Straws in the Wind - Part 196

From the Wall St. Journal: After years of misfires, artificial-intelligence hacking tools have become dangerously good. So good that they are even surpassing some human hackers, according to a novel experiment conducted recently at Stanford University. A Stanford team spent a good chunk of the past year tinkering with an AI bot called Artemis. It takes a similar approach to Chinese hackers who had been using Anthropic’s generative AI software to break into major corporations and foreign governments. Artemis scans the network, finds potential bugs—software vulnerabilities—and then finds ways to exploit them.

Then the Stanford researchers let Artemis out of the lab, using it to find bugs in a real-world computer network—the one used by Stanford’s own engineering department. And to make things interesting, they pitted Artemis against real-world professional hackers, known as penetration testers.

...The AI bot trounced all except one of the 10 professional network penetration testers the Stanford researchers had hired to poke and prod, but not actually break into, their engineering network. Artemis found bugs at lightning speed and it was cheap: It cost just under $60 an hour to run. Ragan says that human pen testers typically charge between $2,000 and $2,500 a day. But Artemis wasn’t perfect. About 18% of its bug reports were false positives. It also completely missed an obvious bug that most of the human testers spotted in a webpage...

Full story at https://www.wsj.com/tech/ai/ai-hackers-are-coming-dangerously-close-to-beating-humans-4afc3ad6.