Linked List: March 17, 2024

Sunday, 17 March 2024

My thanks to Rich Mogull for sponsoring DF last week to promote CloudSLAW — Cloud Security Lab a Week. He wants to make cloud security knowledge accessible to anyone, with or without security or cloud experience, for free. CloudSLAW delivers a 15-30 minute lab to your inbox, RSS feed, or YouTube. You don’t need to be a tech pro, but, as Rich says, it helps to know the difference between an API and an IPA.

Rich has taught cloud security around the world for over a decade. He’s also one of the preeminent writers about security issues in general, and Apple platforms particularly. If you’re a regular reader, you probably recognize his name: I’ve linked to articles by Rich dozens of times over the years, and he was my guest on The Talk Show just a few years ago. He knows his shit and he’s great at explaining it. CloudSLAW is his attempt to help anyone go from zero to hero on cloud security. Go ahead and sign up now — it’s free of charge.

Using ASCII Art to Work Around Content Restrictions in the Top 5 AI Chatbots ★

Dan Goodin, reporting for Ars Technica:

Researchers have discovered a new way to hack AI assistants that uses a surprisingly old-school method: ASCII art. It turns out that chat-based large language models such as GPT-4 get so distracted trying to process these representations that they forget to enforce rules blocking harmful responses, such as those providing instructions for building bombs.

Such a silly trick, but it epitomizes the state of LLMs. It’s simultaneously impressive that they’re smart enough to read ASCII art, but laughable that they’re so naive that this trick works.