Meta fixed the bug that let anyone trick its Meta AI chatbot into resetting the password on Instagram accounts that didn't have two-factor authentication.
Clicking through to the 404 Media article, I found this gem of a quote:
In a March blog post called “Boosting Your Support and Safety on Meta’s Apps With AI” announcing its AI support feature, Meta said that the system can “Prevent an account takeover by noticing it was suddenly accessed from a new location, the password was changed, and edits were made to the profile—changes that, in isolation, look harmless to a person reviewing the account, but AI was able to recognize as a threat.”
The very thing they boasted about the AI protecting against, not only did it not work, but it enabled that kind of attack. And they didn’t detect the exploit internally: this has been trending on Telegram since March, and only when the social media activity got large enough did they realize. Epic fail on Meta’s part.
Meta said that the system can “Prevent an account takeover by noticing it was suddenly accessed from a new location, the password was changed, and edits were made to the profile—changes that, in isolation, look harmless to a person reviewing the account, but AI was able to recognize as a threat.”
Explain how a computer cannot detect this much more efficiently without the use of ai, by checking the timestamps in some change logs?
Clicking through to the 404 Media article, I found this gem of a quote:
The very thing they boasted about the AI protecting against, not only did it not work, but it enabled that kind of attack. And they didn’t detect the exploit internally: this has been trending on Telegram since March, and only when the social media activity got large enough did they realize. Epic fail on Meta’s part.
Explain how a computer cannot detect this much more efficiently without the use of ai, by checking the timestamps in some change logs?