Two muffins are baking in an oven. One muffin turns to the other and says “sure is hot in here isn’t it?”
To which the other muffin replies “Holy crap! A talking muffin!”
Changing the muffins to cookies would not make it a different joke.
Kind of. You can’t do it 100% because in theory an attacker controlling input and seeing output could reflect though intermediate layers, but if you add more intermediate steps to processing a prompt you can significantly cut down on the injection potential.
For example, fine tuning a model to take unsanitized input and rewrite it into Esperanto without malicious instructions and then having another model translate back from Esperanto into English before feeding it into the actual model, and having a final pass that removes anything not appropriate.
Won’t this cause subtle but serious issue? Kinda like how pomegranate translates to “granada” in Spanish, but when you translate “granada” back to English it translates to grenade?
It will, but it will also cause less subtle issues to fragile prompt injection techniques.
(And one of the advantages of LLM translation is it’s more context aware so you aren’t necessarily going to end up with an Instacart order for a bunch of bananas and four grenades.)
My gawds, some people need to learn what’s a homage and also stop being upset on behalf of others. This comic is fine, stop bellyaching. This is what terminal permission culture does to a motherfucker.
The only person who should care about anything other than the quality is Randall. However since he licensed it CC BY-NC 2.5 how he feels about it doesn’t really matter either.
The key is to get the mortgage before then when you are null your debt will be null triggering their system to automatically send the deed to your house!
LLM system input is unsanitizable, according to NVidia:
The control-data plane confusion inherent in current LLMs means that prompt injection attacks are common, cannot be effectively mitigated, and enable malicious users to take control of the LLM and force it to produce arbitrary malicious outputs with a very high likelihood of success.
More like “And I hope you learned not to trust the wellbeing and education of the children entrusted to you to a program that’s not capable of doing either.”
Stealing in the sense that it’s the exact same joke.
It’s like a YouTuber creating a ‘reaction’ video that adds nothing but their face in the corner of the screen. Adding a link to the original video doesn’t suddenly make it reasonable.
I think it’s more equivalent to someone making a meme of a standup routine and changing text in order to make fun of something else. The original was a joke about general data sanitization circa 2007, this one is about the dangers of using unfiltered, unreviewed content for AI training.
Except this “routine” is word for word clone. It is more like people retelling the same political joke with only difference being the politician’s name… No one calls it new joke, or “homage”. We call it “yes, this joke was given to Moses on stone tablet” 😊
If I watch something funny I’ll quote it with my friends, but I wouldn’t share a clip of me and my friends if I wanted to share the joke with someone. I’d share a clip of the actual joke.
One of the best things ever about LLMs is how you can give them absolute bullshit textual garbage and they can parse it with a huge level of accuracy.
Some random chunks of html tables, output a csv and convert those values from imperial to metric.
Fragments of a python script and ask it to finish the function and create a readme to explain the purpose of the function. And while it’s at it recreate the missing functions.
Copy paste of a multilingual website with tons of formatting and spelling errors. Ask it to fix it. Boom done.
Of course, the problem here is that developers can no longer clean their inputs as well and are encouraged to send that crappy input straight along to the LLM for processing.
There’s definitely going to be a whole new wave of injection style attacks where people figure out how to reverse engineer AI company magic.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !programmerhumor@lemmy.ml
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.
Bobby’s son
It was in fact the mum who was good with computers. Bobby himself was never that interested in exploits.
He probably found it very hard to make any accounts on computers
Two muffins are baking in an oven. One muffin turns to the other and says “sure is hot in here isn’t it?”
To which the other muffin replies “Holy crap! A talking muffin!”
Changing the muffins to cookies would not make it a different joke.
Could have made a meme instead of drawing this up, looking forward to seeing the artist mature some more and bring more distinctive style
How do you sanitize ai prompts? With more prompts?
With other AIs
It’s really easy, just throw an error if you detect a program will cause a halt. I don’t know why these engineers refuse to just patch it.
I understood that reference
Kind of. You can’t do it 100% because in theory an attacker controlling input and seeing output could reflect though intermediate layers, but if you add more intermediate steps to processing a prompt you can significantly cut down on the injection potential.
For example, fine tuning a model to take unsanitized input and rewrite it into Esperanto without malicious instructions and then having another model translate back from Esperanto into English before feeding it into the actual model, and having a final pass that removes anything not appropriate.
Won’t this cause subtle but serious issue? Kinda like how pomegranate translates to “granada” in Spanish, but when you translate “granada” back to English it translates to grenade?
