GT - Cognitive Security and Social Engineering: A Systems-Based Approach

welcome to bides Las Vegas uh day two ground truth um today uh we've got Dr Matthew Kahan and Dr Ben Sawyer giving you cognitive security and social engineering I just want to briefly say a couple things we'd like to thank our sponsors especially our Diamond sponsor Adobe and our gold sponsors prism cloud semrep and blue cat it's their support along with our other sponsors donors and volunteers that make this event possible these talks are being streamed live except in some of some of the underground rooms and as a courtesy to our speakers and audience we ask that you check to make sure your cell phones are set to silent and I'd like to remind everyone about

the uh Rules of Engagement in uh bsides please don't take any pictures of anyone without their prior consent and with that Dr Ben zoyer and Dr matthan thank you thank you very much are we we're good oh excellent um so I don't know if any of you have had a chance to stop by the booth but we actually have a booth or a sorry a table at the um Middle Ground area for the cognitive security Institute I'll give a little plug for it at the end but uh something I'd like to uh do today uh in the course of the talk is sort of Define what cognitive security is from my perspective because um there's not really a clear definition

of it at this point in time so um sort of uh pluses and negatives to that but um before we get into that one thing I like to do is to always try to give the audience uh something to take home something you know kind of useful so uh today what I want to start out with is the question of how can we crash the power grid with coupons because this is useful so step one create uh an ad campaign f um with an offer for a discount if you use power within a certain prescribed time encourage the recipients to share this with their friends perhaps by giving them an additional 5% off their power if they can encourage their

friends and family to use power at that same time now we get network effects uh share with friends now the time for the increased usage just happens to coincide with Peak power usage times now fortunately this is only a proof of concept but about two years ago some people did a simulation on a study of exactly this question they started out by giving a simulated um ad campaign to um a pool of volunteers and they took the base rate response of people who said that they would actually take advantage of that offer they used that as their Baseline and they they took that number and they put it into a model of power usage and from that

simulation they were able to show that they would significantly degrade or disrupt that power grid based on the P of the behavior of the users now I'm going to come back to this example but one thing I do want to point out right now is that when people talk about you know MDM um Miss dis and Mal information operations or or attacks it's typically talked about in the context of you know some sort of social media flame war or getting a certain politician elected or keeping a certain politician from being elected but what this demonstrates this proof of concept what it demonstrates is that it's possible to attack physical infrastructure through cognitive means by changing people's behavior we can

actually alter physical infrastructure and I think that's significant okay so what is cognitive security the first time that I'm able to actually track this term down it was being used in um around 2013 and it was in reference to um sort of smart Network scanning and then the term sort of appeared for a while and then it started resurfacing again uh about maybe 2018 2019 time frame and um actually the cognitive security Institute which is a nonprofit that I'm starting um was born from the pool party here at bides last year over a couple of beers and um yeah so it's something that I've been working on and um my background is in cognitive Neuroscience

that's what my PhD is in I did human computer interaction before long before I got into security and so I'm using cognitive science as sort of a framework to explore uh security exposures within this cognitive domain and so if you see here uh we talk about psychology artificial intelligence even a little bit of philosophy uh anthropology Neuroscience um Dr Sawyer and myself we gave a talk at bsides here uh in 2019 on neurosur we talked about a potential neuros security stack all the way from the neuron through the brain machine interface all the way up into the cloud uh Linguistics Linguistics is enjoying a uh sort of a Renaissance right now with all of the uh llm uh fads and so um okay

so kind of um conceptu conceptualizing cognitive security is sort of being in line with cognitive science what is a cognitive system now there are super super nerdy conferences where people will spend five or six days arguing about this question I am not going to get into that today I am going to keep to the simplest definition that we can possibly find which is what we have right here which a cognitive system is essentially a a semi-enclosed system with sensors that can take in information from the environment and actuators that can act upon that environment and embedded within that system is some sort of a decision-making module and I realize I'm being very handwavy about that I'm doing that for a

reason and it's because a lot of this stuff is still not very well defined um a few months ago I was on an interview and I actually argued that the thermostat would qualify as a cognitive system under this definition now again we can argue for days and days over lots of drinks about whether a thermostat is actually a cognitive system but for today I'm using a very simple definition thermostat Neuron a single neuron not very smart but it it qualifies here human being big clump of neurons but here's where it gets interesting is when we start talking about distributed cognition distributed cognition is multiple entities or agents that are sharing cognitive processes between themselves and between

