|
|
|
|
|
|
by DanMcInerney
980 days ago
|
|
|
As a hacker of more than a decade, none of this really gives me pause. There's still critical sev bugs in tools like Ray, MLflow, H2O, all the MLOps tools used to build these models that are more valuable to hackers than trying to do some kind of roundabout attack through an LLM. It's relevant if you're doing stuff like AutoGPT and you're exposing that app to the internet to take user commands, but are we really seeing that in the wild? How long, if ever, will me? Ray does remote, unauthenticated command execution and is vulnerable to JS drive-by attacks. I think we're at least a few years away from any of the adversarial ML attacks having any teeth. |
|
|