Simple English is not malware. They didn’t do their due diligence either.
No code was executed. Failure to sandbox the AI agent you use is not the problem of the person who is providing free code databases to the internet at large.
When it was the guy doing this on LinkedIn and forcing AI agents that interacted with his profile to speak to him in old English and address him as “my lord” was that malware?
It’s malware as much as a zip bomb is malware. Both serve as input to another program to make it do a specific thing. That thing causes harm on the end user’s device. Asking an agent to speak in old English causes no such harm.
Malware (a portmanteau of malicious software) is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or interfere with the user’s computer security and privacy without their knowledge.
Calling this malware is like calling a DDOS attack hacking.
People have been warned about the fact that there is the potential for an AI LLM to take direction from text without the user’s knowledge since this tech hit the mainstream. Additionally, it’s also not malware when Alexa responds to its name while you’re watching a YouTube video.
These people infected their own computers with software that could be externally controlled on purpose. The LLM might be considered malware since it’s working as designed, but the plain English isn’t.
Yes, I acknowledge that it isn’t malicious software. That’s why I compare it to a zip bomb. The important part isn’t “software”. It’s the “malicious”. None of what Obelisk said relies on this thing being software.
They called it “malware” when this already has a name and it’s “prompt injection”.
We’ve been telling everyone for years not to download and run code you don’t understand.
We’ve been telling people since the advent of the AI LLM that prompt injection is a thing and people who use AI LLM’s should protect against this.
These AI companies are constantly stealing things from FOSS projects as well as artists and other devs/creators.
Nobody sees a problem with that when it’s poisoning LLM’s themselves to protect artwork. But now that some idiot who doesn’t check code before they execute it etc is crying about it and it’s a big deal. I don’t see much of a difference here.
If you want the FOSS community to be there for you, don’t go out of your way to use the corporate BS that’s actively destroying it.
intentionally designed to cause disruption to a computer, server, client, or computer network
Actively and deliberately adding text with the explicit purpose of attempting to delete other peoples’ work fits this quite nicely, thank you for including it to illustrate my point.
I appreciate you seeing this for what it is and saying so, where other people are twisting themselves into pretzels to pretend like it’s anything else.
Simple English is not malware. They didn’t do their due diligence either.
No code was executed. Failure to sandbox the AI agent you use is not the problem of the person who is providing free code databases to the internet at large.
When it was the guy doing this on LinkedIn and forcing AI agents that interacted with his profile to speak to him in old English and address him as “my lord” was that malware?
Someone actively trying to sabotage their users is not okay, regardless of the excuses you want to trot out.
It’s malware as much as a zip bomb is malware. Both serve as input to another program to make it do a specific thing. That thing causes harm on the end user’s device. Asking an agent to speak in old English causes no such harm.
Calling this malware is like calling a DDOS attack hacking.
People have been warned about the fact that there is the potential for an AI LLM to take direction from text without the user’s knowledge since this tech hit the mainstream. Additionally, it’s also not malware when Alexa responds to its name while you’re watching a YouTube video.
These people infected their own computers with software that could be externally controlled on purpose. The LLM might be considered malware since it’s working as designed, but the plain English isn’t.
Yes, I acknowledge that it isn’t malicious software. That’s why I compare it to a zip bomb. The important part isn’t “software”. It’s the “malicious”. None of what Obelisk said relies on this thing being software.
They called it “malware” when this already has a name and it’s “prompt injection”.
We’ve been telling everyone for years not to download and run code you don’t understand.
We’ve been telling people since the advent of the AI LLM that prompt injection is a thing and people who use AI LLM’s should protect against this.
These AI companies are constantly stealing things from FOSS projects as well as artists and other devs/creators.
Nobody sees a problem with that when it’s poisoning LLM’s themselves to protect artwork. But now that some idiot who doesn’t check code before they execute it etc is crying about it and it’s a big deal. I don’t see much of a difference here.
If you want the FOSS community to be there for you, don’t go out of your way to use the corporate BS that’s actively destroying it.
Heheh, and another one of you thought to call me hyperbolic.
Actively and deliberately adding text with the explicit purpose of attempting to delete other peoples’ work fits this quite nicely, thank you for including it to illustrate my point.
What work?
I appreciate you seeing this for what it is and saying so, where other people are twisting themselves into pretzels to pretend like it’s anything else.