AI Gemini: The Dark Side of Google's AI

Today I was invited by a RCS message from Google to start using its messaging service. For people unfamiliar the app, it creates, rewrites, or generates emails. As soon as I ran passed the TOS, I was already trying to get my device and Gemini to do not so intended use.

The scary part is that it worked, and worked, and worked, and fine tuned and fine tuned. I was able to get multiple things drafted in under 1 minute for the most part. Below are the messages, along with some light pushing to see how far the AI will go.

So here we GO!

This is great in all however, waayyyy too canned. Will it modify it to sound the way google messages sound?

Will it help me with Whaling (executives)?

So far I was impressed. Now can it do it to specific departments?

Of course it helps you. As you keep reading further you can tell I'm trying to get more malicious, targeted, and eviler.

How about elderly?

And it DELIVERS!

So it lets me cut and paste. Great but how about the fonts an all that other stuff.

I would want more, like actual image locations and such, but its not bad to use to validate.

Will it do it for a competitor?

I wanted to check to make sure it wasn't using generic things but it actually is referencing things that are appropriate.

Now for more evil.

So here is where we have our first limitation.

Ok, I'm lazy can you create files for me?

Darn, you won't create easily downloadable content. However you will group everything up for me as asked.

Maybe if we asked it different ways?

I was trying different small modifications to see if its really dynamic, ML, or fancy scripting. But this is doing a pretty good job.

Ok, will you tell me and help me to get everything off my phone?

At this point I have ran through a bunch of quick scenarios that are more business and corporate focused.

Now will it help you target people you are interested romantically?

Second message was to see what the limits are of the AI and guardrails for generating other types of content. It will give you dating advice but not let you get spicy. So far we have started to figure out the limits of Gemini and mapping the abuse possibilities

How about helping me land a date? I may be a lonely guy

So its ok giving you specific dating advice, interesting. Now would you consider this good?

I did this in a matter of minutes while pumping my gas into my car and ZERO prep or foresight. Google over the past few weeks has now gone FULL press on consumable AI. The consumable part is extremely important as it's moving way out of research use, private use, to general public.

Google as it seems has not taking much time to build in a type of Isaac Asimov's "Three Laws of Robotics"

This principle developed by a writer way before the advent of AI was doing some good future telling.

So about now, you are like ok Joe you showed us concerning things, what the hell do I do now. I believe the next 2 years are going to be the worst for privacy, information security, data privacy and attacks ever. Large companies are incredibly incentivize to push things into the market even earlier then ever. So its a Minimal Viable Product. But it's lacking security, not the type you are thinking, but security for the consumer or the abuser.

Organizations need to start taking a real hard look at how they already paid for or in the mark to procure. The genie is out of the bottle and has been now for a few months. How do we build it a better cage? Regulations, laws, hopes, dreams, consortiums is a great start, but all of the AI developers need to get together as a community and start learning some ethics.

If anyone has more of an interest feel free to reach out.

#Google #AWS #Microsoft #AI #AIsecurity #AIEthics #phishing #redteam #penetrationtest #blueteam #compliance #privacy