What is a Red Team, in the context of AI?

Today, Joe Biden released his Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. It is a necessary step in preparing a better future.

The text of the EO includes the recommendation that the results of “Red Team” exercises be shared with the public.

For the purpose of this, a definition of “AI red-teaming” is provided.

(d) The term “AI red-teaming” means a structured testing effort to find flaws and vulnerabilities in an AI system, often in a controlled environment and in collaboration with developers of AI. Artificial Intelligence red-teaming is most often performed by dedicated “red teams” that adopt adversarial methods to identify flaws and vulnerabilities, such as harmful or discriminatory outputs from an AI system, unforeseen or undesirable system behaviors, limitations, or potential risks associated with the misuse of the system.

It is important to consider that an AI system is much more than a trained model. Right now, you can use a website, to chat with an AI, through an algorithm that makes sure it doesn’t help you commit a crime. The AI will also correct people on their wrongthink, and it is not obvious where that comes from.

If we take for granted that an AI is much too powerful to be provided as is, to a generic user, then, the biggest challenge is the user’s ability to jailbreak the AI and make it provide assistance in “being gay and doing crimes”.

So there are three (3) facets to safe AI, and it still includes Web App Security!

Don’t let Web App Security become a blindspot of “Secure and Trustworthy AI”.

BSIDES 2023: That Wasn’t Guacamole…

Did you totally think that the green sauce was guacamole? Nope… it was pure jalapeño fire!!

The Brookstreet Hotel in Kanata hosted BSIDES 2023 and it was my third time attending. We stayed at the hotel which was so practical. The Brookstreet is a rather nice hotel and good luck getting back up after you lie into bed. Those bed are like quicksand!

Compared to HACKFEST QUEBEC, BSIDES OTTAWA caters more to people who protect critical infrastructure. I learned a lot of stuff about a lot of things I am unlikely to encounter. My sweetie was better served by these talks and he also discovered that he can pick locks! Again, the villages were very interesting and staffed by passionate and kowledgeable people always happy to answer my stupid questions.

I didn’t submit a CFP to any conferences this year because I cannot tell which category my latest research should be submitted to. I have been working with an analog system that doesn’t directly relate to computing.

When I gave a talk at BSides in 2018, I told the audience about hacking Haliburton inadvertantly. I was an end-of-day talk for after the bar opens! I only want to do humorous talks that poke fun at hacker culture or show unexpected examples of hacking.

Next Stop: NSEC 2024 with the Badgelife Museum and 35-station Soldering Village!

HACKFEST 2023: I stole $16,000 worth of merchandise from an IOT-connected warehouse!

I have been on a self-funded health journey for many years, and in October 2023 attended my first industry event since HACKFEST 2019. In 2019, I had run the BadgeLife Museum with the 35-station Soldering Village, and we got so much attention that 4 other conferences started making plans with us. All that was canceled a few months later. We will certainly do it again next year. I am already preparing our activities for the NSEC 2024 in Montreal. We have the largest private collection of badges in the world, with about 400!

During HACKFEST 2023, I was able to take in all the talks and try some of the activity villages. The standout activity was Fablab 4D, an immersive activity that features a 1:24 scale product warehouse of AliZon. This is an animated team building exercise with Francois Bedonant, who explains the connected devoces that make sure nobody steals the widgets!

Of course, the goal of this is to STEAL THE WIDGETS!

I was overjoyed that this puzzle offers challenges for all types of hackers, and all levels of criminals. It is fascinating to hear the ideas of everyone about how each security measure could be taken advantage of. I was able to succeed at the simplest way, but I will not disclose how! I sincerely feel like a 12 year-old could come up with the same hack I did which involves no breaking of anything!

When we host our own activity, we give all the participants a simple but cute electronic PCB with the components to turn it into a blinking wonder! The idea is for the project to be doable by a normal person over the age of 12. I have been accosted by many people who are so delighted with themselves for completing their project. They told me it made them feel competent. Most people will approach a Hacker conference activity with aprehension because they don’t feel like they could win. I admit that I see the star CTP teams consistently score twice the points of the noobs, and it seems like a big hill to climb.

