It doesn't help that so far the communicators have used the wrong analogy. Most people writing on this topic use "injection" a la SQL injection to describe these things. I think a more apt comparison would be phishing attacks.
Imagine spawning a grandma to fix your files, and then read the e-mails and sort them by category. You might end up with a few payments to a nigerian prince, because he sounded so sweet.
Perhaps I worded that poorly. I agree that technically this is an injection. What I don't think is accurate is to then compare it to sql injection and how we fixed that. Because in SQL world we had ways to separate control channels from data channels. In LLMs we don't. Until we do, I think it's better to think of the aftermath as phishing, and communicate that as the threat model. I guess what I'm saying is "we can't use the sql analogy until there's a architectural change in how LLMs work".
With LLMs, as soon as "external" data hits your context window, all bets are off. There are people in this thread adamant that "we have the tools to fix this". I don't think that we do, while keeping them useful (i.e. dynamically processing external data).
It's exactly like guns, we know they will be used in school shootings but that doesn't stop their selling in the slightest, the businesses just externalize all the risks claiming it's all up fault of the end users and that they mentioned all the risks, and that's somehow enough in any society build upon unfettered capitalism like the US.
If you’re going to use “school shootings” as your “muh capitalism”, the counter argument is the millions of people who don’t do school shootings despite access to guns.
There are common factors between all of the school shooters from the last decade - pharmacology and ideology.
it's not the mental issues they had, its the drugs they were taking for it right? Please. Look at what Australia did after their 1996 shooting, the main reason they have so few of them, but I know you won't, as millions of Americans you will forever do all sort of mental gymnastics to justify keeping easy access to semi-automatic guns.
> From the information obtained, it appears that most school shooters were not previously treated with psychotropic medications - and even when they were, no direct or causal association was found https://pubmed.ncbi.nlm.nih.gov/31513302/
> Authorised workers had to be vaccinated or couldn't attend work onsite. Those who refused could face disciplinary proceedings including dismissal.
> The mandates rendered vaccination against COVID a condition of employment. Anyone who refused to be vaccinated could therefore be subject to disciplinary proceedings, including dismissal.
Australia | USA | UK
Vaccine passports for venues: Australia = Widespread | USA = Mostly banned | UK = Never implemented
Unvaccinated locked out of shops/restaurants: Australia = Yes | USA = No | UK = No
Healthcare worker mandates: Australia = Yes | USA = Partial (upheld for Medicare/Medicaid facilities) | UK = Brief, then revoked
Broad employment mandates: Australia = Yes (most industries) | USA = Struck down | UK = No
Different lockdown rules by vax status: Australia = Yes | USA = No | UK = No
Days locked down
Australia (Melbourne) = 262 days
UK (England) = approx 190 days (three national lockdowns)
USA = approx 30-60 days in most states (one lockdown only, spring 2020). Eight states never locked down at all. No second or third lockdowns.
Again, so what? Your claim is says "forced" and "dangerous" but you provide no evidence. You've made your opinion clear, but that's all it is. That the Aus government did something different proves, and shows, nothing.
Unfortunate that Notion does not seem to be taking AI security more seriously, even after they got flak for other data exfil vulns in the 3.0 agents release in September
