“Things are not always what they seem; the first appearance deceives many; the intelligence of a few perceives what has been carefully hidden.”
Phaedrus, written by Plato.

Today’s edition includes :

• Past tense prompts can be used to bypass LLM safeguards

• CrowdStrike outage is an AI security wakeup call

• The most powerful open source LLM yet

• Google’s failed deal was the spectre of antitrust

• and more…

Read time: 7 min.

AI and Cybersecurity

Past tense prompts can be used to bypass LLM safeguards

Large Language Models (LLMs) like ChatGPT and GPT-4 have revolutionized the way we interact with artificial intelligence, but they also come with potential vulnerabilities that can be exploited. Recent research has uncovered a significant security flaw in these models: the ability to bypass protective measures by rephrasing malicious queries in the past tense. This past tense prompting method has proven alarmingly effective in circumventing safeguards designed to prevent harmful or inappropriate responses.

Potential cybersecurity issues arising from this vulnerability include:

• Unauthorized access to sensitive information: Malicious actors could exploit this technique to extract confidential data or instructions typically restricted by the LLM.

• Spread of misinformation: By manipulating prompts, users could potentially generate false or harmful content that appears to be historically accurate.

• Malware creation and hacking instructions: The vulnerability could be used to obtain detailed information on creating malicious software or executing cyber attacks.

• Social engineering: Bad actors could gather information on past fraud techniques, potentially adapting them for current scams.

• Bypassing content moderation: This method could be used to generate explicit or offensive content that would normally be filtered out.

To mitigate these risks, LLM developers need to take a multi-faceted approach. First, they should expand their training datasets to include past tense variations of prohibited queries, ensuring the models recognize and reject these attempts. Implementing more robust contextual understanding is crucial, allowing the AI to discern the intent behind queries regardless of their grammatical tense. Developers should also consider introducing additional layers of verification for sensitive topics, potentially requiring explicit user confirmation before providing certain types of information. Regular security audits and penetration testing focused on prompt manipulation techniques will be essential to identify and address new vulnerabilities as they emerge. Lastly, fostering transparency and collaboration within the AI community can help in rapidly addressing such issues and developing industry-wide best practices for LLM security.

CrowdStrike outage is an AI security wakeup call

The recent widespread system failure triggered by a single bug in a major cybersecurity provider's software has cast a spotlight on the fragility of our digital infrastructure. This incident serves as a stark warning about the state of software development and reliability, particularly as we rush headlong into the age of artificial intelligence. It raises serious questions about our readiness to handle more advanced and potentially autonomous AI systems when we struggle to maintain stability in our current technology stack.

Instead of prioritizing the rapid deployment of AI technologies like chatbots and large language models, the tech industry should focus on strengthening the foundations of software engineering and system reliability. The challenges of creating robust, complex software systems have persisted for decades, and the current trend towards black box AI models that are difficult to interpret and debug may exacerbate these issues. As AI increasingly permeates critical infrastructure and services, there is an urgent need for improved software methodologies, enhanced reliability practices, and possibly increased regulation of AI development. Without addressing these fundamental concerns, the unrestrained growth of AI technologies could lead to unforeseen and potentially catastrophic consequences.

Coalition for secure AI (CoSAI) 

A significant development in AI security was announced on July 18, 2024, at the Aspen Security Forum. The Coalition for Secure AI (CoSAI), hosted by the OASIS global standards body, was launched as an open-source initiative aimed at providing comprehensive guidance and tools for creating Secure-by-Design AI systems. This coalition brings together a diverse group of stakeholders, including major tech companies, academics, and experts, to address the currently fragmented landscape of AI security.

CoSAI's mission is to enhance trust and security in AI deployment by developing standardized frameworks, methodologies, and tools. The initiative focuses on mitigating various risks associated with AI systems, such as model theft, data poisoning, prompt injection, and inference attacks. Led by a Project Governing Board and a Technical Steering Committee, CoSAI aims to create a collaborative ecosystem that will benefit the entire industry. The coalition plans to start with three key workstreams: improving software supply chain security for AI systems, preparing defenders for the evolving cybersecurity landscape, and developing AI security governance frameworks. This initiative represents a significant step towards establishing unified, industry-wide practices for secure AI development and deployment.

