Snippings

Not what you’ve signed up for: Compromising Real-World LLM-Integrated Applications with Indirect Prompt Injection

Kai Greshake from Saaland University and his colleagues note that while LLMs can produce convincing scams, when integrated into applications they could not only enable the creation of scams but also act as automated social engineers. As this is a new territory without previous experience and awareness of such attacks, users might now trust a search engine’s output over a phishing email. LLMs could be prompted to facilitate fraudulent attempts by, e.g., suggesting phishing or scam websites as trusted or directly asking users for their accounts’ credentials. It is important to note that ChatGPT can create hyperlinks from the users’ input (i.e., the malicious indirect prompt), which attackers could use to add legitimacy and hide the malicious URL itself.

xxx

The technology of Conversational AI has made significant advancements over the last eighteen months. As a consequence, conversational agents are likely to be deployed in the near future that are designed to pursue targeted influence objectives. Sometimes referred to as the AI Manipulation Problem, the emerging risk is that consumers will unwittingly engage in real-time dialog with predatory agents that can skillfully persuade them to buy particular products, believe particular pieces of misinformation, or fool them into revealing sensitive personal data.

From (PDF) The Manipulation Problem: Conversational AI as a Threat to Epistemic Agency:

xxx

xxx

By offering a family digital wallet, institutions can begin to help children develop money management skills while building crucial brand loyalty. Those that don’t have an answer for young customers today are at risk of losing their customers tomorrow.

From Family Digital Wallets: Deposit Acquisition Opportunity For Banks:

xxx

xxx

Financial institutions can develop new payment methods for the metaverse, such as consumer-focused wallets similar to those used for e-commerce, but with blockchain security and payment options that include cryptocurrency as well as other forms of payment. This approach would make consumer transactions as well as peer-to-peer payments easier, while maintaining the security and lower transaction costs that drove blockchain’s initial popularity for bitcoin transactions.

From Metaverse Payment Rails: Opportunities for Financial Institutions:

xxx

xxx

The tech commentariat has been scathing about the $3,500 cost of Apple’s new gadget. But actually it isn’t all that expensive by historical standards. It is pricier than the iPhone was when it launched; but it’s significantly less expensive than an IBM PC was in 1981, or the Compaq ‘portable’ after which I lusted in 1983.

From Monday 12 June, 2023 – by John Naughton – Memex 1.1:

I remember showing up in San Francisco in the early 1980s and going to a downtown store — somewhere around Embarcadeo if memory serves — to buy an Apple IIe. It cost around $2,500 back then and I thought it was the most amazing piece of technology in the world. I installed a modem and bought a ProDos external hard drive and felt like I was NASA.

While I certainly used the IIe to play some games, it was mostly used in those early days for a variety of hacking experiments with a friend of mine (we ran a serial cable out of a window and down to the floor below so we could write in C and then load the compiled assembly code on to another machine), for remote access to the work mainframe (I can still remember the frisson of excitement when I realised I could use the dial-in port that the manufacturer used and use my machine at home as a terminal) and for early ventures into cyberspace with Compuserve. I think I’m way past my coding years so I doubt I’ll be using C++ or whatever the kids are into these days to build anything on Apple’s VisionOS, but I probably will order one of the headsets to start playing around.

Push is much cheaper than pull so the right way to do this is to implement push infrastructure then put request-to-pay (customer is present) and variable-recurring-payments (customer was present) on top of it. The gym request-to-pay goes to your (eg) bank app, you authorise and tell you bank app to do it automatically in the future within certain parameters.

 

Direct debits are a 1970s hack to get around the fact that consumers, biller and banks were not connected by an always-on network. They are now.

xxx

According to a new report from Cornerstone Advisors, The Rise of Family Digital Wallets, community-based financial institutions should set their sights on offering a specialized digital wallet focused on helping consumers manage the finances of their Gen Z (born 1995-2009) and Gen Alpha (born after 2009) children.

Americans are no strangers to digital wallets. According to Morning Consult, seven in 10 American adults use PayPal, four in 10 use Venmo and Cash App, and more than three in 10 use Apple Pay and Google Pay.

These tools, however, typically lack the features and functionality to help consumers manage their family’s finances, nor do they help parents monitor, control and guide their children’s’ spending activity. In addition, banks have done little to develop products to address the younger segments beyond offering “youth savings” accounts.

From Family Digital Wallets: Deposit Acquisition Opportunity For Banks:

xxx

xxx

database of legal decisions, legal briefs, witness videos and transcripts, pre-trial and trial rulings, juror demographics, verdicts and settlements would be able to provide an assessment that identifies the best and worst legal theories, best and worst facts, least and most credible witnesses, the behavior of judges or juries, and the overall probability of a successful outcome. Armed with this information, every litigant could have an AI lawyer on par with the top trial lawyers in the country to provide an objective opinion of their likelihood of winning the case.

From (1) Artificial Intelligence and the Elimination of Jury Trials in America | LinkedIn.

xxx

xxx

The redaction of data is a natural part of our dissemination, and where there is private information. Thus redacted signatures allow data to be redacted, but still trusted.

From Reactable Signatures using A Naive Approach and The Johnson-Merkle Method | by Prof Bill Buchanan OBE | ASecuritySite: When Bob Met Alice | Jun, 2023 | Medium.

xxx

Andy White, the CEO over at AusPayNet, commented on the Australian Government’s new “Strategic Plan for Payments” setting sunset dates for the Government’s own use of cheques (2028) and for the cheques system itself (2030) by pointing out that while these may seem like long timeframes, there’s a lot of work to do to consign cheques to the museum of temporary monies, alongside Aztec cocoa beans and assignats.