The true cost of generative AI is the erosion of trust.
I just tell them to hang up and call me right back. In some scenarios that might not be the best solution but it is the easiest blanket approach that I can find to keep everyone safe.
“What colour are my pubes”
Eww y’all have a code word? Those are easily guessable.
My wife and I have a random 6 digit code that rotates every 30-seconds based on an algorithm and if we don’t properly authorize, we will refuse the connection.
Eww you have a random rotating 6 digit code to connect with your wife? Those are easily guessable.
My wife and I have just agreed that we don’t properly authorize, so we will always refuse the connection.
I just don’t have a wife. Even more secure.
That’s just 2FA
Wooosh.
I mean its not even 2FA exactly. It’s more like TOTP which 2FA might use, granted.
We don’t need code words, we need a proper PKI (public key infrastructure) for authenticated communication.
You receive a call from an unknown number and they tell you they’ve kidnapped your wife. They then give her the phone so you can hear her but she didn’t do it through Signal so she’s obviously not your wife so you just hang up.
You can use this to your benefit though
husband/wife walks up to you to start an argument
“sorry honey, you need your public key”
Instant win
Seems a bit hard to verbally exchange keys and sign your speech though.
Yeah, I wouldn’t recommend doing that.
And that’s not how you establish a PKI or implement AE (authenticated encryption). When I send a voice message e.g. I don’t verbally sign it, that’s actually part of KE (key exchange) protocol.
Same applies to non encrypted, authenticated communication of course.
And in case you are talking about physical face to face communication: I think you’d recognize your family and friends without the help of cryptography.
Edit: if you have any question, feel free to ask! Maybe I misunderstood you? Then I’m sorry
Of course you don’t verbally sign voice messages. That wouldn’t make any sense at all unless you are a robot or something.
It was just a joke. But if you wanted to authenticate something (like an email, or voice I guess) in a PKI you would sign it using your certificate private key and the CA would tell the recipient if it’s valid or not.
That’s what the article is about though, voice messages can now be spoofed. It happened to one of my friend’s parents
I was implying that you do the actual singing verbally. Like actually saying the bits, which would be pretty much impossible.
Of course you could sign voice messages. That would be like singing any other file.
Ohh
Klaatu barada nmmmpph
The Secret Phrase is: hunter2
I just call my grandma now and again and attempt to scam her. Now she’s hardened.
I pentest my grandma about once or twice a year.
So does your grandpa
Grandmas doctors were getting out of hand so I had her put down
Anyone born in the 80’s probably still has the code word their parents gave them.
We’ve discussed this years back, and decided our safe phrase is “Hi gramma, it’s me im in jail and need apple gift cards”
Could just ask me about some niche topic im always info dumping about lmao.
My family gaslit me for decades.
I can only hope someone bothers to harass them with my own voice.
Truth be told, me and my parents have been doing this for a bit now to combat the kidnapping scam calls
AI Says:
DECEIVE YOURSELF, DECEIVE THE WORLD
Aw man, how do I give you Lemmy gold?
Best I can do
my family knows i hate using the phone in the first place so me calling without good reason is a red flag
The scam is exactly about feinting a “good reason”. So it is still a good idea to establish a code phrase for such situation, even if you don’t normally use the phone.
its the mannerism that matters on the phone.
the other part is for a scammer to create a model using broken english/asian language, which on its own, is a huge hurdle.
yeah the idea that you could fool people about something important with AI voices is fucking wild to me, do people talk like news hosts on the phone? Or do they just regularly send over $5000 when their kid asks them?
the one scenario i get is a fake hostage situation, in that case yeah you don’t exactly have the time or desire to go “hey mom can you prove that you’re being held hostage?”
personally i dont even know if my mom even knows how to remotely wire money digitally, or even understand what a gift card is. if shes ever given me money, it was always in person. it makes me a terrible candidate, at least if youre trying to scam my parents.