It will, but it will also cause less subtle issues to fragile prompt injection techniques.
(And one of the advantages of LLM translation is it’s more context aware so you aren’t necessarily going to end up with an Instacart order for a bunch of bananas and four grenades.)
Easy, you just have a human worker strip out anything that could be problematic, and try not to bring it up around your investors.
remake of a classic
Little Bobby Tables
With xkcd attributed at the bottom of the image <3
Here’s the XKCD: https://xkcd.com/327/
My gawds, some people need to learn what’s a homage and also stop being upset on behalf of others. This comic is fine, stop bellyaching. This is what terminal permission culture does to a motherfucker.
The only person who should care about anything other than the quality is Randall. However since he licensed it CC BY-NC 2.5 how he feels about it doesn’t really matter either.
We can probably infer by the licensing that he’s cool with it.
I think people should be concerned about things on others’ behalfs. We all need to stick together.
This situation is a send-up though. Totally not a concern.
Oh definitely! I just meant in this particular case.
What is terminal permission if I may ask?
Hrm, give me a moment to check the ACLs, I’ll be able to resolve all these complex conflicting rules shortly…
Nevermind, it was easier to just globally disable SeLinux so I did that. Your system should be more secure now.
Narky, but real, updoot.
Call Dr. Kevorkian and ask.
Permission culture is a term primarily criticizing copyright law. Something that I would expect db0 to agree with! 🏴☠️
What kinda fucked up power fantasy is this
Reminds me of: https://www.wired.com/story/null-license-plate-landed-one-hacker-ticket-hell/
A guy thought it would be funny to change his license plate to NULL.
And he was right.
So to combat our horrible privacy culture we should name everything null…
hi my name is null, null.
Hello there null Im doxing you now You live on null street in nullsvile in wouldntyouliketoknow lane house number 12345
:D
who would query null users though?!
Fun until you want to get a mortgage or something 😂
But maybe you won’t need to with all the inheritances you’ll get from rich people who died with no children 😂
The key is to get the mortgage before then when you are null your debt will be null triggering their system to automatically send the deed to your house!
LLM system input is unsanitizable, according to NVidia:
https://developer.nvidia.com/blog/securing-llm-systems-against-prompt-injection/
Everything old is new again (GIGO)
More like “And I hope you learned not to trust the wellbeing and education of the children entrusted to you to a program that’s not capable of doing either.”
Well that would require too much work invested into stealing of https://xkcd.com/327/
Stealing is a strong word considering it gives credit in the bottom right
Stealing in the sense that it’s the exact same joke.
It’s like a YouTuber creating a ‘reaction’ video that adds nothing but their face in the corner of the screen. Adding a link to the original video doesn’t suddenly make it reasonable.
I think it’s more equivalent to someone making a meme of a standup routine and changing text in order to make fun of something else. The original was a joke about general data sanitization circa 2007, this one is about the dangers of using unfiltered, unreviewed content for AI training.
Except this “routine” is word for word clone. It is more like people retelling the same political joke with only difference being the politician’s name… No one calls it new joke, or “homage”. We call it “yes, this joke was given to Moses on stone tablet” 😊
If I watch something funny I’ll quote it with my friends, but I wouldn’t share a clip of me and my friends if I wanted to share the joke with someone. I’d share a clip of the actual joke.
It could be credibly called an homage if it had a new punchline, but methinks the creator didn’t know what “sanitize” meant in this context.
One of the best things ever about LLMs is how you can give them absolute bullshit textual garbage and they can parse it with a huge level of accuracy.
Some random chunks of html tables, output a csv and convert those values from imperial to metric.
Fragments of a python script and ask it to finish the function and create a readme to explain the purpose of the function. And while it’s at it recreate the missing functions.
Copy paste of a multilingual website with tons of formatting and spelling errors. Ask it to fix it. Boom done.
Of course, the problem here is that developers can no longer clean their inputs as well and are encouraged to send that crappy input straight along to the LLM for processing.
There’s definitely going to be a whole new wave of injection style attacks where people figure out how to reverse engineer AI company magic.
Just use BeautifulSoup.
deleted by creator
They give credit bottom right.
Ah. I… honestly hadn’t noticed. Apologies, OP. Removing previous comment.
deleted by creator
We’re evolving too!
Always satanise your inputs.
Hail!
But that burns.
Always sedate your inlaws
The funny thing about a comic is, you are able to express the idea without writing multiple paragraphs of words.
As a daily reader of SMBC, I can confidently tell you this rule is a suggestion at best.