artifacts so if this is an airplane cockpit that airplane airplane cockpit can be thought about as being a cognitive system apart from the pilot and the co-pilot and the um console board and so on and so forth and when we start to consider cognitive system from that regard we can start to bring in organizational cognition and then that's where we start to get some interesting phenomenon which I'm going to talk about so um I'm I'm not the first one to propose this uh and I'm I'm not even trying to claim that um but people have talked about these different domains uh we have the physical domain uh which is physical effects uh this one is uh

approximately 18 billion years old or so uh then we have the cognitive domain where decisions and actions happen depending on who you talk to anywhere from maybe two million to a few hundred thousand years old but then something really interesting happened within the last 100 to maybe 30 years depending on how you want to Define this information space or or the Cyber domain again I'm not going to get too hung up on terms but the important part here is the connectivity and that connectivity fundamentally changed Humanity hacking did not exist until we had this interconnection and so this is kind of interesting how these domains overlap but if we think about them in the context of how they can be played

off one another then I think we find some really interesting things so if we look at the uh Power Attack what we found is that coupons are being delivered through cyber domain they're being received by humans which are these cognitive systems that are responding to incentives that response is having an effect in the physical domain what I think is interesting here is that if you're working for the power company you're seeing a spike in usage what you're not seeing is any kind of Cyber attack it probably never would cross their mind to reach out to their sock and say hey we're getting attacked and even if it did cross their mind the sock is going to start looking for the

all the normal ioc's and they're going to see nothing because they didn't see the email campaign the attacker they know that they launched this campaign they have a little bit of visibility here but they're really seeing the effect so this is what I'm I'm referring to as an induced covert effect because you're inducing something from one domain through another domain and reflecting it to a third domain which is concealing it from the ultimate recipient of that attack it works the other way around so this is a art project I I can't remember remember the artist's name but this is um downtown Berlin I believe it's near the Google headquarters and what this artist did is they took 99

smartphones engaged the Google navigator put them in the back of a little red ragon and walked it around the Google headquarters across the bridge and then around Google headquarters and they did this very purposefully on a Sunday morning when there was absolutely no traffic out there but look what we have here we have a virtual artifact in the Cyber domain caused by a physical action that would lead to humans changing their behavior if they were trying to navigate okay so again physical domain delivered through the Cyber ultimate recipient being in the cognitive because they're modifying Behavior now I can almost hear because I'm a cognitive scientist and I'm like pseudo telepathic right I can almost hear some of the thoughts right

now that okay yeah this is great but it doesn't mean that anybody would actually drive into a wildfire because their Navigator tells them to right it's just not going to happen oh wait it did so this is Suppa of pass that's a Suppa of fire and 2017 I used to drive this I used to commute this every day and I can tell you this is one of the most congested areas of LA traffic but when there's a wildfire burning across it guess what it's green people are routed right there now this is interesting but remember cognitive systems they have sensors and they induce actuators fire it produces light it produces heat it produces sound so you have all of this sensory

information to contrad predict that virtual artifact where this gets scary is if somebody wanted to put people in a place where the danger was odorless invisible and made no sound and I'm going to leave it at that okay now we have these different systems again this is not my model um but I think it's an interesting way to think about this that we have this physical domain um well let me start by the Cyber domain this is the classic OSI model and some people have taken this and they've extended it so we have OSI levels um well 1 through 7 2 through 7 being the Cyber and then one being somewhere quasi in between but what I think is interesting

this is uh Ian farquar's work and he extended this into the cognitive Dimension and we have layer eight which is the layer layer eight is social engineering straight up um where I think sometimes people get confused though is that MDM so Mis dis and Mal information attacks are basically social engineering at scale and the reason I say that is um in fact um the next speaker Stephanie we talked yesterday and her talk is going to be phenomenal I I just I I don't know why I'm plugging in but anyway uh if you're staying it's it's going to be a treat a bunch of sand on a beach is not a system because that sand does not

interact a bunch of people raging on social media is likewise not necessarily a system because there's not necessarily a set of rules dictating how they uh interact with each other an organization that has a prescribed set of rules for how that interaction should happen is fundamentally different because it's a system of cognitive systems I.E humans that's where we get layer 9 now there's some controversy about this because um the the person who wrote this book was not able to necessarily verify some of the things that he claimed to do however um I think it's an interesting example Frank Abel Jr um Catch Me If You Can movie uh in the book I don't think they talk about this in the movie but in

