this post was submitted on 07 Jun 2024
1231 points (92.8% liked)

Programmer Humor

32380 readers
1503 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] redcalcium@lemmy.institute 25 points 5 months ago (4 children)

How do you sanitize ai prompts? With more prompts?

[โ€“] CanadaPlus@lemmy.sdf.org 46 points 5 months ago* (last edited 5 months ago)

Easy, you just have a human worker strip out anything that could be problematic, and try not to bring it up around your investors.

[โ€“] xmunk@sh.itjust.works 39 points 5 months ago (1 children)

It's really easy, just throw an error if you detect a program will cause a halt. I don't know why these engineers refuse to just patch it.

[โ€“] jjjalljs@ttrpg.network 11 points 5 months ago

I understood that reference

[โ€“] zalgotext@sh.itjust.works 2 points 5 months ago

With other AIs

[โ€“] kromem@lemmy.world 2 points 5 months ago* (last edited 5 months ago) (1 children)

Kind of. You can't do it 100% because in theory an attacker controlling input and seeing output could reflect though intermediate layers, but if you add more intermediate steps to processing a prompt you can significantly cut down on the injection potential.

For example, fine tuning a model to take unsanitized input and rewrite it into Esperanto without malicious instructions and then having another model translate back from Esperanto into English before feeding it into the actual model, and having a final pass that removes anything not appropriate.

[โ€“] redcalcium@lemmy.institute 5 points 5 months ago (1 children)

Won't this cause subtle but serious issue? Kinda like how pomegranate translates to "granada" in Spanish, but when you translate "granada" back to English it translates to grenade?

[โ€“] kromem@lemmy.world 1 points 5 months ago

It will, but it will also cause less subtle issues to fragile prompt injection techniques.

(And one of the advantages of LLM translation is it's more context aware so you aren't necessarily going to end up with an Instacart order for a bunch of bananas and four grenades.)