[HN Gopher] Google announces Sec-Gemini v1 a new experimental cy...
___________________________________________________________________
Google announces Sec-Gemini v1 a new experimental cybersecurity
model
Author : ebursztein
Score : 86 points
Date : 2025-04-04 19:35 UTC (3 hours ago)
(HTM) web link (security.googleblog.com)
(TXT) w3m dump (security.googleblog.com)
| esafak wrote:
| It's interesting how we're seeing the emergence of specialized
| models, much like trained humans.
| jgalt212 wrote:
| What's old is new again. Pretty much all ML and statistical
| models were specialized for a single task / domain.
| jruohonen wrote:
| > Next, in response to a question about the vulnerabilities in
| the Salt Typhoon description, Sec-Gemini v1 outputs not only
| vulnerability details (thanks to its integration with OSV data,
| the open-source vulnerabilities database operated by Google), but
| also contextualizes the vulnerabilities with respect to threat
| actors (using Mandiant data).
|
| I remain still skeptical about LLMs in this space, although I
| might be proven wrong, as often happens. Nevertheless, OSV has
| already been a big advance, so it is great that it gets a further
| commitment.
| ziddoap wrote:
| Could be great for _augmenting_ a cybersec professional 's tasks;
| I'm certainly interested in trying it. However, I fear it will
| not be used as just one of the tools in the toolbox, and rather
| it will be used as something to defer (and consequently shed
| liability) to.
| booi wrote:
| Has anybody been able to shed liability to AI yet?
| ziddoap wrote:
| In the legal sense? I'm not sure.
|
| In the corporate day-to-day? Absolutely.
| andy99 wrote:
| Is this a "model" as in a set of transformer weights that
| inherently does security work or is it a system that has data
| lookup and or other tools along with an LLM to do the question
| interpretation, synthesis, and output presentation?
|
| From the description re data integrations it sounds like the
| latter, unless the data mentioned is in fact used for training.
|
| The distinction is important because a security-tuned model will
| have different limitations and uses than an actual pre-build
| security LLM app. Being an app also makes benchmarking against
| other "models" less straightforward.
| qwertox wrote:
| There is generally something about the Gemini models which feels
| a bit different than Claude, ChatGPT or Mistral.
|
| I always have the feeling that I'm chatting with a model oriented
| towards engineering tasks. The seriousness, lack of interest of
| being humorous or cool.
|
| I don't know if this is because I interact with Gemini only
| through AI Studio, and it may have different system instructions
| (apart from those one can add oneself, which I never do) than the
| one at gemini.google.com.
|
| I never use gemini.google.com because of the lack of a simple
| export feature. And it's not even possible to save one chat to
| disk (well, neither do the others), I just wish it did.
|
| AI Studio saving to Google Drive is really useful. I lets you
| download the chat, strip it of verbose things like the thinking
| process, and reuse it in a new chat.
|
| I wish gemini.google.com had a "Save as Markdown" per answer and
| for the complete chat (with a toggle to include/exclude the
| thinking process). Then it would be a no brainer for me.
|
| It's the same as if Google Docs would not have an "Download.."
| menu entry but you could only "save" the documents via Takeout.
| Y_Y wrote:
| > The seriousness, lack of interest of being humorous or cool.
|
| I love this. When ChatGPT compliments me on my great question
| or tries to banter it causes me great despair.
| neodypsis wrote:
| I've noticed 4o uses a lot of emojis, and, in general, is
| very enthusiastic. I find it funny. If I want a more formal
| bot, I switch to one of the o3 family.
| jonplackett wrote:
| Every now and then 4o seems to get a bit drunk and use
| tonnes of emojis or start swearing when I haven't sworn
| myself in the chat.
|
| The other day I asked a fairly innocuous question and it
| LOLed and said it'd give me the 'no Bullshit answer'
| kfajdsl wrote:
| I've had 4o start off its response with a Smiling Face
| with Sunglasses emoji by the heading unprompted lol.
|
| edit: does hacker news filter out emojis? TIL (there
| should be emojis after this colon: )
| querez wrote:
| I use a very simple custom system prompt (not on my work
| machine at the moment, but essentially something along the
| lines of "for technical questions, please be concise and to
| the point, and when asked for code, omit explanations and
| emit just the code itself unless I ask for explanations"),
| and it does wonders.
| qwertox wrote:
| So do I. But it's not like ChatGPT isn't flexible, the code
| it generates for small tasks is really good, and the site is
| faster than AI Studio.
|
| For example, if I want to quickly create a Python script to
| list all VMs via libvirt and output their attached drives and
| filesystems, that's a task for ChatGPT.
|
| But for the things where I don't want an AI to "suck up" to
| me and instead "stay professional", that's Gemini.
| HelenePhisher wrote:
| > And it's not even possible to save one chat to disk (well,
| neither do the others), I just wish it did.
|
| Ask Claude to generate a .md of the conversation, it will do
| that with the option to download that or a PDF of it. A lovely,
| but well hidden feature!
| qwertox wrote:
| Thanks for the tip. I tested it and this also works with
| Gemini and ChatGPT.
|
| The only drawback I see is that it requires enough free space
| in the context window to duplicate the visual part of the
| chat.
| gavinray wrote:
| It doesn't seem as popular, but I've found Grok to treat you
| the least like a child and provide good answers. Especially
| with more complicated tasks.
| uejfiweun wrote:
| I think Grok is the best for asking about current events but
| I kind of hate how it always tries to turn everything into a
| conversation. But that's just my opinion! What do you think
| is the most annoying feature about Grok?
|
| ^ like that.
| asadm wrote:
| 2.5 has been amazing for programming. I just send it entire
| repo as context when I am lazy and then ask it for entire
| modified files back with the (medium sized) change. It almost
| always works! I wish to either start using cursor or some
| vscode extension to do this from ide itself.
| occamschainsaw wrote:
| I have been using the Obsidian web clipper to export chats from
| ChatGPT and Claude web versions to nicely-formatted md files.
| You can save md to Obsidian or download it as a standalone
| file. It doesn't support Gemini yet though.
|
| https://github.com/obsidianmd/obsidian-clipper
| tyushk wrote:
| You put into words something I've been struggling to describe
| for a long time. Gemini gives short, succinct responses with
| whatever information you need and minimal anything else.
| ChatGPT, Claude both fill text with mannerisms, formatting,
| etc.
|
| I didn't realize just how big the difference was until I tested
| it.
|
| "How do I clear a directory of all executable files on Debian?"
|
| Gemini 2.0 Flash: (responses manually formatted)
| find /path/to/directory -type f -executable -delete
| Replace /path/to/directory with the actual path.
|
| ChatGPT: (full link [1]) To clear (delete)
| all executable files from a directory on Debian (or any Linux
| system), you can use the find command. Here's a safe and
| effective way to do it: # [checkmark emoji] Command to
| delete all executable files in a directory (not recursively):
| [..] # [magnifying glass emoji] Want to preview before
| deleting? [..] # [caution sign emoji] Caution: [..]
|
| [1]
| https://chatgpt.com/share/67f055c8-4cc0-8003-85a6-bc1c7eadcc...
___________________________________________________________________
(page generated 2025-04-04 23:00 UTC)