[BoiledCabbage]

Because in software we've defined an environment where every sw method of gaining privilege/escalation is hardened. As a result, usually the most reliable way to get escalation is via social engineering.

LLMs exist in an environment whose vulnerabke surface area is social engineering. How do you lock down a system against all possible social engineering?

Oh yah and the "system" isn't any computer system somewhere, it's the entire world itself.

So one of the problems the safetiests are trying to solve is How do you protect a messy system, the size/complexity of the entire world from social engineering? The answer is clearly not using traditional approaches which consistently fail.

And that's just one of the problems they're trying to solve.

[Obscurity4340]

Does my conflation here make any sense or have any applicabillity even tho the system is far more distributed or...I don't think I have a sufficiently robust mental model of any of this but I just don't know enough to dispute it.

[Obscurity4340]

But why does the LLM itself have "access to root" whatver that means in the OS equivalent of whatever it is they operate within in terms of the larger context?