Welcome back to the TCE Strategy monthly technology and cybersecurity newsletter! The mission of this publication is to cut through the clutter of cybersecurity news stories and provide you with the most important, relevant and actionable cybersecurity information.
If this newsletter adds value, fantastic! That is the goal. Please forward it on to friends/colleagues. If not, no hard feelings. Please look to the bottom for an easy to click "unsubscribe" button.
|
|
|
In this issue:
Month's News in Review
Upcoming Speaking Events
TCE Strategy in the News
Must Read Articles This Month
Cybersecurity Tip of the Month
|
|
|
Enjoy this month's newsletter? You can use this link to post on social media or send to friends! Thanks for sharing!
|
|
|
|
This Month's News in Review
|
|
|
AI isn’t going to take over the world anytime soon.
I’m getting a lot of questions about Artificial Intelligence (AI) and its impact on cybersecurity. AI isn’t going to hack your computer, try to date your children, or build a new religion. Let’s take a step back and talk about what AI really is.
The thought of AI has been around for decades. The Turing Test was one of the first practical ideas of a computer acting “human” enough to fool a person into thinking they were typing to another person as opposed to a machine. Films started tackling the idea of machines replacing people literally 100 years ago, such as the 1927 movie Metropolis. Fast forward to the 2020’s, and AI is indeed doing a surprisingly good job writing articles, interacting with people in plain language, and even telling jokes (albeit not very good ones).
Some technologies have unequivocally changed the world. Fire. Written language. Electricity. Computers. Splitting the atom. Satellites. The Internet. Social Media. Other technologies were supposed to change the world, but history has proven otherwise (or the jury is still out). CB radios. Erasable ink. Segways. Self-driving cars. Blockchain. Virtual reality. AI certainly seems to be ready to fall into the former category, but it isn’t there yet. It may get there, but there is still a long way to go.
AI is already being utilized by cybercriminals to make more convincing phishing emails, generate realistic looking handwriting, copy people’s voices to defeat voiceprint technology, and even to write ransomware (albeit not very good ransomware). That being said, AI has been used for years to improve antivirus software as well, so like most tools, it is not inherently good or evil – the motivations of the user are far more important than the “morality” of a given tool.
Most experts agree that AI is still in its infancy. I have found several examples in my life where it has been useful to employ AI, such as telling me how to program Excel to do something I want, editing an article I’ve written to change the word count or the intended reading level, or to give me a “Cliff Notes” version of a given topic. There are also examples where AI has a very hard time understanding what I’m asking, or even giving me two different (and wholly incompatible) answers to the same question.
In short, yes, AI is an important technology and it’s going to become more important as time goes on, but it isn’t ready for Prime Time for the most exciting applications people have touted it for. For example, there are many examples of AI “hallucinating” (that is, stating things as true which are certainly false) that have made news headlines, and I’ve hit one example myself.
The most obvious example of AI “hallucinating” that I’ve come across occurred with my youngest son’s math homework. Here was the question we needed to solve: You have two cardboard wheels set up to be “spinners” with arrows that you can twirl with your hand: one has three equal sections labeled 1, 2, and 3, and the other has four sections labeled 1, 2, 3, and 4. If you spin both spinners, what are the odds that at least one of the two spinners lands on 3?
My first thought was that each spinner is independent, and since one spinner has a 25% chance of landing on a “3” and the other spinner has a 33% chance, then adding up those two percentages should be the answer (58%). Well, that wasn’t right, as my kid’s textbook said the odds were 50%. So, I thought we should try AI to see if it can give us a different approach.
Here is the first question I asked, and the answer I received:
Q: If I have a 33% probability of an event occurring and a 25% probability of another event occurring, how do I determine the probability of one of the two events occurring?
A: To determine the probability of either one of two events occurring, you can use the principle of addition or the "OR" rule in probability theory. The principle states that for two mutually exclusive events (events that cannot occur simultaneously), you can find the probability of either event occurring by adding their individual probabilities.
In this case, you have two events:
-Event A: Probability = 33% = 0.33
-Event B: Probability = 25% = 0.25
Since these events are mutually exclusive (only one can occur at a time), you can calculate the probability of either Event A or Event B occurring by adding their probabilities:
-Probability of Event A or Event B = Probability of Event A + Probability of Event B
-Probability of Event A or Event B = 0.33 + 0.25 = 0.58
Therefore, the probability of either Event A or Event B occurring is 58% (or 0.58).
