Readit News pipx install llm
llm install llm-claude-3
llm keys set claude
# paste Anthropic API key here
llm -m claude-3-opus '3 fun facts about pelicans'
llm -m claude-3-opus '3 surprising facts about walruses'
More on LLM: https://llm.datasette.io/
Big fan of your work with the LLM tool. I have a cool use for it that I wanted to share with you (on mac).
First, I created a quick action in Automator that recieves text. Then I put together this script with the help of ChaptGPT:
escaped_args=""
for arg in "$@"; do
escaped_arg=$(printf '%s\n' "$arg" | sed "s/'/'\\\\''/g")
escaped_args="$escaped_args '$escaped_arg'"
done
result=$(/Users/XXXX/Library/Python/3.9/bin/llm -m gpt-4 $escaped_args)
escapedResult=$(echo "$result" | sed 's/\\/\\\\/g' | sed 's/"/\\"/g' | awk '{printf "%s\\n", $0}' ORS='')
osascript -e "display dialog \"$escapedResult\""
I assume the example from the author [of the blog post] must’ve been a deployment by someone without much experience with the javascript ecosystem or extremely lazy. Pretending this assumption is correct, what does it tell us? Is it a reflection of the environment’s lack of regulation (even industry/market led, like PCI) and a deluge of unsophisticated (ignorant) users/consumers?
We do see phishing pages like this increasingly popping up with obfuscation. I think at this time less than a third are obfuscated, but this is gradually increasing. The thing is, most of the folks running these sites are likely not very technical. They buy the template from a vendor and plug in the config settings and just focus on driving traffic to the site - this happens through Discord & Twitter spam.
The thing with fraudsters and threat actors that play in this space is that at the end of the day it's a business and they want maximum reward for minimal effort. I think right now there's not a very aggressive takedown feedback loop with these phishing sites, but we are working to accelerate this and as this happens the perpetrators WILL need to rely more on obfuscation to try and thwart on the fly static detection. My guess is that eventually most of the logic will be server-side and cloaked as has happened with many other categories of phishing and fraud (particularly malvertising campaigns). Sooner or later the more amateur scam operators in this space will likely get shaken out by this acceleration of the cat and mouse game and only highly technical operators will be left.
With regards to the sites that we see obfuscated today, we are still able to do accurate attribution, as we've been specializing in the detection and blocking malicious client-side code for some time now.
Thanks again for your comment.