June 25th, 2024

Why I Attack

Nicholas Carlini, a computer science professor, focuses on attacking systems due to a passion for solving puzzles. He categorizes vulnerabilities as patchable or unpatchable, stresses responsible disclosure, and highlights the importance of going public to prevent future exploitation.

Read original articleLink Icon
Why I Attack

Nicholas Carlini, a computer science professor at the University of Chicago, recently shared his perspective on why he focuses on attacking systems. He explained that his motivation stems from a passion for solving puzzles rather than a desire to do good. Carlini discussed the spectrum of vulnerabilities, categorizing them as patchable or unpatchable, and emphasized the importance of understanding where a vulnerability lies on this spectrum to determine the appropriate disclosure strategy. He provided examples of his responsible disclosure approach, including finding vulnerabilities in web applications and machine learning models. Carlini highlighted the significance of going public with attacks that reveal new classes of vulnerabilities to prevent future exploitation. He also discussed specific cases such as attacking Chrome extensions and machine learning models, showcasing the evolution of his disclosure practices over time. Carlini emphasized the balance between responsible disclosure and raising awareness of potential risks in the cybersecurity landscape.

Related

Simple ways to find exposed sensitive information

Simple ways to find exposed sensitive information

Various methods to find exposed sensitive information are discussed, including search engine dorking, Github searches, and PublicWWW for hardcoded API keys. Risks of misconfigured AWS S3 buckets are highlighted, stressing data confidentiality.

Google: Stop Burning Counterterrorism Operations

Google: Stop Burning Counterterrorism Operations

Google's Project Zero and TAG exposed a U.S.-allied government's counterterrorism operation, sparking debate on the impact of revealing such information. Cyber operations play a crucial role in counterterrorism efforts, balancing intelligence gathering with minimizing risks.

Hackers 'jailbreak' powerful AI models in global effort to highlight flaws

Hackers 'jailbreak' powerful AI models in global effort to highlight flaws

Hackers exploit vulnerabilities in AI models from OpenAI, Google, and xAI, sharing harmful content. Ethical hackers challenge AI security, prompting the rise of LLM security start-ups amid global regulatory concerns. Collaboration is key to addressing evolving AI threats.

Private investigator sent to man's house for modifying legally purchased handbag [video]

Private investigator sent to man's house for modifying legally purchased handbag [video]

Lewis Rossman emphasizes recognizing negative qualities to avoid them, citing repurposing Louis Vuitton handbags. He supports individuals' rights to repair products, criticizing authorized repair centers for potentially offering inferior service.

Polyfill supply chain attack hits 100K+ sites

Polyfill supply chain attack hits 100K+ sites

A supply chain attack on Polyfill JS affects 100,000+ websites, including JSTOR and Intuit. Malware redirects mobile users to a betting site. Users advised to switch to trusted alternatives like Fastly and Cloudflare.

Link Icon 4 comments
By @SebFender - 5 months
With all do respect - I laugh every time a researcher thinks THEY found something... Sometimes they really do, but many times others have long before and just don't share the results...
By @1vuio0pswjnm7 - 5 months
"Let's now skip ahead a few years to the first research paper I ever worked on. With (who would later become) my PhD advisor, we found that most of the most popular Chrome extensions were vulnerable to a variety of attacks that could let us do very bad things. Over half of the extensions we studied were vulnerable to attack, impacting millions of users."

Lots of HN commenters are fans of popular browsers and "browser extensions". Maybe they just like the ones that are not vulnerable to a variety of attacks. Yeah, right. The idea that I never see in these published papers is that (a) the software being examined should henceforth not be distributed to the public. Or even that people should stop using this software. Instead I almost always see the idea that (b) the software should be "fixed".

The power of idea "(a)" is that it stops the problems for end users. It leaves nothing for "attackers". Ideally it stops bad programmers from distributing software to the public for commercial purposes.

Whereas idea "(b)" generally keeps these bad programmers doing what they do: writing bad software and profiting from it. It might temporarily embarass them but they will continue to distribute their bad sofware to the public, for profit. (And creating more "puzzles" for people like the author of the blog post. Arguably giving these "attackers" an interest in seeing more bad software distributed. Keep those puzzles coming.)

By @poopiokaka - 5 months
Why is there no comments on this