The true cost of generative AI is the erosion of trust.

  • pflanzenregal@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    ·
    7 days ago

    We don’t need code words, we need a proper PKI (public key infrastructure) for authenticated communication.

    • stevedice@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      13
      ·
      7 days ago

      You receive a call from an unknown number and they tell you they’ve kidnapped your wife. They then give her the phone so you can hear her but she didn’t do it through Signal so she’s obviously not your wife so you just hang up.

      • Feathercrown@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        edit-2
        7 days ago

        You can use this to your benefit though

        husband/wife walks up to you to start an argument

        “sorry honey, you need your public key”

        Instant win

    • lud@lemm.ee
      link
      fedilink
      English
      arrow-up
      8
      ·
      7 days ago

      Seems a bit hard to verbally exchange keys and sign your speech though.

      • pflanzenregal@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        7 days ago

        Yeah, I wouldn’t recommend doing that.

        And that’s not how you establish a PKI or implement AE (authenticated encryption). When I send a voice message e.g. I don’t verbally sign it, that’s actually part of KE (key exchange) protocol.

        Same applies to non encrypted, authenticated communication of course.

        And in case you are talking about physical face to face communication: I think you’d recognize your family and friends without the help of cryptography.

        Edit: if you have any question, feel free to ask! Maybe I misunderstood you? Then I’m sorry

        • lud@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          7 days ago

          Of course you don’t verbally sign voice messages. That wouldn’t make any sense at all unless you are a robot or something.

          It was just a joke. But if you wanted to authenticate something (like an email, or voice I guess) in a PKI you would sign it using your certificate private key and the CA would tell the recipient if it’s valid or not.

          • Feathercrown@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            7 days ago

            That’s what the article is about though, voice messages can now be spoofed. It happened to one of my friend’s parents

            • lud@lemm.ee
              link
              fedilink
              English
              arrow-up
              2
              ·
              edit-2
              7 days ago

              I was implying that you do the actual singing verbally. Like actually saying the bits, which would be pretty much impossible.

              Of course you could sign voice messages. That would be like singing any other file.

  • Eww@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    7 days ago

    Anyone born in the 80’s probably still has the code word their parents gave them.

  • Yokozuna@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 days ago

    I just tell them to hang up and call me right back. In some scenarios that might not be the best solution but it is the easiest blanket approach that I can find to keep everyone safe.

  • TachyonTele@lemm.ee
    link
    fedilink
    English
    arrow-up
    87
    ·
    8 days ago

    We’ve discussed this years back, and decided our safe phrase is “Hi gramma, it’s me im in jail and need apple gift cards”

  • ByteOnBikes@slrpnk.net
    link
    fedilink
    English
    arrow-up
    31
    ·
    7 days ago

    Eww y’all have a code word? Those are easily guessable.

    My wife and I have a random 6 digit code that rotates every 30-seconds based on an algorithm and if we don’t properly authorize, we will refuse the connection.

  • sp3ctr4l@lemmy.zip
    link
    fedilink
    English
    arrow-up
    27
    ·
    8 days ago

    My family gaslit me for decades.

    I can only hope someone bothers to harass them with my own voice.

    • ByteOnBikes@slrpnk.net
      link
      fedilink
      English
      arrow-up
      4
      ·
      7 days ago

      Wait you actually had a code word for when a stranger approached you?

      I thought that was a joke

      • MyTurtleSwimsUpsideDown@fedia.io
        link
        fedilink
        arrow-up
        6
        ·
        7 days ago

        It is not a joke. Honestly I don’t remember anymore if we had a code word or not, but it was definitely discussed with parents and school officials; probably in D.A.R.E too. The premise is that a kidnapper might try to trick you with: “Your mom is [working late / in the hospital / etc.], she asked me to pick you up today.” If they don’t have the password, then you don’t go with them and then go get help from a trusted adult. If you can’t get to one, run away and scream.

        • Swedneck@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          3
          ·
          6 days ago

          that is a fucking wild concept lol, in what scenario would a parent ask someone the kid doesn’t know to pick them up? like even if you 100% trust someone, that doesn’t work if the kid has never met them!

          • MyTurtleSwimsUpsideDown@fedia.io
            link
            fedilink
            arrow-up
            1
            ·
            6 days ago

            I mean, yeah, that makes sense to you and me, but not every child would make that deduction? Some kids are friendly and trusting, and even if the child is wary of strangers and instructed not to go with them, a kidnapper can just say that they are a parent’s coworker, or that they work at the hospital where their sick parent is, or whatever other lie or sounds convincing to a child. Little kids don’t have the context to see through that bullshit yet.

            At least that’s the premise.

            But, it also applies to people the kid does know, but may not be expecting: an aunt or uncle, a coach, teacher, a friends parent, a parents friend… since we now know (or at least it has been better disseminated) that most kidnappings are done by someone close to the child or family. The kid should still ask for the password if it’s not a pre scheduled “Grandma picks me up Wednesdays and Thursdays” kind of thing.

            I’m no child safety expert; that’s just what I remember.

  • LiveLM@lemmy.zip
    link
    fedilink
    English
    arrow-up
    22
    ·
    8 days ago

    Truth be told, me and my parents have been doing this for a bit now to combat the kidnapping scam calls

  • Dudewitbow@lemmy.zip
    link
    fedilink
    English
    arrow-up
    12
    ·
    8 days ago

    my family knows i hate using the phone in the first place so me calling without good reason is a red flag

    • Wrufieotnak@feddit.org
      link
      fedilink
      English
      arrow-up
      12
      ·
      7 days ago

      The scam is exactly about feinting a “good reason”. So it is still a good idea to establish a code phrase for such situation, even if you don’t normally use the phone.

      • Dudewitbow@lemmy.zip
        link
        fedilink
        English
        arrow-up
        2
        ·
        7 days ago

        its the mannerism that matters on the phone.

        the other part is for a scammer to create a model using broken english/asian language, which on its own, is a huge hurdle.

        • Swedneck@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          1
          ·
          6 days ago

          yeah the idea that you could fool people about something important with AI voices is fucking wild to me, do people talk like news hosts on the phone? Or do they just regularly send over $5000 when their kid asks them?

          the one scenario i get is a fake hostage situation, in that case yeah you don’t exactly have the time or desire to go “hey mom can you prove that you’re being held hostage?”

          • Dudewitbow@lemmy.zip
            link
            fedilink
            English
            arrow-up
            1
            ·
            6 days ago

            personally i dont even know if my mom even knows how to remotely wire money digitally, or even understand what a gift card is. if shes ever given me money, it was always in person. it makes me a terrible candidate, at least if youre trying to scam my parents.

  • osaerisxero@kbin.melroy.org
    link
    fedilink
    arrow-up
    12
    ·
    8 days ago

    Between this and the recommendation to fall back to encrypted communication, this almost looks like someone trying to bootstrap a populace trained to evade the feds.