Y
Hacker News
new
|
ask
|
show
|
jobs
by
fxtentacle
819 days ago
That paper says you need to control "0.1% of the training data size" for a 40% chance for one single injected prompt to fire. So that's millions of images or billions of text tokens for real-world models.
2 comments
talsperre
818 days ago
Exactly. It is very difficult to implement these data poisoning attacks in the wild due to the size of internet data in general.
link
doctorpangloss
819 days ago
Yeah, but the vibes man.
link