GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Untitled attachment

Download link

https://media.infosec.exchange/infosec.exchange/media_attachments/files/113/334/753/938/528/471/original/9714c16f817e659d.jpg

Notices where this attachment appears

  1. Embed this notice
    Paco Hope #resist (paco@infosec.exchange)'s status on Sunday, 20-Oct-2024 00:36:11 JST Paco Hope #resist Paco Hope #resist
    in reply to

    @patrickcmiller That's the key point I'm trying to make. Sometimes people bolt on a proxy in front of a vulnerable web site to mitigate SQL injection risk. We often criticize that as insufficient on its own. And that is exactly what they're doing to prevent information leakage out of LLMs: stick some stuff in the prompt to make undesirable data less likely in the output. And while bolt-on security can be PART of a multi-prong security approach, in the case of LLMs it's the only prong.

    This picture from this blog is really useful at showing how our mental models about LLMs can be wrong. On the left is what the user thinks is happening. On the right is what is happening in the LLM. The effectiveness of the bolt-on security is limited by the fundamental workings of the technology.

    In conversation about a month ago from infosec.exchange permalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.