Yes, but the underlying problem is a lack of exact specification what the agent is allowed or not allowed to do. It must have access to some (most?) of my files (but I'm too lazy to specify which ones exactly, e. g. by…
If your threat model is that of a malicious agent that will use a 0-day LPE to get root and exfiltrate all of your SSH keys, virtualization makes sense. But then, I wouldn't run such an agent at all, if not specifically…
Stories about copilot messing things up made into regular newspapers... Do Anthropic users consider themselves clever enough to not make the same mistakes as Microsoft?
You have to put them into a RULES.md of course!
The reports of copilot running amok when Microsoft integrated it into Windows 11 should have been enough of a warning. You either ensure proper sandboxing, or you'll be in for a bad surprise eventually.
What should it do then? The whole point of LLMs is that you can stop writing rigorous rules in a programming or config language with hard-to-learn syntax, and can resort to natural language instead. You pay for that…
> they are never actionable, don’t say anything Wikipedia doesn’t Researching your way through Wikipedia and the likes certainly counts as "Western education", which as we all know is forbidden by their name. Having an…
Guardrails are essentially part of the input. Saying "but we have guardrails" is like saying "but we do trust part of the input". Either way, even if you trust 100% of the input, there is actually no way to guarantee…
> In most agentic prompt injection attacks, the agent treats the wrong content as a trusted source of instructions and allows itself to be misdirected or misused. This happens when the system fails to maintain a strict…
I have conditioned my left first finger and pinky to just hammer F5 and Esc until the page loading stops at the right moment...
in fact, this could be generalized more and doesn't neccessarily have to be about hiding messages. We've all heard the discussions about using VPNs "for privacy" (i. e. for hiding your IP metadata), when it's really…
I guess you could make a point for using messengers based on open protocols (like Matrix) that have plenty of different client implementations. It doesn't protect you from targeted attacks (it might if you can somehow…
SXMO is pretty minimal in that regard, but it doesn't force you to use the touchscreen. Can also navigate through menus via the volume buttons...
As a user, I much prefer a blocking UI thread to one that lets me spam clicks on the "rotate left" and "flip along vertical axis" buttons and then makes me wonder why the resulting image is not the flipped verstion of…
Yes, but the underlying problem is a lack of exact specification what the agent is allowed or not allowed to do. It must have access to some (most?) of my files (but I'm too lazy to specify which ones exactly, e. g. by…
If your threat model is that of a malicious agent that will use a 0-day LPE to get root and exfiltrate all of your SSH keys, virtualization makes sense. But then, I wouldn't run such an agent at all, if not specifically…
Stories about copilot messing things up made into regular newspapers... Do Anthropic users consider themselves clever enough to not make the same mistakes as Microsoft?
You have to put them into a RULES.md of course!
The reports of copilot running amok when Microsoft integrated it into Windows 11 should have been enough of a warning. You either ensure proper sandboxing, or you'll be in for a bad surprise eventually.
What should it do then? The whole point of LLMs is that you can stop writing rigorous rules in a programming or config language with hard-to-learn syntax, and can resort to natural language instead. You pay for that…
> they are never actionable, don’t say anything Wikipedia doesn’t Researching your way through Wikipedia and the likes certainly counts as "Western education", which as we all know is forbidden by their name. Having an…
Guardrails are essentially part of the input. Saying "but we have guardrails" is like saying "but we do trust part of the input". Either way, even if you trust 100% of the input, there is actually no way to guarantee…
> In most agentic prompt injection attacks, the agent treats the wrong content as a trusted source of instructions and allows itself to be misdirected or misused. This happens when the system fails to maintain a strict…
I have conditioned my left first finger and pinky to just hammer F5 and Esc until the page loading stops at the right moment...
in fact, this could be generalized more and doesn't neccessarily have to be about hiding messages. We've all heard the discussions about using VPNs "for privacy" (i. e. for hiding your IP metadata), when it's really…
I guess you could make a point for using messengers based on open protocols (like Matrix) that have plenty of different client implementations. It doesn't protect you from targeted attacks (it might if you can somehow…
SXMO is pretty minimal in that regard, but it doesn't force you to use the touchscreen. Can also navigate through menus via the volume buttons...
As a user, I much prefer a blocking UI thread to one that lets me spam clicks on the "rotate left" and "flip along vertical axis" buttons and then makes me wonder why the resulting image is not the flipped verstion of…