My gawds, some people need to learn what's a homage and also stop being upset on behalf of others. This comic is fine, stop bellyaching. This is what terminal permission culture does to a motherfucker.
Programmer Humor
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
- Posts must be relevant to programming, programmers, or computer science.
- No NSFW content.
- Jokes must be in good taste. No hate speech, bigotry, etc.
The only person who should care about anything other than the quality is Randall. However since he licensed it CC BY-NC 2.5 how he feels about it doesn't really matter either.
I think people should be concerned about things on others' behalfs. We all need to stick together.
This situation is a send-up though. Totally not a concern.
Oh definitely! I just meant in this particular case.
We can probably infer by the licensing that he's cool with it.
A new ripoff of an old classic
In a version that doesnβt even fully make sense. With databases there is a well-defined way to sanitize your inputs so arbitrary commands canβt be run like in the xkcd comic. But with AI itβs not even clear how to avoid all of these kinds of problems, so the chiding at the end doesnβt really make sense. If anything the person should be saying βI hope you learned not to use AI for thisβ.
if someone is actually using ai to grade papers I'm gonna LITERALLY drink water
I'm gonna literally drink water if they DON'T
I'm drinking water as we speak and none of you can stop me!
As a large languag model I do not drink water
More like "And I hope you learned not to trust the wellbeing and education of the children entrusted to you to a program that's not capable of doing either."
Well that would require too much work invested into stealing of https://xkcd.com/327/
It could be credibly called an homage if it had a new punchline, but methinks the creator didn't know what "sanitize" meant in this context.
remake of a classic
Little Bobby Tables
Bobby's son
It was in fact the mum who was good with computers. Bobby himself was never that interested in exploits.
He probably found it very hard to make any accounts on computers
Its a MEH update on little bobby tables. Who is in his twenties now.
It's his younger brother Williams, tho.
Reminds me of: https://www.wired.com/story/null-license-plate-landed-one-hacker-ticket-hell/
A guy thought it would be funny to change his license plate to NULL.
So to combat our horrible privacy culture we should name everything null...
hi my name is null, null.
TBF it is one of many incidents that have brought more attention to databases used by government institutions that cannot handle NULL as a string. Another instance involved a man with the last name Null who was getting tickets from multiple vehicles he didn't own and states he didn't live in, because whenever the name field was left empty it went to NULL.
It's really not a citizens fault when the system breaks so easily.
LLM system input is unsanitizable, according to NVidia:
The control-data plane confusion inherent in current LLMs means that prompt injection attacks are common, cannot be effectively mitigated, and enable malicious users to take control of the LLM and force it to produce arbitrary malicious outputs with a very high likelihood of success.
https://developer.nvidia.com/blog/securing-llm-systems-against-prompt-injection/
One of the best things ever about LLMs is how you can give them absolute bullshit textual garbage and they can parse it with a huge level of accuracy.
Some random chunks of html tables, output a csv and convert those values from imperial to metric.
Fragments of a python script and ask it to finish the function and create a readme to explain the purpose of the function. And while it's at it recreate the missing functions.
Copy paste of a multilingual website with tons of formatting and spelling errors. Ask it to fix it. Boom done.
Of course, the problem here is that developers can no longer clean their inputs as well and are encouraged to send that crappy input straight along to the LLM for processing.
There's definitely going to be a whole new wave of injection style attacks where people figure out how to reverse engineer AI company magic.
How do you sanitize ai prompts? With more prompts?
Easy, you just have a human worker strip out anything that could be problematic, and try not to bring it up around your investors.
It's really easy, just throw an error if you detect a program will cause a halt. I don't know why these engineers refuse to just patch it.
Artificial Idiocy