Hacker News new | ask | show | jobs
by asdfasgasdgasdg 19 hours ago
I actually do not think that this is fundamentally much more risky than the basic type of supply chain attack that already exists in code form. You actually have a lot less exposure, because when you give people the ability to run code on your computer, it works deterministically, whereas most AIs are becoming hardened to the sort of prompt injection attack we are discussing here. To put it another way, AI prompt injection supply chain attacks are dominated by code-based ones.

I do not think it is correct to say that someone who is building something with a tool you don't like "deserves every single thing coming to [them]". That seems a little mean to me.
1 comments
gmerc 17 hours ago
Every app including a transformer is suddenly vulnerable to RCE from text.
link
asdfasgasdgasdg 17 hours ago
Provided you give it access to tool calls that execute arbitrary code, sure.
link
gmerc 16 hours ago
Not exactly. Since even without toolscalls humans are executors of the output in many cases.
link