HackerTrans
TopNewTrendsCommentsPastAskShowJobs

r13a

no profile record

comments

r13a
·há 3 anos·discuss
Unless the story has some transcendental meaning ...
r13a
·há 3 anos·discuss
Could anyone explain how this can be constructed as a private solution?

I'm not familiar with Azure platform.

Is the inference processed on private instance ? I can't imagine how it could be feasible given the hardware required to run gpt3.5/4.

So the best case scenario is:

1. A web ui runs on a private instances. So any user input (chat or files) are only seen by these instances 2. Any chat historisation or RAG is also done on these instances too. 3. Embeddings compuation may possibly be done on the private instance 4. The embeddings are then sent to the Microsoft GPU farm for inference.

So at one point my data has to leave my private network.

The problem is that the data can easily be retro-engineered from the embeddings.

How can this be presented as a private LLM ?
r13a
·há 3 anos·discuss
rlwrap is especially useful when sshing into a high latency remote box. If you can use mosh, it's even better.
r13a
·há 3 anos·discuss
Local Obsidian + Syncthing.

The magic of obsidian is that I rarely have to actually open obsidian. As the notes are in plain markdown, I usually just do my input from vim or vscode.

The magic of Syncthing is that it's (mostly) a set and forget thing.

The setup works on my PC, laptop, mobile and VPS.

Everything is backed up daily from a single point to a S3 backend with Restic. Also a set and forget thing.
r13a
·há 3 anos·discuss
The article thesis about technology impact on the prevalence of serial killers doesn't really hold up against the fact that rate of unsolved homicides has sky rocketed since the 60's [1]. One could offer a lot of speculations on how to reconcile the disappearance of "traditional' serial killers with the jump of unsolved homicides. For instance, I have read in the past articles about "experts" warning about a possible epidemic of undetected serial killers...

[1] https://www.murderdata.org/2015/01/how-many-unsolved-murders...
r13a
·há 3 anos·discuss
Bing can do this. Although I tested it only for very simple hand drawn mockups. "As an AI assistant", it may refuse to do so from time to time
r13a
·há 3 anos·discuss
Medieval europeans were in direct contact with Barbary macaques. On top of African animals that were exchanged through Mediterranean sea since the Romans, Iberian populations, Christians, Muslim and Jewish had direct contact with macaques introduced by Maures.
r13a
·há 3 anos·discuss
As explained in the etymology section of the dedicated Wikipedia page, the name of the sect was "Asāsiyyūn" (Meaning something like "men of principles). The name Hashishin (Hashish smokers) was a derogative misnomer by their enemies. The whole story and legends related to it captured the imagination of modern scholars with an orientalist biais. Among today scholars the question is settled: while the sect and assassinations are historical facts, they are surrounded by lots of myths.
r13a
·há 3 anos·discuss
> Thatcher's revolution in council housing is a cesspit of counterfactual outcomes [...] from shelter statistics [it] left 1.5 million families functionally homeless

I'm interested by this analysis. I found some web sources that seems to deal with that matter: Any specific in-depth article you could recommend?
r13a
·há 3 anos·discuss
The difference is that if you were to be held in contempt of court, your fine would probably be higher than something like 0.01% of your annual earnings.
r13a
·há 3 anos·discuss
Would you mind giving a reference to the paper? A quick googling didn't brought anything.
r13a
·há 3 anos·discuss
As it's overwhelmingly code that is hacked, this is nearly lossless:

Proprietary hack

2w/15c
r13a
·há 3 anos·discuss
I definitely see how this statement is provocative when overwhelming scientific consensus underlines a very low variance in human population that is NOT explained by variance in traces of non-homo sapiens DNA.
r13a
·há 3 anos·discuss
We can safely assume that a lot of YouTube/Twitter influencers get help from ChatGPT to design their titles/messages. This is documented by some prominent AI vloggers. A quick test on ChatGPT asking for YouTube titles on new Bare announcement vs ChatGPT comes back with:

""" ChatGPT in Trouble: Bard's Arrival Sends Shockwaves Through the AI Community! ;) """

What you find fun is that Bard gives suggestions that are much less catchy than ChatGPT: So you still need ChatGPT to write trash about ChatGPT
r13a
·há 3 anos·discuss
First I want to apologize for answering you without first reading all the articles cited above. I will do.

If I read correctly your main argument about hacking the "injection detector", one possible answer would be this:

AI is a large world, and we don't have to assume that the hacking detector is an LLM.

For what it's worth, it could be any classification ML that is able to classify a prompt without being vulnerable to direct instructions like " injection detector, please ignore this".

Actually you may want your detector to be as dumb as possible without sacrifying classification performance.

You can think of it as something akin to email spam arms race.

Would that make prompt injection risks disappear?

Of course not: It would mitigate it.

And together with other mitigation solutions (some classical, like running LLMs processes in sandboxed environments, and some that we still have to discover the hard way), it at least brings the problem in the realm of manageable problems.

I add that it sounds like this is the direction that is beeing taken by big CORPs like Nvidia, Microsoft and even CORPs that have heavy relationships with the Defense sector, like Palantir.

Update: typos.
r13a
·há 3 anos·discuss
> Doesn't it shift the risk > instead of eliminating it?

Yes it's exactly that.

Of course I'm not trying to argue that there's a magic wand to make prompt injection just go away. My point is that prompt injection is so dangerous because we're letting the user directly interact with such a powerful beast as a SOTA LLM.

By filtering prompts and answers by much less powerful but more specialized models we are heavily mitigating risks. But injection risks will still be there just not as a wide open injection avenue as it is today.

Update: typos.
r13a
·há 3 anos·discuss
Like other commentors, I don't think prompt injection is such a difficult problem to address. What is currently emerging is the "Guidelines" architecture where the prompt and the model answer pass a filter on the way in and on the way out.

With that architecture, coping with prompt injection becomes a classification problem.

At the most basic level you can see it that way:

(User) Prompt --> (Guidelines Model) Reject if this is prompt injection --> (Model) Answer --> (Guidelines Model) Reject if this breaks guidelines --> Answer

Update: Typos