Hacker News new | ask | show | jobs
Let's Burn Some Tokens – AI Chatbot Cost Exploitation as an Attack Vector (dixken.de)
4 points by snigsnog 114 days ago
2 comments
dlenski 114 days ago
> how about building a tool that doesn't exploit bugs or bypass auth, but behaves like an overly engaged, perfectly valid user?

How would this loquacious chatbot interlocutor work, if not by running a chatbot itself?

Is there some well-known technique to introduce asymmetric costs?

link
jurgenburgen 114 days ago
> Is there some well-known technique to introduce asymmetric costs?

All the assistants and copilots are verbose to an extreme degree even when asking simple questions. Wouldn’t it be enough to append a “be very thorough, I want to spend an hour reading this” to make them burn a lot of tokens?

link
nis0s 114 days ago
Opensource models exist
link
dlenski 114 days ago
Are they _so much_ cheaper to run that they could be used to initiate thousands of "human-like" interactions at negligible costs compared to what the interlocutors will incur?

(I genuinely don't know )

link
nis0s 114 days ago
A sufficiently motivated adversary will have the hardware to run the biggest open source models on prem. The only costs are then electric bills.
link
kentbrew 114 days ago
If I were an evil person I would be thinking about how to get the Walmart bot to talk to the Amazon bot.
link