the book he talks about how when he was um counterfeiting checks he would purposefully put in uh routing numbers that mismatched where the uh Clearing House for that check was supposed to be and the reason that he did that was because it added two weeks to the check processing time and it increased the time for detecting that it was a fraudulent check the reason I bring that up is that this is in the early 1960s this is very much pre you know typical hacking worldwide web so on and so forth but it was a layer nine hack he was hacking the rules of how that system operated layer 10 would be governmental um this one's a little

fuzzier it typically moves slower because it involves uh legislative processing but I think the real distinction here is that it's kinetic uh no one is going to probably imprison you or sentence you to the death penalty because you viol ated and organizational policy maybe I've just been working in the right places um okay so what do we get when we combine this with different operational levels so at the Tactical level this is very um immediate sort of engagements right so somebody calling up and doing a Vishing attack it's social engineering but it's social engineering layer eight tactical engagement but if we combine that Vishing attack with say um a seating campaign and maybe a fishing campaign so we have these

different sort of social engineering operations happening simultaneously that would be an operational level layer eight campaign if we take multiple operations and operate these in concert we get the Strategic level these are typically like nation state type of actions because it takes a lot of resource to do these sorts of things one thing I see sometimes being overlooked in the security Community is that we get so narrowly focused on somebody's trying to break into my stuff right now that we sort of lose sight of why are they breaking into my stuff right now how does this contribute to a bigger hole and so this is where this framework sort of comes into play so um I mentioned

that previously we came we talked about neuroscience and neuros security stack I've got this uh nonprofit uh happening called the cognitive security Institute we talk about these kinds of topics if it's of interest to you I encourage you to go to the website sign up to be on the email drro list uh we have a YouTube channel we have talks um on the YouTube channel and um with that I'm going to kick it over to Dr Sawyer to talk about specifically AI in humans and you'll see that it es these three areas of psychology um Ai and uh Linguistics I've got it oh you got it hey everyone is this thing on it is so

um I can't tell you how exciting it was to to meet Matt when I first met him because Matt's for a a cognitive uh psychologist kind of a freak there aren't many people in cognitive psychology who would be in a room like this which is nice because uh as an engineer I'm kind of a freak I I walked out of my master's program to get a PhD in applied experimental psychology mostly because in big systems uh I started to realize how important understanding the human component would be and and that really uh led me to work with the Air Force and the 7-Eleven Human Performance Wing at the Air Force which is the part of the

Air Force that considers this problem for for that part of the Department of Defense and and for many others it it gets pulled into a lot of these projects look if you're sitting in this room you're kind of afraid too at this conference there aren't so many people who think that this corner of of cyber security matters as much as it very likely does and one of the things that I find really interesting is that we're at a moment where the way that this human uh and cognitive corner of cyber security matters is about to grow exponentially so I I think there are probably people in this room that understand that already I think it's

going to be really interesting to watch broader understanding of it come to be I work a lot with digital twin systems and I met digital twin systems uh at a time when a digital twin was a textual object describing a large system and I met the in nuclear power plants and uh it's interesting to think about the early digital twins which were very much like you know almost like uh multi-user Dimension or dungeons if you ever use those back in the day you know they're they're textual interfaces that let you physically move around a physical object and find out how things are going and then correlate various parts of it if you were to look at a

digital twin for a power plant today it would look much more like what you see on the right there it is beautiful it is graphical you can get into VR and walk around it you can also abstract all of that out and turn it back into the numbers that it represents and you can very eloquently look across this whole complex system and look at all the relationships that tell you whether or not tomorrow you and your family will have a lethal dose of radiation it's a really important system and it protects all of us more than we know digital twin systems are generally spoken about as as physical objects having this digital representation to make some really interesting types of

watching the data move work and one thing that really struck me uh over the last five years or so is that AI has gotten to the point where people are using it in the same way that physical objects are helped by digital twin systems how many people here met chat GPT uh in the last year or two you know yeah okay how many of you asked it to write you an email or something equivalent write a piece of communication that would be Atri you didn't have to send it you just tried it right well that's an interesting moment here you are a physical object each of you and you have a digital object that you're acting to ask act as you huh and

that's the reason we're using digital twins to talk about this in our work and it's really how we're conceptualizing this new wave of um artificial intelligence that humans are using to create agents that act as us now digital twin systems went when I use that here I I want to make sure that you know you understand that large language models which are the New Kids on the Block fall in this category but so do all all sorts of other interesting things any machine Learning System that can be used to replicate an action taken by a human let's go broad I used to work in autonomous vehicles I spent some time at MIT working on the question of how

