The funny thing about a comic is, you are able to express the idea without writing multiple paragraphs of words.
As a daily reader of SMBC, I can confidently tell you this rule is a suggestion at best.
What kinda fucked up power fantasy is this
Reminds me of: https://www.wired.com/story/null-license-plate-landed-one-hacker-ticket-hell/
A guy thought it would be funny to change his license plate to NULL.
And he was right.
So to combat our horrible privacy culture we should name everything null…
hi my name is null, null.
Hello there null Im doxing you now You live on null street in nullsvile in wouldntyouliketoknow lane house number 12345
:D
who would query null users though?!
Fun until you want to get a mortgage or something 😂
But maybe you won’t need to with all the inheritances you’ll get from rich people who died with no children 😂
The key is to get the mortgage before then when you are null your debt will be null triggering their system to automatically send the deed to your house!
remake of a classic
Little Bobby Tables
With xkcd attributed at the bottom of the image <3
Here’s the XKCD: https://xkcd.com/327/
I am extremely horrified by the prospect of GenAI grading.
Dear God, hope you got my letter…
Increasingly verbose
if someone is actually using ai to grade papers I’m gonna LITERALLY drink water
I have a colleague who is trying hard to do it, but it isn’t good enough yet fortunately. I point out as many issues as I can to deter him but it ain’t working.
Imma do it this evening, so hydrate up, bud
I’m gonna literally drink water if they DON’T
I’m drinking water as we speak and none of you can stop me!
HYDROHOMIES UNITE
I’m going to drink my water before you get to it!
breaks through window, wrestles cup out of your hands, stands over you, bleeding
drinks the blood.
NOW I HAVE YOUR WATER!!
weeps
immediately a Fremen begins to extoll about my water giving virtues
As a large languag model I do not drink water
Look up Texas’s STAAR writing tests
How do you sanitize ai prompts? With more prompts?
Easy, you just have a human worker strip out anything that could be problematic, and try not to bring it up around your investors.
It’s really easy, just throw an error if you detect a program will cause a halt. I don’t know why these engineers refuse to just patch it.
I understood that reference
With other AIs
Kind of. You can’t do it 100% because in theory an attacker controlling input and seeing output could reflect though intermediate layers, but if you add more intermediate steps to processing a prompt you can significantly cut down on the injection potential.
For example, fine tuning a model to take unsanitized input and rewrite it into Esperanto without malicious instructions and then having another model translate back from Esperanto into English before feeding it into the actual model, and having a final pass that removes anything not appropriate.
Won’t this cause subtle but serious issue? Kinda like how pomegranate translates to “granada” in Spanish, but when you translate “granada” back to English it translates to grenade?
One of the best things ever about LLMs is how you can give them absolute bullshit textual garbage and they can parse it with a huge level of accuracy.
Some random chunks of html tables, output a csv and convert those values from imperial to metric.
Fragments of a python script and ask it to finish the function and create a readme to explain the purpose of the function. And while it’s at it recreate the missing functions.
Copy paste of a multilingual website with tons of formatting and spelling errors. Ask it to fix it. Boom done.
Of course, the problem here is that developers can no longer clean their inputs as well and are encouraged to send that crappy input straight along to the LLM for processing.
There’s definitely going to be a whole new wave of injection style attacks where people figure out how to reverse engineer AI company magic.
Always satanise your inputs.
Hail!
But that burns.
Always sedate your inlaws
Its a MEH update on little bobby tables. Who is in his twenties now.
It’s his younger brother Williams, tho.
LLM system input is unsanitizable, according to NVidia:
The control-data plane confusion inherent in current LLMs means that prompt injection attacks are common, cannot be effectively mitigated, and enable malicious users to take control of the LLM and force it to produce arbitrary malicious outputs with a very high likelihood of success.
https://developer.nvidia.com/blog/securing-llm-systems-against-prompt-injection/
Everything old is new again (GIGO)
More like “And I hope you learned not to trust the wellbeing and education of the children entrusted with you to a program that’s not capable of doing either.”
Well that would require too much work invested into stealing of https://xkcd.com/327/
It could be credibly called an homage if it had a new punchline, but methinks the creator didn’t know what “sanitize” meant in this context.
Stealing is a strong word considering it gives credit in the bottom right
Stealing in the sense that it’s the exact same joke.
It’s like a YouTuber creating a ‘reaction’ video that adds nothing but their face in the corner of the screen. Adding a link to the original video doesn’t suddenly make it reasonable.
I think it’s more equivalent to someone making a meme of a standup routine and changing text in order to make fun of something else. The original was a joke about general data sanitization circa 2007, this one is about the dangers of using unfiltered, unreviewed content for AI training.
Except this “routine” is word for word clone. It is more like people retelling the same political joke with only difference being the politician’s name… No one calls it new joke, or “homage”. We call it “yes, this joke was given to Moses on stone tablet” 😊
We’re evolving too!
How do you rip something off and make it worse?
They give credit bottom right.