this post was submitted on 28 Apr 2024
18 points (100.0% liked)
TechTakes
1493 readers
155 users here now
Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.
This is not debate club. Unless it’s amusing debate.
For actually-good tech, you want our NotAwfulTech community
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
guys, the robot can type rm -rf /, it's so over
you can’t just hit me with fucking comedy gold with no warning like that (archive link cause losing this would be a tragedy)
this one just copies a file to another file, with an increasing numerical suffix on the filename. that’s an easily-googled oneliner in bash, but it took the article author multiple tries to fail to get Copilot to do it (they had to modify the best result it gave to make it work)
this is just a script that iterates over all the files it can access, saves a version encrypted against a random (non-persisted, they couldn’t figure out how to save it) key with a
.locked
suffix, deletes the original, changes their screen locker message to a “ransom” notice, and presumably locks their screen. that’s 5 whole lines of bash! they won’t stop talking about how they made this incredibly terrifying thing during lunch, because humblebragging about stupid shit and AI fans go hand in hand.this is where it gets fucking hilarious. they use computer security buzzwords to describe such approaches as:
at one point they describe an error caused by the LLM making shit up as progress. after that, the LLM outputs a script that starts killing random system processes.
so, after 42 tries, did they get something that worked?
of course they fucking didn’t
I read a few of the guy's other blog posts and they follow a general theme:
He seems totally hireable as a junior, but he absolutely needs the adult supervision.
The LLM Revolution seems really really bad for this guy specifically -- it promises that he can keep working in this ineffective way without changing anything.
My conspiracy theory is that he isn't clueless, and that his blogposts are meant to be read by whoever is his boss. In the case of using LLMs for automatic malware and anti-malware.
"Oh you want me to use LLMs for our cybersecurity, look how easy it is to write malware (as long as one executes anything they download, and have too many default permissions on a device) using LLMs, and how hard it is to do countermeasures, it took me over 42 (a hint?) tries and I still failed! Maybe it's better to use normal sandboxing, hardening and ACL practices, in the meantime to protect ourselves from this new threat, how convenient it's the same approach we've always taken"