How do you make sure you are not violating terms and conditions if they forbid injecting third party javascript into the website explicitly?
Does your LLM ingest terms and conditions too?
In some cases in the past, finding and using auth tokens in the front end has resulted in hacking charges, in those cases alleged hacker found an api key in the front end and directly accessed the database, which resulted in a jail sentance.
How do you solve this issue that some companies may become hostile if injected code extracts auth tokens and accesses backend?
AI providers like openAI or Anthropic are already on the hook for OFAC compliance, so if any terrorist group is proven to access their APIs they can face huge fines.
The same game played out in the crypto space. Local models like local wallets can't be regulated.
Accessing foreign services can't be controlled.
But regulated companies are fully liable for any use of their tools by terrorist organizations.
This is not about the citizens, it's about the companies protecting themselves.
Their brains are the same, what differs is the environment.
Humanity's superpower is the ability to copy and mirror each other very effectively.
It does not require advanced awareness or intelligence to do it. Most people copy others subconsciously!
Majority of people won't contribute anything technologically, but they sure as hell can copy.
That's not always the case imho.
Think about advances in running inference, any innovation will happen in the details. Higher layer can stack gpu's but the implementation can still be improved.
Often small technical changes like "making a service 5% faster" are worth millions for large companies. That's all implementation.
One reason to write by hand is to have intellectual property, since it was ruled that AI generated code is in the public domain by default, so licensing is hard.
Another thing is competitive edge, if you use claude and your competitors use claude then nothing really gives you an edge. AI is a commodity, not competitive edge.
The competitive pressure should drive human work because it's unique.
I would say it's an average coder when it comes to writing functions because it keeps using regex. It might pass a benchmark but doesn't pass the smell test.
Does your LLM ingest terms and conditions too?
In some cases in the past, finding and using auth tokens in the front end has resulted in hacking charges, in those cases alleged hacker found an api key in the front end and directly accessed the database, which resulted in a jail sentance.
How do you solve this issue that some companies may become hostile if injected code extracts auth tokens and accesses backend?