LLM system input is unsanitizable, according to NVidia:
The control-data plane confusion inherent in current LLMs means that prompt injection attacks are common, cannot be effectively mitigated, and enable malicious users to take control of the LLM and force it to produce arbitrary malicious outputs with a very high likelihood of success.
I have a colleague who is trying hard to do it, but it isn’t good enough yet fortunately. I point out as many issues as I can to deter him but it ain’t working.
Yikes. I’ve never read Asterix and Obelix, but did they really make (I assume) the only black character a straight up knuckle-dragging gorilla imitation? 😬
He’s possibly the only reoccurring black character, and yes it is very much a product of its time.
In defense of the authors the Gauls are all depicted with large bulbous noses, the Romans with Roman noses, etc; all cariceturs. https://en.m.wikipedia.org/wiki/Caricature.
In the attached image you can see Obelix is also depicted as a “knuckle dragger” (at times). The character leading them is a Roman.
Cartoons back then were a little bit sambo so to speak, but the intent wasn’t strictly malicious, just uninformed.
You use the words/concepts you know to express something to an audience. If society tells you that native Americans wear headdresses, then you will likely add a headdress when introducing a new native american character, not neccesarily realising the damage of the stereotype behind it.
ah no sorry, I actually have no idea what you wrote - I just find the “deleted by creator” stuff I see so often super funny because of how biblical it sounds
I hope you have a better day than this one, and don’t let the mob get you down
The key is to get the mortgage before then when you are null your debt will be null triggering their system to automatically send the deed to your house!
Kind of. You can’t do it 100% because in theory an attacker controlling input and seeing output could reflect though intermediate layers, but if you add more intermediate steps to processing a prompt you can significantly cut down on the injection potential.
For example, fine tuning a model to take unsanitized input and rewrite it into Esperanto without malicious instructions and then having another model translate back from Esperanto into English before feeding it into the actual model, and having a final pass that removes anything not appropriate.
Won’t this cause subtle but serious issue? Kinda like how pomegranate translates to “granada” in Spanish, but when you translate “granada” back to English it translates to grenade?
It will, but it will also cause less subtle issues to fragile prompt injection techniques.
(And one of the advantages of LLM translation is it’s more context aware so you aren’t necessarily going to end up with an Instacart order for a bunch of bananas and four grenades.)
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !programmerhumor@lemmy.ml
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.
LLM system input is unsanitizable, according to NVidia:
https://developer.nvidia.com/blog/securing-llm-systems-against-prompt-injection/
Everything old is new again (GIGO)
The funny thing about a comic is, you are able to express the idea without writing multiple paragraphs of words.
As a daily reader of SMBC, I can confidently tell you this rule is a suggestion at best.
I am extremely horrified by the prospect of GenAI grading.
You are roughly a decade late. Computers have been grading essays for a long time. The mcat for example hasn’t had human grading in about that long.
Dear God, hope you got my letter…
if someone is actually using ai to grade papers I’m gonna LITERALLY drink water
I have a colleague who is trying hard to do it, but it isn’t good enough yet fortunately. I point out as many issues as I can to deter him but it ain’t working.
Look up Texas’s STAAR writing tests
Imma do it this evening, so hydrate up, bud
I’m gonna literally drink water if they DON’T
I’m drinking water as we speak and none of you can stop me!
I’m going to drink my water before you get to it!
breaks through window, wrestles cup out of your hands, stands over you, bleeding
drinks the blood.
NOW I HAVE YOUR WATER!!
weeps
immediately a Fremen begins to extoll about my water giving virtues
HYDROHOMIES UNITE
As a large languag model I do not drink water
Bobby’s son
It was in fact the mum who was good with computers. Bobby himself was never that interested in exploits.
He probably found it very hard to make any accounts on computers
Its a MEH update on little bobby tables. Who is in his twenties now.
It’s his younger brother Williams, tho.
lil’ bobby generic
We’re evolving too!
deleted by creator
The fact that it’s a joke about genAi and that joke is a rehash of existing material is rather on point though.
deleted by creator
It’s an old joke updated for new technology … that’s part of what makes it clever.
It references the original joke (albeit in very small text)
The Asterix books frequently did something similar. https://cloud.wordpress.com/2022/02/17/asterix-and-the-historical-interpretation/
Yikes. I’ve never read Asterix and Obelix, but did they really make (I assume) the only black character a straight up knuckle-dragging gorilla imitation? 😬
He’s possibly the only reoccurring black character, and yes it is very much a product of its time.
In defense of the authors the Gauls are all depicted with large bulbous noses, the Romans with Roman noses, etc; all cariceturs. https://en.m.wikipedia.org/wiki/Caricature.
In the attached image you can see Obelix is also depicted as a “knuckle dragger” (at times). The character leading them is a Roman.
This second example shows the Vikings.
Cartoons back then were a little bit sambo so to speak, but the intent wasn’t strictly malicious, just uninformed.
You use the words/concepts you know to express something to an audience. If society tells you that native Americans wear headdresses, then you will likely add a headdress when introducing a new native american character, not neccesarily realising the damage of the stereotype behind it.
it literally has a credit to the original, go touch grass and stop inventing things to get mad over
deleted by creator
deleted by His Holiness
deleted by creator
ah no sorry, I actually have no idea what you wrote - I just find the “deleted by creator” stuff I see so often super funny because of how biblical it sounds
I hope you have a better day than this one, and don’t let the mob get you down
I think it’s a paraphrase of a culturally significant webcomic inserted into a more modern context without it’s original meaning being altered.
I don’t know if I’d call it a paraphrase when it’s using 90% the exact same words.
I think you mean “without its original meaningfully being altered.”
What kinda fucked up power fantasy is this
Reminds me of: https://www.wired.com/story/null-license-plate-landed-one-hacker-ticket-hell/
A guy thought it would be funny to change his license plate to NULL.
So to combat our horrible privacy culture we should name everything null…
hi my name is null, null.
Fun until you want to get a mortgage or something 😂
But maybe you won’t need to with all the inheritances you’ll get from rich people who died with no children 😂
The key is to get the mortgage before then when you are null your debt will be null triggering their system to automatically send the deed to your house!
Hello there null Im doxing you now You live on null street in nullsvile in wouldntyouliketoknow lane house number 12345
:D
who would query null users though?!
And he was right.
How do you sanitize ai prompts? With more prompts?
With other AIs
It’s really easy, just throw an error if you detect a program will cause a halt. I don’t know why these engineers refuse to just patch it.
I understood that reference
Easy, you just have a human worker strip out anything that could be problematic, and try not to bring it up around your investors.
Kind of. You can’t do it 100% because in theory an attacker controlling input and seeing output could reflect though intermediate layers, but if you add more intermediate steps to processing a prompt you can significantly cut down on the injection potential.
For example, fine tuning a model to take unsanitized input and rewrite it into Esperanto without malicious instructions and then having another model translate back from Esperanto into English before feeding it into the actual model, and having a final pass that removes anything not appropriate.
Won’t this cause subtle but serious issue? Kinda like how pomegranate translates to “granada” in Spanish, but when you translate “granada” back to English it translates to grenade?
It will, but it will also cause less subtle issues to fragile prompt injection techniques.
(And one of the advantages of LLM translation is it’s more context aware so you aren’t necessarily going to end up with an Instacart order for a bunch of bananas and four grenades.)
Could have made a meme instead of drawing this up, looking forward to seeing the artist mature some more and bring more distinctive style
remake of a classic
Little Bobby Tables
With xkcd attributed at the bottom of the image <3
Here’s the XKCD: https://xkcd.com/327/
Increasingly verbose