cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1524
Views
3
Helpful
1
Replies

This Week in Tech: April 5, 2023

Sean Dahlberg
Cisco Employee
Cisco Employee

We’ve made it to another Thursday, which means it’s time again for This Week in Tech. Let's dive in! 

So you want to integrate OpenAI's bot. Here's how that worked for software security scanner Socket 

The Register posts about how Socket was able to confirm 227 vulnerabilities, all using ChatGPT. 

Several months ago, Socket, which makes a freemium security scanner for JavaScript and Python projects, connected OpenAI's ChatGPT model (and more recently its GPT-4 model) to its internal threat feed. 

The results, according to CEO Feross Aboukhadijeh, were surprisingly good. "It worked way better than expected," he told The Register in an email. "Now I'm sitting on a couple hundred vulnerabilities and malware packages and we're rushing to report them as quick as we can." 

Socket's scanner was designed to detect supply chain attacks. Available as a GitHub app or a command line tool, it scans JavaScript and Python projects in an effort to determine whether any of the many packages that may have been imported from the npm or PyPI registries contain malicious code. 

Read more: https://www.theregister.com/2023/03/30/socket_chatgpt_malware/ 

ChatGPT vs Google Bard: Which is better? We put them to the test. 

In this article, Ars Technica compares the performance of OpenAI's ChatGPT-4 and Google's Bard in seven different categories, including dad jokes, argument dialog, mathematical word problems, summarization, factual retrieval, creative writing, and coding. 

In today's world of generative AI chatbots, we've witnessed the sudden rise of OpenAI's ChatGPT, introduced in November, followed by Bing Chat in February and Google's Bard in March. We decided to put these chatbots through their paces with an assortment of tasks to determine which one reigns supreme in the AI chatbot arena. Since Bing Chat uses similar GPT-4 technology as the latest ChatGPT model, we opted to focus on two titans of AI chatbot technology: OpenAI and Google. 

Read more: https://arstechnica.com/information-technology/2023/04/clash-of-the-ai-titans-chatgpt-vs-bard-in-a-showdown-of-wits-and-wisdom/ 

Samsung Fab Workers Leak Confidential Data While Using ChatGPT 

Believe it or not, more AI chatbot news. This one is about ChatGPT, but more of a reminder about not exposing sensitive and or confidential information to a third party. 

After Samsung Semiconductor let its fab engineers use ChatGPT for assistance, they started using it to quickly fix errors in their source code, leaking confidential information like notes from internal meetings and data related to fab performance and yields in the process. The company now plans to develop its own ChatGPT-like AI service for internal use. But for now, it limits the length of questions submitted to the service to 1024 bytes, reports Economist. 

So far, Samsung Semiconductor has recorded three instances of ChatGPT use which led to a data leaks. While three may not seem like a lot, they all happened over the course of 20 days, so the situation is quite disturbing. 

Read more: https://www.tomshardware.com/news/samsung-fab-workers-leak-confidential-data-to-chatgpt 

Mind control: 3D-patterned sensors allow robots to be controlled by thought 

A newly designed dry sensor that can measure brain activity may someday enable mind control of robotic systems. 

It seems like something from a science fiction movie: a specialized, electronic headband and using your mind to control a robot. 

A new study published in the journal ACS Applied Nano Materials took a step toward making this a reality. The team produced "dry" sensors that can record the brain's electrical activity despite the hair and the bumps and curves of the head by constructing a specific, 3D-patterned structure that does not rely on sticky conductive gels. 

I am tempted to add a Professor X meme here, but I will control myself.  

Read more: https://interestingengineering.com/science/mind-control-3d-patterned-sensors 

Hackers can open Nexx garage doors remotely, and there's no fix. 

If you own a smart garage door controller from Nexx, you may want to consider pulling the plug. It has a major security hole that makes it relatively easy for a hacker to remotely open connected doors. 

Multiple vulnerabilities discovered Nexx smart devices can be exploited to control garage doors, disable home alarms, or smart plugs. 

There are five security issues disclosed publicly, with severity scores ranging from medium to critical that the vendor has yet to acknowledge and fix. 

The most significant discovery is the use of universal credentials that are hardcoded in the firmware and also easy to obtain from the client communication with Nexx's API. 

Read more: https://www.bleepingcomputer.com/news/security/hackers-can-open-nexx-garage-doors-remotely-and-theres-no-fix/ 

And don’t wait till next week to catch up with the Cisco Developer Community. Every day (well, every weekday), we have something new for you! 

1 Reply 1

Paul Zimmerman
Cisco Employee
Cisco Employee

Ah some cool news this week! I haven't tried Bard yet but got an invite and was curious about it... looks like ChatGPT has the edge at the moment, but it looks like Bard is better at dad jokes! LOL