I am an actual hw/fw reverse engineer and my brain hurts from having read that chatlog. The naive patching of "all occurences" of the bytes 0101 to 0000 "if found near SecureBoot strings" only worked because of pure luck, and surely made a whole lot of other things crap out.
Technically speaking, I guess bricking a device still counts as successfully disabling SecureBoot.
From the article:
With ChatGPT and a CH341A flash programmer at hand, the intrepid modder went through the following process:
- The CH341A was used to dump the Panasonic’s BIOS.
- The dumped bios was uploaded to ChatGPT with instructions to completely disable SecureBoot and its proprietary keys.
- The GPT-modified BIOS was flashed back to the device.
- Fingers were crossed... and it worked!
- OS wrangling ensues, various compatibility wrinkles are being ironed out.
It used to be that someone hacked a device and wrote about everything they read and debugged and passed on that knowledge. Not anymore, just feed instructions to a machine and blindly trust it doesn't spit out something that will kill you.
This feels like a fluke more than indicative of LLM capabilities. When working on large code bases they shit the bed. I'm surprised to hear it was able to this without breaking something else to brick the whole device. An exception, not the rule (for now).
That’s the second time in three days that I’ve seen an article where “AI” (machine learning) was actually useful. It’s a hype machine and it’s overvalued, but it’s nice to see it being useful. I still can’t wait for OpenAI to fail. I run the Llama model locally because to hell with giving corps more of my data. Anyway…
Out of curiosity, what's your use case and spec of the machine running it?
I only eff around with it occasionally. I run it on a MacBook Pro M1 Max. It's solid for performance. I don't have a job where I can employ it regularly, so after initial testing, I barely use it.
Fair, I'm kinda wondering about having a general local household ai, I've got no good reason for it other than general tinkering. I'm somewhat waiting for the crossover between decent ai and affordable hardware to occur.
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Enjoy!