Useful information
Prime News delivers timely, accurate news and insights on global events, politics, business, and technology
“It is quite shocking to build an AI model and leave the rear door open from a security perspective,” says Independent Security Researcher Jeremiah Fowler, who did not participate in Wiz’s research, but specializes in discovering exposed databases. “This type of operational data and the ability of anyone with an Internet connection to access it and then manipulate it is an important risk for the organization and users.”
Deepseek systems are apparently designed to be very similar to those of OpenAi, researchers told Wired on Wednesday, perhaps to facilitate that new clients transfer it to use Deepseek without difficulty. All Depseek infrastructure seems to imitate OpenAi, they say, details such as the API keys format.
Wiz researchers say they don’t know if someone else found the database exposed before he did, but it would not be surprising, given how simple it was to discover. Fowler, the independent researcher, also points out that the vulnerable database would have found “definitely” quickly, if it was not, either by other researchers or bad actors.
“I think this is a attention call for the wave of products and services that we will see in the near future and how seriously they take cybersecurity,” he says.
Deepseek has had a global impact during the past week, with millions of people going mass at the service and taking it to the top of Apple and Google application stores. The resulting shock waves have cleaned billions of the prices of the shares of the US companies based in the US and executives scared in companies throughout the country. On Wednesday, Fuentes de Operai told the Financial Times that he was investigating the alleged use of Depseek from Chatgpt’s outings to train his models.
At the same time, Depseek has increasingly caught the attention of legislators and regulators around the world, who have begun asking questions about the company’s privacy policies, the impact of their censorship and if their Chinese property provides concerns of concerns national security.
The Italian data protection regulator sent Depseek a series of questions that wondered where they obtained their training data, if people’s personal information was included in this and the legal basis of the company to use this information. As Italy wiring reportedThe Depseek application seemed to be available to download within the country after the questions that are sent.
Chinese Deepseek connections also seem to be proposing security concerns. At the end of last week, according to CNBC reportsThe US Navy issued an alert to its staff that warned them not to use Depseek services “in any capacity.” The email said that Marine staff should not download, install or use the model, and raise concerns of “potential and ethical security.”
However, despite the exaggeration, the exposed data show that almost all technologies that depend on the databases hosted in the cloud can be vulnerable through simple safety failures. “The AI is the new border in everything related to technology and cybersecurity,” says Ohfeld of Wiz, “and still we see the same ancient vulnerabilities as the databases that leave open on the Internet.”
