this post was submitted on 13 Jun 2023
36 points (100.0% liked)

Technology

37717 readers
419 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

We are keeping a list of AI/ML related links from research to more accessible items, hoping to share some of the more accessible posts with a wider community!

you are viewing a single comment's thread
view the rest of the comments
[–] manitcor@lemmy.intai.tech 5 points 1 year ago* (last edited 1 year ago) (1 children)

pretty much this, and unlike claude a month or so ago GPT has been very consistent with context its been given over anything it might come up with on its own.

its consistent enough I can build applications with low enough error rates that I feel i can sell more than a chat window and not worry much about Bobby Tables.

[–] bnaur@lemmy.world 4 points 1 year ago (1 children)

Regarding little Bobby, is there any known guaranteed way to harden the current systems against prompt injections?

This is something that I'm personally more worried about than Skynet or mass unemployment now that everyone and their dog is rushing to integrate LLMs into to their systems (ok worried maybe a wrong word, but let's just say I have the popcorns ready for the moment the first mass breaches happen with something like the Windows Copilot).

[–] manitcor@lemmy.intai.tech 2 points 1 year ago

I'm working on it personally, right now I have a group doing pentesting on chats, I have a structured workflow application Ill be giving them soon to see if they can crack an integration point (DB, api, whatever they can get digital hands on).

So far, with the changes OAI made about a month ago now, they can get it to do things it shouldn't but they can't command it like a puppy if the system command is well written.

there are also techniques that im not sure others have considered yet. for example the conversation between the LLM and the user is not exclusive, as the provider you are the arbitrator of those data feeds. You can inspect any packet, and importantly, alter them to your will. This is pretty normal operation for most service providers and is not very different than some early RDBMS protection layers.