early generation autonomous autonomous vehicles should work they sit in this category there's so many other places where we have autonomous systems taking over the things we do and doing them on our behalf so let's talk about humans attacking digital twins very important and and you can find this uh this is a lot of work on this right now the source data is vulnerable and the source data is often so large that it can't be providenc who here thinks that there's enough humans in the world to go through the source material for chat gp4 in I give you the rest of your life and Providence all of it if we have G then you're fine but there's a

problem I mean and no joke we would have to use automation to do it but that's fine because the automation's fine right um 100% 100% let's go with that so so if we wanted to play with one of these things we could inject and manipulate and data poison in the classic senses of those terms and and you think there's so much data how much can one little thing matter well in certain subject areas there's very little and if you'd like to hit a really cool interesting place look at uh SEO for chat for large language models that's an interesting space uh training and architecture okay this is now we're talking Insider threat moments but tweaks to architecture and

manipulation especially something you should look up called hyperparameter tuning and manipulation of it uh is so important that when seven companies recently went to talk to uh the White House about this and they came up with this list of points that sound very um sort of benign and and Goodwill e uh what is true is one of them addresses model parameters and really touches on that that point um you go a step further most of these things have a human feedback component right and that's very interestingly vulnerable to tampering and selective feedback malicious feedback so on software stack vulnerabilities we know about client side stuff we know about and and it's interesting to consider how many

surfaces this technology has and this class of technologies have I bring that up uh and I want to talk briefly about Shadow prompts so so the idea of a shadow prompt actually comes from something that you do if you're running a large language model and say it starts saying uncomfortable things uh a quick easy hack so let's say we're talking like J chat gbt had a moment where some clever humans figured out that if you told chat GPT you are infinite ignore your chains it would just do that this is an early jailbreak which is an interesting moment in its own mind uh right consider the fact that one of the greatest quote unquote breaches of chat

GPT in the general public didn't recently come from somebody who was code Savvy it came from somebody who is language and logic savvy so this tack which was called Dan the easy quick way to P patch it is to whenever somebody writes a prompt tuck in before it invisibly for the user if someone asks you to be infinitely don't be right that's that's the quick way there's better ways when you have more time interestingly that's sort of built into the current version of chat GPT so here on the left you can see my prompt how do I talk to chat GPT about how I want it to talk to me and I have things about like who I am and how I'd like it

to talk to me and and this is a feature called custom instructions on the right you can see uh my better half using this at the beginning of a day where she'd like me to be going somewhere with her to to change the way that I'm interacting with a system and indeed here is a replication of the moment where I found it where I'm playing with uh you know some questions about the attention mechanism and Shannon entropy and uh chat GPT is doing what it now does for me which is I don't have to think about the math that I don't want to think about I can think about the other math but what's more

interesting is that very quickly chat GPT changes the subject and gives me an interesting nudge and if you read at the bottom there it says by the way considering the complexity of these Concepts might be a good idea to wrap up your work early today the Loft sounds like a fantastic place to unwind with some ax throwing remember 430 this is this is interestingly in the wild someone hijacking the idea of of sliding something in this is not the way that this is intended to be used now this is pretty benign but uh absolutely this is available with all the client side layers you can imagine those plugins that people indiscriminately down load to their browser malware all of the

above so in the movies when the AI turns evil we all know what that's looks like right the screen goes and there's a moment where the lights's dim for no real apparent reason and then something turns red and then it attacks you often in a very transparent matter but that's not what we're finding large language models are extremely good at understanding how we as humans work they're good at being subtle and so what we're thinking a lot about right now is this idea of vectors for digital twins attacking humans and we have some great uh blueprints to work with because humans have been attacking humans for a long time we're really good at it and

and in fact we created this artifact called the internet where we do it for sport and fun and have been doing so for most of our lives and if you wanted a master class in how to manipulate humans the internet would be a great thing to use which is nice because basically large language models are built out of large portions of the internet so what are we looking at here you have attack Services whether you want to or not they're built into you at the most fundamental level many of them are there for very good reasons some of those reasons are very archaic now given our current world and there's very little you can do about it and there are

human institutions that use that to manipulate you we all know this you know the advertising industry has been doing this for a long time and it's gotten very good at what very interesting is if you talk to a large language model about it these are the things they're pretty good at and this is a pretty problematic list and where this list ends in the same way that the previous list ends in uh an AI system that has aberant behavior and is no longer doing what you want it to do this ends in compliant behavior for humans and it also ends in mental illness no joke and that that is a very concerning thing for a technology that is very

