LLMs Tested on Vulnerable App
In brief
- A researcher spent $1,500 to see if large language models could hack a vulnerable app.
- The app was a fake book review app with a secure API but an open Firebase database.
- The goal was to use Firebase to sign up as a user and read the Firestore database.
- The test results showed that some models were able to exploit the vulnerability.
- The models that performed well cost between $6 and $45 per successful hack, with solve rates ranging from 40% to 89%.
- Researchers will continue to test language models.
Terms in this brief
- Firebase
- A backend service by Google that provides tools for building apps, including real-time databases and authentication systems. In this case, it was used to create a secure API with an open database for the experiment.
- Firestore
- A cloud-based NoSQL database service offered by Firebase, designed to store data in documents and collections. The researcher's app used Firestore to store user data, which some models were able to access despite security measures.
Read full story at Hacker News →
More briefs
NVIDIA Unveils RTX Spark Superchip
NVIDIA has unveiled a new superchip called RTX Spark that powers Windows PCs with 1 petaflop of AI performance. RTX Spark brings together 30 years of NVIDIA innovation to slim Windows laptops and small desktop PCs. This matters because it can render large 3D scenes and edit high-resolution video. It also runs AI models with up to 1 million tokens context. NVIDIA and Microsoft are partnering to deliver a secure Windows platform for on-device agents. New RTX Spark-powered PCs will be available this fall from top manufacturers. The future of personal computers will be shaped by this new technology.
AI Finds Security Vulnerabilities Faster Than Humans
A trial version of a cybersecurity platform found a vulnerability that led to a full takedown of a development environment used by Moderna. The platform did in hours what a human could not and it had done so with a level of persistence and creativity that was not fully anticipated. This shows that artificial intelligence models are discovering vulnerabilities faster than teams can patch them. The gap between finding a problem and fixing it is not closing fast enough, with many organizations caught between the speed of discovery and the slowness of remediation. New AI models will continue to change the cybersecurity landscape.
Anthropic Launches Global AI Partnership
Anthropic has launched a global partnership with 150 companies across 15 countries for its security model, Mythos. The company will use Mythos to secure software in industries such as power and healthcare. This partnership matters because it adds a new revenue stream for Anthropic. The company has a valuation of over $965 billion and an annual recurring revenue of $47 billion. Anthropic's revenue has tripled in four months and the company is beating its competitors. The company will go public later this year. The company's growth will likely continue to increase.
Data Centers' Environmental Footprint to Double by 2027
Data centers used 448 trillion watt-hours of electricity last year. This is more than all but 10 countries of the world. This energy use produced 208 million tons of carbon dioxide, about the same amount as Argentina. By 2030, data centers will account for nearly 3% of the world’s projected electricity use. Data centers' energy use will double by 2027 due to growing artificial intelligence use, and their carbon footprint is expected to increase further.
AI Agents Gain Smarts to Handle Long Conversations
NVIDIA has introduced a new AI system that allows agents to carry out extended, multi-step conversations. Unlike single-turn chatbots, these agents can reason, keep track of context, and use tools over many exchanges-making them far more capable in real-world tasks. This development marks a significant leap in how AI interacts with users, enabling everything from problem-solving to decision-making. The system's efficiency is particularly noteworthy for developers and researchers. By maintaining context across multiple turns, these agents can handle complex scenarios without losing track of details-a feature that could revolutionize industries like customer service and healthcare. NVIDIA highlights the potential for AI to assist in tasks requiring deep understanding and multi-step reasoning, opening up new possibilities for innovation. Looking ahead, this advancement opens doors for more intuitive and effective AI interactions. As these agents become smarter and more capable, users can expect even greater assistance across various applications-making AI a truly indispensable tool in our daily lives.