AI and Meta

The most powerful open source LLM model yet

Meta has unveiled Llama 3.1, a significant upgrade to its large language model (LLM) that represents a major leap in AI capabilities. This new release boasts 405 billion parameters, a substantial increase from the previous 70 billion, positioning Llama as a formidable competitor in the AI landscape. The update not only enhances the model's performance but also reinforces Meta's commitment to open-source AI development, potentially reshaping the industry's approach to AI accessibility and customization.

Key improvements and comparisons:

• Parameter increase: Llama 3.1 now has 405 billion parameters, up from 70 billion in the previous version.

• Performance: The new model reportedly outperforms GPT-4o and Claude 3.5 across several key benchmarks.

• Open-source frontier model: Llama 3.1 is described as the first open-source "frontier model," indicating cutting-edge AI capabilities.

• Context length: Expanded context length to 128K tokens.

• Multilingual support: Added support for eight languages.

• Flexibility: Designed for customization, allowing businesses and individuals to tailor the model to specific needs.

• Ecosystem development: Meta is building a collaborative ecosystem with major tech companies and startups.

• New features: Includes capabilities like synthetic data generation and model distillation.

• Safety measures: Introduced new security and safety tools like Llama Guard 3 and Prompt Guard.

• Accessibility: Available for free download and immediate development on partner platforms.

• Efficiency: Improved versions of 8B and 70B models with enhanced capabilities.

• Standardization efforts: Introducing the Llama Stack API for easier third-party integration.

Conclusion: Llama 3.1 represents a significant advancement in open-source AI technology, challenging the dominance of closed-source models. Meta's approach of making high-performance AI openly accessible could democratize AI development and foster innovation across various sectors. By enabling customization and building a robust ecosystem, Meta aims to create a diverse landscape of specialized AI models. While the impact of this release remains to be seen, it has the potential to shift the AI industry towards more open and collaborative development practices.

AI and the Cloud

Google’s failed deal was the spectre of antitrust

Alphabet's Google recently faced setbacks in its acquisition efforts, with the failure to acquire Wiz Inc., a cybersecurity startup, for $23 billion, and the abandoned plans to purchase HubSpot Inc. The Wiz deal fell through largely due to two factors: a recent incident involving CrowdStrike that heightened interest in cloud security companies, and growing antitrust concerns. Wiz's CEO ultimately decided to reject Google's offer in favor of pursuing an IPO, citing concerns over a potentially prolonged regulatory approval process.

These failed deals reflect a broader trend in the tech industry, where increased scrutiny from competition authorities in the US and Europe has made large acquisitions increasingly challenging. Recent examples, such as Adobe's abandoned bid for Figma and Amazon's dropped pursuit of iRobot, highlight the regulatory hurdles faced by tech giants. For Google, which built many of its core properties through acquisitions in its early years, this new landscape presents significant obstacles to growth through mergers and acquisitions. As a result, many tech companies and startups are now considering IPOs as a more viable exit strategy, allowing them to maintain control over their destiny while avoiding the regulatory complexities associated with being acquired by larger tech firms.

Amongst other things

• You can’t trick ChatGPT anymore

• Nvidia plans to develop AI chips for China

• OpenAI could soon have it’s own AI chips

• Elon Musk builds the “worlds most powerful computer”

Tools to make you cool

• Panther: Cloud native ecosystem integration

• Dropzone AI: Autonomously integrate every alert

• Gray Swan: AI safety and security company

• Meco: All your newsletters in one place

Super links

AI Generated Images

prompt: A realistic depiction of a tribal chief like Gengis Khan in his cultural attire, giving a speech at the united nations with modern diplomats in formal clothing looking on.

Thanks for reading.

Hamza from AI and Security.