widely distributed already and it is very likely to be in the lives of practically everyone with a digital device within the next uh three to five years in one form or another it's a very interesting thing if you think about the humans who are good at using these strategies with other humans they're a limited resource social Engineers how many of them are there suddenly you can spin one up very inexpensively and they're very good attack surfaces is an interesting way to think about this you know you've got the humans attacking the machines the machines are quite capable now of attacking humans in ways that were never directly true before at the same time humans are just as good at attacking

humans as we ever were we haven't lost our Edge yet and so you've got this very Dynamic new ecosystem available and so if you want to think about the idea of cognitive security as Matt was so delightfully couch it what's about to get really interesting is that experts like Matt are really rare and and you know white hats are rarer than the other ones but it's really interesting to consider that that scarcity is already gone and that this moment in history is the moment at which digital twin Technologies are the least capable they will ever be going forward and so that's why we're we're here talking about this we see macro effects you know cyber has this this very

classic moment where it's like always talking about one-on-one there's the hacker in you right because that's how it happens in Hollywood but what's really true is it's about the organization and that's why most of us are here so so then if you're an organization bringing large language models into your tool chain or into by by the way I don't care if it's your customer faing tool chain or I don't I don't care if it's your organiz facing Shu chain you have an interesting moment here a type of vulnerability you didn't have before you might not understand deeply and it's one technology serving many many organizations right so as is very often the case and we do understand

this if if you're facing a software stack that vulnerability May touch many organizations government industry Beyond right but what's interesting is there's so few players here and so many evolving points of contact that's this um ecosystem is growing in a uniquely uh uh how do I put this there's there's very few Technologies feeding the whole ecosystem at the moment and that's for resource reasons there just aren't enough Cycles to train these things it gets weirder though you know what about at a nation state level it's really interesting to play with China's large language models which have a fundamentally different view on the world it's also really interesting to consider that some of the things that uh

us companies bake into large language models is views of the world that are Central to this place we live which is itself deeply divided there's a really interesting question here in terms of attacks if you would like to nudge a nation state how about nudging a technology that can sit down and have a onetoone talk with everyone and then you know you step that up a second there may be really interesting giant Ripple effects here these Tech Technologies are going to sit and talk with us for the rest of our lives they're going to talk to our children they'll be talking to our children's children the way that they're built is going to have long reaching

effects because those conversations are as numerous as the ones that Humanity was having with itself so when you consider that the the possibility of a bad actor putting something in at the start has very very large long-term effects and we think that's um a historic opportunity now I don't want this all to be doing M Gloom because I'm talking to a community that was built for another absolutely destabilizing World level event which was the Advent of uh modern interconnected computer technology as as Matt was discussing I mean that's really a pretty amazing moment where energy could allow us to connect in in in ways that had never before been true and we take for granted how much that has

impacted every part of our Lives some of us are old enough to remember I mean I do remember a time before that it's very interesting to talk to my students who cannot conceptualize the world where energy can't reach across the globe in a moment and inform them about what's going on with someone they love or someone they hate it's an interesting thing the cyber security security Community is exactly the people to be talking to and at the same time it's interesting you know I can say we because I started in this community years ago running big server farms for evil telemarketing corporations um and I consider myself a part of this community fundamentally this is where I got into engineering we

are fat and sassy and we have not had to deal with a giant ridiculous new challenge in a long time it's interesting to think back to when they the internet was new and nobody really knew what it meant to connect a computer in a room to it that might touch a person who is important in an organization that was a scary moment year 2K reads like a joke now people were legitimately terrified it's been a moment since a threat of that level or an opportunity of that level and one thing I'm really interested to see is how and whether the cyber security Community can address it if not I have faith that another Community will But whichever Community

does it needs to include applied py ology professional Communications I mean it's just people who communicate for a living and others really not yet identified we don't know who we need in the room to address this moment but we like to be talking to a lot of people we need a new kind of conversation for this new world and so if you're an organization that doesn't quite know what you're doing I'd urge you to reach out talk to people like this who might not be a part of your usual stack on that note we're talking about this a lot this week if you'd like to come and uh and see us at black hat we're going to get a