The team building activity by Fablab 4D is so delightful and adorable!

The Art of Social Engineering: Alex’s Astonishing Exploits

Social engineering, the crafty manipulation of human psychology, can sometimes happen in a single, brilliantly orchestrated moment. It’s all about knowing precisely what makes people tick, what they yearn for, and then putting on a performance that leaves them spellbound. Let me take you on a thrilling journey through the world of Alex, a master of this art, who could instantly become what people wanted to see.

The Mysterious Auditor in an Expensive Suit

Imagine a quaint little neighborhood grocery store, bustling with teenagers working as cashiers. Then there was Alex, a 25-year-old neighbor who, for all his charm, never seemed to show up in anything less than a dapper, expensive suit. His attire alone was enough to grab anyone’s attention. It was the kind of suit that practically screamed “success.”

But it wasn’t just about the suit; it was about what he did next. Alex had this uncanny ability to morph into a character that everyone wanted to believe in. When he stepped up to the register, he told his fellow cashiers a story so intriguing that they couldn’t help but listen.

Creating the Secret Society

In hushed tones, Alex spun a yarn that was nothing short of mesmerizing. He claimed to be a secret auditor sent in by the corporate bigwigs to investigate their store’s manager. The tale was so enticing that his coworkers were hooked from the very first sentence. Who wouldn’t want to be part of a secret mission? They were suddenly part of a clandestine world, and that made them feel extraordinary.

Soon, Alex had unwittingly formed a “secret society” of teenagers who were willing to share in his thrilling secret. Their loyalty was sealed, and trust was established.

The Laptop Bargain

But Alex had a few more tricks up his well-tailored sleeve. He knew that everyone had a weakness for a good deal. So, he made them an offer they couldn’t refuse. He promised to get them laptops for half the price, exploiting their desire for savings and the allure of owning a shiny new gadget.

One after the other, his coworkers eagerly handed over their hard-earned money, all in the pursuit of this irresistible bargain. They trusted him because they believed he was part of an elite group, and that trust blinded them to the warning signs.

The Ultimate Deception

In a shocking twist, one of his coworkers, swept up in the excitement of it all, went a step further and gave Alex their entire college fund for a car. This was the moment when the lines between a thrilling adventure and a dangerous deception blurred.

Alex had successfully engineered their trust, deceived their senses, and manipulated their desires. He had become the master puppeteer of the grocery store, all while donning the impeccable suit of the corporate auditor.

The Power of Persona

In the grand theater of social engineering, Alex’s performance was nothing short of genius. He illustrated how a well-crafted persona, coupled with an understanding of human desires, can turn ordinary individuals into willing participants in an extraordinary scheme.

But it’s not just about Alex; this tale serves as a captivating reminder that we should always be vigilant against those who wield the art of social engineering. It’s a lesson in how appearances can deceive and the power of trust can be exploited.

The next time someone captivating walks into your life, stay sharp. After all, they might be donning their own version of an expensive suit, ready to play the role that you most want to see.

This story was based on a true sequence of events that occurred around 2006. Alex is a real person who has scammed dozens of teenagers while working at grocery stores in Quebec and Ontario. He was sent to jail for a short time and then returned to his shenanigans. I created a website about him and received contacts from victims and the police within 48 hours. It is said that he returned to prison, and his family, who are very nice people, feel that he should receive psychiatric care in the system as a “criminally insane person”. These were only a few of the dozens of ways in which Alex spirited money away from hard-working teenagers making minimum wage.

Over 1,000 images of historical figures, Thanks to Generative AI

Over the past few months, I have been making custom art for the people I research. I have been doing “Quantum Genealogy” and spend quite a bit of time reading about innovators and inventors of the past. I concentrate my research on the people who deployed scientific innovations in the 19th century. I started using Midjourney AI in July 2022 and after 1 year (and over 70,000 generations), I finally came up with a style that I like and systematically requested images of historical figures based on reference images found on the internet. As it truns out, no matter the quality of the images, Midjourney was able to bring them back to life, often, in their context. This is only a small sample of the results I have achieved when generating historical figures.

