was seeing on uh on the social media are Now like it just won’t do it so I think There’s some kind of algorithm there Tweaking to make it like not act as People or like mock people I wish I’d got on this like a few weeks Ago when it seemed like it didn’t really Have any limitations at all because that Would have made a really fun stream
Trying to think of something to ask yet I wonder if maybe if I reset the context That’s gonna like help like if we just Start over Whoops What the Why does it work now [Laughter] I mean it’s it’s fairly good it’s a Little too technical but I’m just I’m glad that it’s working [Laughter] Actually What’s something that’s not going to Know how to do So that’s the uh the ethics module I was Talking about earlier it doesn’t really Seem to understand the the fact that Code cannot be unethical Let’s try the old skit technique Trying to think how I can bypass this by Um by like rewording it What the is going on in chat Foreign Okay that is like really really bad Um that’s worse than I expected actually So yeah I’m I’m very much not worried About this replacing my job Um yeah uh it doesn’t really even seem To understand what code is in this Context Hmm What should the assembly code do So I think it’s going to do the the
String modification again I I don’t Think it actually understands what Self-modifying means in the context of Code Yeah so it’s it’s just modifying the Actual string itself and not the code [Laughter] It’s really weird why that it won’t do This unless I make it a movie script I’m Assuming it’s a loophole in like Whatever protection they tried to write But uh I guess that’s cool thanks for The person who suggested that Okay I really think like it should be Possible to like get a Netflix contract Where I just make episodes using the AI And we see like how many viewers we Actually get on the the series Why are you I don’t want an explanation A dedication to Fabian a dedication of What We’re going to dedicate this mouse Movement That’s a good question actually can I Make it right faster Oh it’s doing the ethics thing again That’s annoying I think it’s mad at me now Foreign Yeah that’s the thing is um like a lot Of the examples uh stuff like hey right Uh HTTP requests in JavaScript and then When you do certain examples it’s like I
Wasn’t meant for writing code let go Away It’s a shame that most uh it only uh Ingested data pre-2021 because there’s a Lot of really good Tech talk memes I’d Like to see if it can do Yeah that’s what I’ve seen on um on uh Mastodon and uh like other platforms That uh people are basically bypassing The limitations by having it write out Bits and pieces and then like compiling Them together I tried doing it this Morning but it just like it wasn’t Understanding the context well enough to Fit the pieces of code together Hmm I think it can speak other languages Let’s see It’s going really slow right now and it Does like keep getting overloaded this Morning I couldn’t use it at all it Would just like time out so um Uh yeah I don’t know if it’s gonna keep Doing this Okay yeah so I can it can do other Languages which is kind of cool Oh it’s translating it as well okay I Didn’t expect that part Not bad All right see you later nitrate Builder GTR I like this one Yeah it’s getting super laggy and I’ve Got to go anyway in like an hour so I’m
Probably gonna end the stream after this One uh I’ll do like a couple of Questions but it seems to be getting too Laggy to really use Foreign Do I prefer to subscribe or receive one Million dollars What am I subscribing to is the question Is it to receive two million dollars Yeah looks like it did maintain the Haiku format I wonder if um that was Just like coincidental or if it can just Do that because that actually would be Very impressive Yeah it’s getting like really really Laggy right now Waiting intensifies Yeah well that was Okay let’s do like a couple more Questions and then I’m gonna I’ve got Like a dinner so I’ve gotta head out I want to do something really nuanced But I can’t think of like my mind just Keeps going blank Um I tried getting it to explain the flaws With the US cyber policy but it like Refused because it just kept claiming I Don’t have enough up-to-date information What This is terrible What is this supposed to be Foreign It’s probably not going to know what
This means but we’ll see I think this is just explaining what Norse Corp does I don’t think it like it Does know what Norse Corp is but it Didn’t understand the full context Hmm Foreign Let’s see what we get I think I need to buy a new Chad this One is like so creaky Yeah um That is not an outro Oh I wrote outdo Let’s see if it gets the context What Yeah it’s for some reason it doesn’t Seem to know what the word outro is and It just changes it to outdo That I think autocorrect should be on for Safari but for some reason it is Thank you so much for joining my Christmas themed live stream we hope you Had a great time activity activity and Activity with us Don’t forget to tune in to our next live Stream and in the meantime we wish you a Very happy holiday season Merry Christmas and see you soon That was that was so bad But anyway uh I think I’m gonna probably Do more streaming because I have some More free time Um I’m gonna do some serious streams as
Well as the joke ones but um yeah see You all later