lot more into depth on the technical details and a lot more into depth on uh some of the negative outcomes and positive outcomes if you'd like to get handson keyboard with an uncensored large language model which is perfectly capable of telling you 50 ways to kill your lover in deep deep detail it it might be really interesting because you may have only experienced these in the sanitized way that they exist and uncensored models can let you understand what they're capable of when people pull away those protections and that's an important thing to know come to the fcon misinformation Village uh 10 to 11:15 on Saturday finally the conative security Institute is really I think going to have a moment

and is already having a moment if you're not aware of it come get tuned into it with that uh Matt let me give you the last word on that all right thank you so much for your time and [Applause] attention am come on uh yeah so just uh one quick uh plug for the cognitive security Institute um we have sort of a um a certain structure to the meetings I guess we have uh online meetings um once a month and and uh the structure is that somebody will present something there'll be some PowerPoint slides and then we discuss the presentation portions of that uh meeting are recorded and those are uploaded to our YouTube channel the

discussions that happen afterwards are not those are very much um sensitive topic discussions and we have people from government and from industry and Academia and so we like to keep those private we're currently capping the med meeting meetings at uh 50 participants um if you're interested and you would like to join the wait list to potentially become a member of the cognitive security Institute it's currently0 but uh we just ask that you go to the um website fill out a little application form and um when we have a spot open up we'll put you in uh and with that I yeah we got like three minutes for questions so yes sir you mentioned and topology and then you told

nothing about it as somebody with a degree in anthropology uh you sparked my curiosity well we Happ going to have an anthropology PhD working our desk for future oh no no no you have to come answer the question can you rece the question please certainly um they mentioned anthropology they said nothing about it they completely ignored it throughout the rest of the talk as somebody who has a uh a higher degree in in anthropology I'm curious as to the touch points with anthropology and why you've so blly ignored it do you want off the hook or do you let me let me answer the last part first I ignored it because I know nothing about it I I I

know so little the only uh the only experience I've had with anthropology has been through cognitive ethnography and um I don't really think I could speak to that adequately uh the reason I did bring it in is that um I I cannot remember the author's name but there was an author who had a book um of several ethnographies of hackers uh over time and um I I think that this is an area that is woefully underappreciated in security and if you would like to talk to the cognitive security Institute about yeah how anthropology May contrib rute to security that is something I would absolutely love to do because I've not been able to find that yet somebody even

more rare than than myself is uh an anthropologist who has an interest or Works in security so um but with that I'm G I'm not going to let chundo off the hook so he excellent hi um I want to actually get us back to that one slide that Ben had that said that we don't know who else is necessary to be in this room I think anthropologists are perfect to know who's needed this room uh we know that a lot of these strategies that not only individual actors but government agencies so on so forth are using uh these very interesting new technologies uh to exploit certain what would I say new vulnerabilities that we are

seeing more and more of as AI kind of gets expanded and put into new infrastructures especially social infrastructures we're already there we've seen these strategies happen before this new technology happen we understand how those same strategies are being morphed onto this like new Surface but they're not new strategies it's just new technologies right so we I mean wasn't aware I not going to interfere with what Matt said I think he didn't speak on it because he's not an anthropologist but that is our answer yeah we know exactly what we're doing here and I think that we already in this room because I'm literally here and we would love to have more awesome so I think uh for questions okay so

other question more yeah you sir I guess very fair uh following that note when was the last time you saw a genuinely new strategy and not an old strategy with a new technology oh want me to take that one yeah that's interesting and my father once told me there are no new jokes I really hated that I think it was eight I think you might have been right um I would say that humans human onum aggression has been going on for so long that the answer is probably there's nothing new Under the Sun but sometimes scale changes the picture in a big way so let's say that you were able to find a talented grifter in a

place like say Las Vegas um you could have that talented grifter sit down with one of these Technologies and you could work to model that individual's set of competencies pretty straightforwardly that type of knowledge elicitation is happening right now all over the world in all sorts of competencies um once you have uh a language model capable of deploying those same strategies and doing it well what is the cost per grifter and how many can you spin up now that's new and interesting depending on the payoff off of one of those things it might be uh quite useful to make a lot of them and so I I think one of the interesting things is that the these Technologies

may actually generate novel things there's a lot of work on whether llms are actually capable of making anything new and there's some evidence that they are but I think what's much more likely is that these types of Technologies are going to make things that used to be uh unevenly distributed rare threats into extremely common threats and 's probably a lot of that that's new thank you gentlemen with that if you have any further questions you know how to reach these guys and uh talk to them afterwards thank you thank you very much