TechTakes

1267 readers

120 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 1 year ago

MODERATORS

dgerard@awful.systems

122

LLM vendors are incredibly bad at responding to security issues (pivot-to-ai.com)

submitted 2 months ago by dgerard@awful.systems to c/techtakes@awful.systems

34 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] self@awful.systems 17 points 2 months ago (1 children)

Genuine question.

So rude, you didn’t answer my question at all.

yeah find me one single instance of someone doing this “genuine question” shit that doesn’t result in the most bad faith interpretation possible of the answers they get

If I’m missing something obvious I’d love it if you told me.

most security vulnerabilities look like they cause the targeted program to spew gibberish, until they’re crafted into a more targeted attack
it’s likely that gibberish is the LLM’s training data, where companies are increasingly being encouraged to store sensitive data
there’s also a trivial resource exhaustion attack where you have one or more LLMs spew garbage until they’ve either exhausted their paid-for allocation of tokens or cost their hosting organization a relative fuckload of cash
either you knew all of the above already and just came here to be a shithead, or you’re the type of shithead who doesn’t know fuck about computer security but still likes to argue about it
fuck off

[–] froztbyte@awful.systems 9 points 2 months ago

the amount of times I've had to clean shit up after someone like this "didn't think $x would matter"...