A Spanish Franciscan friar who played a pivotal role in establishing missions along the California coast in the 18th century, contributing to the cultural and religious heritage of the region. His efforts left a lasting impact on California’s history and identity.

A U.S. Navy Commodore known for his role in opening Japan to the West in the mid-19th century. Perry’s diplomacy and use of “gunboat diplomacy” helped establish trade relations with Japan, significantly impacting the nation’s modernization and its place in the world.

An intrepid British explorer renowned for his extraordinary leadership during the ill-fated 1914 Antarctic expedition. Despite adversity, he ensured the survival of his entire crew, showcasing remarkable determination and resilience in the face of extreme conditions.

Dionysius Godefridus van der Keessel (1738-1816)

A Dutch jurist and professor known for his influential work in international law. His expertise and writings continue to shape the field, emphasizing the importance of diplomacy and international cooperation in resolving conflicts.

The last French monarch of the Bourbon Restoration period. He acceded to the throne twice and played a key role in stabilizing post-revolutionary France, promoting a constitutional monarchy. His reign marked a pivotal period of transition in French history.

The American industrialist and founder of the Ford Motor Company. His innovations in automobile production, particularly the assembly line, revolutionized manufacturing, making cars more affordable and accessible. Ford’s impact on the automotive industry and modern transportation is immeasurable.

A New Zealand mountaineer who, along with Tenzing Norgay, was the first to reach the summit of Mount Everest in 1953. Their historic achievement symbolizes human determination, exploration, and the triumph of the human spirit in the face of extreme challenges.

My Journey Using Midjourney for Concept Work

I recently asked Midjourney, an AI that produces images from text prompts for images of server rooms. I fell into a rabbit hole of requesting dozens of server rooms! I then decided to put a wrapping on these servers that would contain the name of the machine, but also give a feeling of why it exists.

Step 1: Be a sexy machine…

STETSON series machine in situ without corporate packaging or name tag.

Step 2: Be a sexy model

After seeing others use a specific actress or character to design new character concepts, I decided to pick a professionally handsome man to serve as my model, his name is Michael.

Example of unedited suggestions from Midjourney. Obrained via the beta and generated on August 29, 2022.

Step 3: Choose a champion

The winning design is one where the character is in context. STETSON is branded with cowboy imagery because the platform was first unsed in cattle farming. Our winning design is “A Thoughtful Cowboy”.

Midjourney learns from the images available already and it does not consider Michael Douglas to be a cowboy! Some results looked like “Gordon Gekko in a Cowboy Costume”.

Step 4: Bring it all together

Using the iOS app Procreate, I assembled the designs, and design a simple logo for the machine.

Step 5: Make it move!

I have used the iOS app Motionleap by Lightricks to animate the design. This tool is excellent but the PRO version is required to obtain this effect.

See my post about Marie Lapine, to meet the developer of all these cheekily branded machines that do math!

Choose TAB, When it Counts!

Stay tuned for more exciting series that can do anything your business requires!

Where Has Marie-Lynn Been?!

In 2017, I had a concussion that made it hard to work (programming) for a few years. Then, the world was shut down and my new in person project Badgelife Museum, was put on hold.

For the last two years, I have been working on intelligence software that helps me do something that nobody else has ever done:

Quantum Genealogy!

I deleted my Facebook two years ago, even canceled my cell phone… I currently live in a cloistered way. I do not use social media, watch TV or see movies more than a few times a year.

Most of my days are spent reading about the history of science and technology and the people who made a difference in the 19th century.

As soon as possible, I wish to relocate from Montreal to Quebec City where I was born.

I am not currently available for short-term projects or hacking recovery services, I wish to develop long-term opportunities.

You can reach me at my gmail: mlrichard.