Smashing Security7 Dec 2022

AI chatbot or the start of Skynet? Eufy privacy, and hot desks

An AI chatbot is causing a stir - both impressing and terrifying users in equal measure. A security researcher discovers that a "smart" cam that doesn't use the internet is err.. using the internet. And university students revolt over under-the-belt surveillance.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

While anticipation builds for GPT-4, OpenAI quietly releases GPT-3.5 - TechCrunch.
OpenAI upgrades GPT-3, stunning with rhyming poetry and lyrics - Ars Technica.
GPT-3.5 finds a security vulnerability - Twitter.
Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking - YouTube.
OpenAI's new ChatGPT bot: 10 dangerous things it's capable of - Bleeping Computer.
What GPT-3.5 really thinks about us humans - Twitter.
We asked GPT-3.5 to write a story about the “Smashing Security” hosts - Twitter.
GPT-Chat - OpenAI.
Researcher Paul Moore questions Eufy about its privacy - Twitter.
Eufy’s “local storage” cameras can be streamed from anywhere, unencrypted - Ars Technica.
Eufy privacy statement - Eufy.
‘NO’: Grad Students Analyze, Hack, and Remove Under-Desk Surveillance Devices Designed to Track Them - Vice.
Max Von Himmel Twitter Feed - Twitter.
It’s Not Science, Just Surveillance (and it's Under Your Desk) - TWC newsletter.
Northeastern University - Northeastern University homepage.
Space Management Platform - Spaceti homepage.
Twitter is going great!
Pennyworth - IMDB.
BBC Maestro.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Drata – Put Security and Compliance on Autopilot. Build trust with your customers and scale securely with Drata, the smartest way to achieve continuous SOC 2, ISO 27001 & HIPAA compliance.
Bitwarden – Password security you can trust. Bitwarden is an open source password manager trusted by millions of individuals, teams, and organizations worldwide for secure password storage and sharing.
Kolide – the SaaS app that sends employees important, timely, and relevant security recommendations concerning their Mac, Windows, and Linux devices, right inside Slack.

Support the show:

You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.

Become a Patreon supporter for ad-free episodes and our early-release feed!

Follow us:

Follow the show on Twitter at @SmashinSecurity, or on Mastodon, or on the Smashing Security subreddit, or visit our website for more episodes.

Thanks:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(466)

How to hack a prison, and the hidden threat of online checkouts

A literal insider threat: we head to a Romanian prison where “self-service” web kiosks allowed inmates to run wild. Then we head to the checkout aisle to ask why JavaScript on payment pages went feral...

22 Okt 202544min

A breach, a burnout, and a bit of Fleetwood Mac

A critical infrastructure hack hits the headlines - involving default passwords, boasts on Telegram, and a finale that will make a few cyber-crooks wish the ground would swallow them whole. Meanwhile ...

15 Okt 202545min

When your mouse turns snitch, and hackers grow a conscience

Your computer's mouse might not be as innocent as it looks - and one ransomware crew has a crisis of conscience that nobody saw coming.We talk about how something as ordinary as a web page could turn ...

8 Okt 202542min

Salesforce's trusted domain of doom

Researchers uncovered a security flaw in Salesforce’s shiny new Agentforce. The vulnerability, dubbed "ForcedLeak", let them smuggle AI-read instructions in via humble Web-to-Lead form... and ended up...

1 Okt 202543min

The €600,000 gold heist, powered by ransomware

Ransomware doesn’t just freeze computers - it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night...

24 Sep 202539min

Lights! Camera! Hacktion!

When "bad actors" stop being hackers and start being... actual actors.This week, Graham and special guest Jenny Radcliffe play “Hacker or Ham?” (yes, Steven Seagal, we’re looking at you), before divin...

17 Sep 202542min

Whopper Hackers, and AI Whoppers

Ever wondered what would happen if Burger King left the keys to the kingdom lying around for anyone to use? Ethical hackers did - and uncovered drive-thru recordings, hard-coded passwords, and even th...

10 Sep 202544min

How hackers turned AI into their new henchman

Your AI reads the small print, and that's a problem. This week in episode 433 of "Smashing Security" we dig into LegalPwn - malicious instructions tucked into code comments and disclaimers that sweet-...

3 Sep 202545min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium