Security ProbLLMs in xAI's Grok: A Deep Dive

from blog Simon Willison's Weblog, | ↗ original
Security ProbLLMs in xAI's Grok: A Deep Dive Adding xAI to the growing list of AI labs that shipped feature vulnerable to data exfiltration prompt injection attacks, but with the unfortunate addendum that they don't seem to be taking the problem seriously: All issues mentioned in this post were responsibly disclosed to xAI. Over the course of...
This is a short summary. ↗ Open original to view full content

Related

Can we solve prompt injection now?
Eliran Turgeman | original ↗
zizmor would have caught the Ultralytics workflow vulnerability
ENOSUCHBLOG | original ↗
Quick takes on the recent OpenAI public incident write-up
Surfing Complexity | original ↗
0Din: A GenAI Bug Bounty Program – Securing Tomorrow’s AI Together
Mozilla Hacks – the Web developer blog | original ↗
on the xz backdoor
erock's devlog | original ↗
Reply to Aphyr attack to Sentinel
antirez | original ↗
Grok Status Update Part 2
Secret Weblog | original ↗
"No way to prevent this" say users of only language where this regularly happens
Xe Iaso's blog | original ↗
More thoughts on vulnerabilities and misaligned incentives
ENOSUCHBLOG | original ↗
The most secure chip in the world just got hacked.
zach's tech blog | original ↗

More from Simon Willison's Weblog

Quoting Greg Brockman
16 Jan 2025 | original ↗

Manual inspection of data has probably the highest value-to-prestige ratio of any activity in machine learning. — Greg Brockman, OpenAI, Feb 2023 Tags: machine-learning, openai, ai

Quoting gwern
16 Jan 2025 | original ↗

[...] much of the point of a model like o1 is not to deploy it, but to generate training data for the next model. Every problem that an o1 solves is now a training data point for an o3 (eg. any o1 session which finally stumbles into the right answer can be refined to drop the dead ends and produce a clean transcript to train a more refined...

Datasette Public Office Hours Application
16 Jan 2025 | original ↗

Datasette Public Office Hours Application We are running another Datasette Public Office Hours event on Discord tomorrow (Friday 17th January 2025) at 2pm Pacific / 5pm Eastern / 10pm GMT / more timezones here. The theme this time around is lightning talks - we're looking for 5-8 minute long talks from community members about projects they are...

Evolving GitHub Issues (public preview)
16 Jan 2025 | original ↗

Evolving GitHub Issues (public preview) GitHub just shipped the largest set of changes to GitHub Issues I can remember in a few years. As an Issues power-user this is directly relevant to me. The big new features are sub-issues, issue types and boolean operators in search. Sub-issues look to be a more robust formalization of the existing feature...

100x Defect Tolerance: How Cerebras Solved the Yield Problem
16 Jan 2025 | original ↗

100x Defect Tolerance: How Cerebras Solved the Yield Problem I learned a bunch about how chip manufacture works from this piece where Cerebras reveal some notes about how they manufacture chips that are 56x physically larger than NVIDIA's H100. The key idea here is core redundancy: designing a chip such that if there are defects the end-product...