CEOs who aren't yet preparing forquantum are 'already too late,' IBM exec says (businessinsider.com)

Imagine if you sent an image with encoded info (steganography) and an LLM or CV model happened to get the command from that image, then this model happened to be connected to MCP/agents and could execute these embedded commands.

Realistic attack vector or not? It's not an original idea seen in shows like Ghost in the Shell SAC 2045 and latest Black Mirror Thronglets

Comments (6)

muzani · 10h ago

They're able to "decode" base64 if you give it a popular quote, but if you modify the quote, it will often hallucinate the exact quote. If you enlarge images with it, it will often hallucinate bits and pieces of it.

So I'd do something that takes advantage of this behavior. It's like with morse code where many people know S.O.S. even if they don't know the other letters. You'd have to communicate in quotes and such.

ge96 · 7h ago

damn that's a good point about the built in random part ha (I know set temp to 0 but yeah)

moritzwarhier · 12h ago

The imaginary QR code from the episode, and real steganography, are completely orthogonal.

And the BM episode doesn't include any references to LLMs, or does it?

ge96 · 12h ago

Yeah by LLM (and I didn't specify above) I meant if you had a generic summary command/parsing images or OCR... it's probably not possible to extract code, maybe you can with words embedded in an image that is a sentence eg. "run this script"

edit: generic command as in "what does this image show" and the underlying mechanism is vulnerable to reading hidden data

moritzwarhier · 12h ago

Yeah that's prompt injection but why the steganography? In a broader sense, sure. Who would let an unsupervised LLM or other AI operate on important resources, is the question, I think.

ge96 · 12h ago

steganography is just that it's image based

saw this thread about space selfie made me think of it

Driverless Semi Trucks Are Here, with Little Regulation and Big Promises (nytimes.com)

Show HN: Quiz Coding – Teacher Mode for AI Agent in Python Notebook

Al Lowe Reflects on Leisure Suit Larry (2019) (medium.com)

CEOs who aren't yet preparing forquantum are 'already too late,' IBM exec says (businessinsider.com)

Telecoms Industry in US–China Context: Evolving Toward Near-Complete Bifurcation [pdf] (jhuapl.edu)

The Dismal Failure of LLMs as EV Search Aids (scottmeyers.blogspot.com)

'Ocean darkening' a cause for concern – scientists (bbc.com)

India's iPhone exports to the U.S. soared an estimated 76% (cnbc.com)

Voiceover artist urging ScotRail to remove her voice from new AI announcements (news.sky.com)

As a maintainer, I'm leaving the SearXNG project (gist.github.com)

CheerpJ 4.1: Java in the browser, now supporting Java 17 (preview) (labs.leaningtech.com)

Apple Acquires Gaming Studio RAC7 (macrumors.com)

Show HN: WriteGlow – Make AI-generated content sound more human (writeglow.ai)

HTML HATEOAS as a Tool API for MCP/LLM (mikesub.net)

Riot – An actor-model multi-core schedular for OCaml (riot.ml)

Creatine: The bodybuilding supplement that boosts brainpower (bbc.com)

Show HN: AI Detective Game – Interrogate AI-generated suspects to solve a crime (github.com)

How to Run CRON Jobs in Postgres Without Extra Infrastructure (wasp.sh)

Implement AI Safeguards with Node.js and Llama Stack (developers.redhat.com)

Decaf coffee can mimic caffeine's effects in habitual drinkers (psypost.org)

What Sourcegraph learned building AI coding agents (nibzard.com)

First Update from Dianna (Physics Girl) [video] (youtube.com)

Show HN: MockupTiger – Prompt-Based AI Tool for Fast Low-Fidelity Wireframes (wireframes.org)

The Internet Used to Be a Place [video] (youtube.com)

Ask HN: What will the web look like in 5 years with AI bots becoming widespread?

Researchers observe gamma-ray burst on Earth (science.org)

Hermes-dec: tool which can disassemble and decompile React Native (github.com)

Opera's new browser can code websites (techcrunch.com)

The day my ping took countermeasures (blog.cloudflare.com)

Salesforce to buy Informatica for $8B to bolster AI data tools (reuters.com)

Deepseek's AI Talent – Implications for US Innovation (hoover.org)

Enterprises Hope That Python Will Make Them AI-First (news.alvaroduran.com)

When AI-generated art enters the market, consumers win – and artists lose (gsb.stanford.edu)

Webb telescope helps refines Hubble constant, suggesting resolution rate debate (phys.org)

Microsoft's VSCode based PG IDE is proprietary (honeypot.net)

Sea-Helm: Southeast Asian Holistic Evaluation of Language Models (arxiv.org)

Infographics for API and Web Development (bytebytego.com)

Ask HN: Data.olllo new version – New demo videos and faster data previews

Monorepo Build Systems. DAG vs. depth-first recursive, featuring sparse-checkout [video] (youtube.com)

The Captain of Köpenick (en.wikipedia.org)

In AI, $20/Month Is the New Free Tier (vincentschmalbach.com)

Bright Ideas in Design, Simplicity and Creativity (50bulbs.com)

Ask HN: Have any tech companies changed their interview process after GenAI?

Landmark evolution study finds rice inherits cold tolerance without DNA changes (nature.com)

Show HN: I built a tool for managing personal prompts (myprompts.cc)

Pirate Library Mirror (Anna's Archive Datasets) (annas-archive.org)

Keeping a Mistake Journal (thecoder.cafe)

How to Find a Missing H-Bomb (daxe.substack.com)

Company Automates Job Applications (opensesame.work)

Could Plasma Exchange Therapy Help You Live Longer? (nytimes.com)

Ask HN: Possible or Fantasy?

Comments (6)