Well, that’s what I already thought was the right way to solve this problem, and my kid’s textbook said I was wrong. So, I tried to think of new ways to ask the same question to the AI engine:
Q: If I have one four-sided die and one three-sided die, what are the odds that at least one of them rolls a 3?
A: To find the odds of at least one of the dice rolls resulting in a 3, we need to calculate the probability of the complementary event (neither die rolls a 3) and subtract it from 1.
Let's calculate the probabilities for each die individually:
-Four-sided die (D4): There is 1 face with a 3, and a total of 4 possible outcomes.
-Probability of rolling a 3 on D4: 1/4 = 0.25.
-Three-sided die (D3): There is 1 face with a 3, and a total of 3 possible outcomes.
-Probability of rolling a 3 on D3: 1/3 ≈ 0.3333.
Now, let's calculate the probability of neither die rolling a 3:
-Probability of not rolling a 3 on D4: 1 - (1/4) = 3/4 = 0.75.
-Probability of not rolling a 3 on D3: 1 - (1/3) = 2/3 ≈ 0.6667.
Since the rolls are independent events, we can multiply their probabilities to find the probability of both dice not rolling a 3:
-Probability of neither die rolling a 3: (3/4) * (2/3) = 1/2 = 0.5.
Finally, to find the probability of at least one die rolling a 3, we subtract the probability of neither die rolling a 3 from 1:
-Probability of at least one die rolling a 3 = 1 - 0.5 = 0.5.
Therefore, the odds or probability of at least one of the rolls resulting in a 3 is 0.5 or 50%.
Now that’s an entirely different approach, and the answer matches the textbook, but 58% and 50% can’t both be right. So, we used Excel to do something called a Monte Carlo simulation (with help from ChatGPT to get the syntax right), and we were able to prove that 50% is indeed the correct answer. I’m still completely unaware of why one way of thinking about this problem is right and the other is wrong, but that isn’t the point: the point is that I got ChatGPT’s AI engine to give me two different answers, and one of them is clearly a hallucination. NOTE: If there are any mathematicians reading this story, please reach out and explain to me why the 58% way of thinking about this problem is wrong.
AI is cool. AI is powerful. AI is immature. For now, keep driving your own car and writing your own term papers. Keep an eye out for “deep fakes” of pictures, videos or audio recordings that don’t look like reality, because they probably aren’t. Common sense will often prevail over heated emotions that AI will undoubtedly be used to fan the flames of.
Until next month, stay safe!
|
|
Upcoming Speaking Events
Here is a list of the cities that I will be in for 2023. Please feel free to reach out if you have an event in mind.
June 16th-22nd, Dublin, Ireland
July 17th-18th, Orlando, FL
August 19th-20th, Honolulu, HI
September 1st-3rd, Eau Galle, WI
October 2nd, Brainerd, MN
October 22-24th, New Orleans, LA
November 27th-30th, Key West, FL
|
|
|
|
|
|
|
Offline backups. Offline backups. Offline offline offline backups. Physically disconnected offline backups.
|
|
|
|
If you have a Gigabyte model motherboard in your computer, for the love of Pete update the BIOS! Per Wikipedia, "Gigabyte's components are used by Alienware, Falcon Northwest, CybertronPC, Origin PC,[16] and exclusively in Technology Direct desktops."
|
|
|
|
|
Cybersecurity Tip of the Month
Social Media Awareness During the Summer/Travel Season
As you travel for the summer holidays, embark on summer adventures, and spend more time away from home while the weather is warmer, there are some things you can put into practice while using social media to make sure the things you share with others don’t put you, your home, or your belongings at risk:
1) Limit posting. Avoid posting your travel plans and, if possible, hold off on posting photos and updates until after you return to your home. This goes for events that are in-town as well. It only takes a few minutes to burglarize a home.
2) Avoid geotagging your location. Social media platforms often offer this option when users post status updates or photos. It’s best to decline. You can also turn off the geolocation feature on your smartphone and tablet.
3) Check your privacy settings. You can limit a post’s exposure by setting limits on who can view your profile and updates. For example, in Facebook you can select for your posts to be visible to “Friends”, “Public”, “Me Only”, or “Custom”. You can also choose to have to approve things that friends and family might post to your timeline.
4) Don’t post your address online. While most of us would not blatantly post our home address online, you should avoid posting photos of the exterior of your house or of your neighborhood that could include things like house numbers, street signs, or unique decorations that could give away the location of your home.
5) Unplug! Enjoy your time with friends and family this summer and limit your exposure to cybercriminals skimming social media by taking a break from it when you can.
|
|
|
|
|
|
