logo
episode-header-image
May 2024
1h 45m

Episode 71: More VDP Chats & AI Bias Bou...

Justin Gardner (Rhynorater) & Joseph Thacker (Rez0)
About this episode

Episode 71: In this episode of Critical Thinking - Bug Bounty Podcast Keith Hoodlet joins us to weigh in on the VDP Debate. He shares some of his insights on when VDPs are appropriate in a company's security posture, and the challenges of securing large organizations. Then we switch gears and talk about AI bias bounties, where Keith explains the approach he takes to identify bias in chatbots and highlights the importance of understanding human biases and heuristics to better hack AI.

Follow us on twitter at: @ctbbpodcast

We're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.io

Shoutout to YTCracker for the awesome intro music!

------ Links ------

Follow your hosts Rhynorater & Teknogeek on twitter:

https://twitter.com/0xteknogeek

https://twitter.com/rhynorater

------ Ways to Support CTBBPodcast ------

Hop on the CTBB Discord at https://ctbb.show/discord!

We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.

Sign up for Caido using the referral code CTBBPODCAST for a 10% discount.

Today's Sponsor - Project Discovery: https://nux.gg/podcast

Today’s guest: Keith Hoodlet

https://securing.dev/

Resources:

Daniel Miessler's article about the security poverty line

https://danielmiessler.com/p/the-cybersecurity-skills-gap-is-another-instance-of-late-stage-capitalism/

Hacking AI Bias

https://securing.dev/posts/hacking-ai-bias/

Hacking AI Bias Video

https://youtu.be/AeFZA7xGIbE?si=TLQ7B3YtzPWXS4hq

Sarah's Hoodlet's new book

https://sarahjhoodlet.com

Link to Amazon Page

https://a.co/d/c0LTM8U

Timestamps:

(00:00:00) Introduction

(00:04:09) Keith's Appsec Journey

(00:16:24) The Great VDP Debate Redux

(00:47:18) Platform/Hunter Incentives and Government Regulation

(01:06:24) AI Bias Bounties

(01:26:27) AI Techniques and Bugcrowd Contest

Up next
Jul 3
Episode 129: Is this how Bug Bounty Ends?
Episode 129: In this episode of Critical Thinking - Bug Bounty Podcast we chat about the future of hack bots and human-AI collaboration, the challenges posed by tokenization, and the need for cybersecurity professionals to adapt to the evolving landscape of hacking in the age of ... Show More
36m 14s
Jun 26
Episode 128: New Research in Blind SSRF and Self-XSS, and How to Architect Source-code Review AI Bots
Episode 128: In this episode of Critical Thinking - Bug Bounty Podcast we talking Blind SSRF and Self-XSS, as well as Reversing massive minified JS with AI and a wild Google Logo Ligature BugFollow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel fre ... Show More
58m 6s
Jun 19
Episode 127: Drama, PDF as JS Chaos, Bounty Profile Apps, And More
Episode 127: In this episode of Critical Thinking - Bug Bounty Podcast we address some recent bug bounty controversy before jumping into a slew of news itemsFollow us on XShoutout to YTCracker for the awesome intro music!Today's Sponsor: Adobe====== This Week In Bug Bounty ====== ... Show More
1h 7m
Recommended Episodes
Mar 2023
Acquired’s Ben Gilbert & David Rosenthal on private markets, ZIRP impact, future of Amazon | E1706
Acquired co-hosts Ben and David are BACK to discuss the state of the VC market and YC shutting down its Continuity Fund (6:20) before diving into industries that benefitted from ZIRP (26:35). They also break down which social apps they want to own and why (45:29). Then, Ben and J ... Show More
1h 31m
Jun 2024
20 Years, 1000 Episodes: The Man Behind PodQuiz
We have another bonus episode! In this one, Andrew sits down and talks with James Carter from PodQuiz who began his popular trivia podcast back in 2005. He just published his 1000th episode so Andrew took the opportunity to pick his brain on how he comes up with his questions and ... Show More
59m 30s
May 2024
AI vs Human: The Future of Job Interviews with Taylor Desseyn
Join hosts RobbieTheWagner and Charles William Carpenter VIII on Whiskey Web and Whatnot as they welcome back Taylor Desseyn for another round of whiskey and engaging conversation. Dive into discussions on the relevance of AI in hiring, the shift between remote and in-office work ... Show More
59m 54s
Nov 2023
198 - SUAVE Explained with Phil Daian & Andrew Miller
Phil Daian is a crypto-economic researcher! Phil is the lead author behind the landmark paper, “Flash Boys 2.0,” which introduced and defined the MEV problem in the Ethereum landscape, over 4 years ago. He is the cofounder of FlashBots, which is a research and dev organization wi ... Show More
1h 32m
Jul 2024
Encore: AI versus AI.
Blair Cohen from AuthenticID joins Dave to discuss how generative AI and authentication go hand in hand. Joe and Dave share some follow up from listener Robert who discusses an ad for a device that uses ChatGPT to record phone calls on your device. Dave helps his dad out with his ... Show More
54m 28s
Jun 2024
#431 – Roman Yampolskiy: Dangers of Superintelligent AI
Roman Yampolskiy is an AI safety researcher and author of a new book titled AI: Unexplainable, Unpredictable, Uncontrollable. Please support this podcast by checking out our sponsors: – Yahoo Finance: https://yahoofinance.com – MasterClass: https://masterclass.com/lexpod to get 1 ... Show More
2h 22m
May 2024
TWiT 980: Hed Dek Lede and Nut Graf - OpenAI and Reddit, Signal Smear Campaign
OpenAI and Reddit, Signal Smear Campaign GPT-4o (omni) + new "Her"-style AI assistant (it's nuts) It's Time to Believe the AI Hype The panel discusses their experiences with Gemini, ChatGPT, Claude OpenAI strikes deal to bring Reddit content to ChatGPT OpenAI Superalignment team ... Show More
2h 33m
May 2020
#96 – Stephen Schwarzman: Going Big in Business, Investing, and AI
Stephen Schwarzman is the CEO and Co-Founder of Blackstone, one of the world’s leading investment firms with over 530 billion dollars of assets under management. He is one of the most successful business leaders in history, all from humble beginnings back in Philly. I recommend h ... Show More
1h 10m
Mar 2024
AI vs software devs
Daniel and Chris are out this week, so we’re bringing you conversations all about AI’s complicated relationship to software developers from other Changelog pods: JS Party, Go Time & The Changelog.Join the discussionChangelog++ members save 2 minutes on this episode because they m ... Show More
57 m
May 2024
UNCHAINED: Erik Voorhees' New Venture | Why AI Desperately Needs Privacy and Uncensorability
Erik Voorhees' latest venture, Venice, is a private, uncensorable, open-source AI agent run on decentralized computation.  Listen to the episode on Apple Podcasts, Spotify, Pods, Fountain, Overcast, Podcast Addict, Pocket Casts, Amazon Music, or on your favorite podcast platform. ... Show More
1h 15m