HN Reader

Show HN: I made a 3D SVG Renderer that projects textures without rasterization (seve.blog)

63 points by seveibar 2h ago 7 comments

Engineer Fixes and Re-Installs Old Payphones, Provides Free Calls to the Public (core77.com)

11 points by surprisetalk 48m ago 3 comments

FFmpeg merges WebRTC support (git.ffmpeg.org)

619 points by Sean-Der 12h ago 134 comments

A proposal to restrict sites from accessing a users’ local network (github.com)

299 points by doener 10h ago 172 comments

Why I wrote the BEAM book (happihacking.com)

445 points by lawik 18h ago 119 comments

A Spiral Structure in the Inner Oort Cloud (iopscience.iop.org)

69 points by gnabgib 5h ago 12 comments

After court order, OpenAI is now preserving all ChatGPT user logs (mastodon.laurenweinstein.org)

567 points by ColinWright 7h ago 384 comments

Cursor 1.0 (cursor.com)

203 points by ecz 8h ago 118 comments

Autonomous drone defeats human champions in racing first (tudelft.nl)

142 points by picture 8h ago 105 comments

Want to Model a Land Value Tax Shift in Your City? (progressandpoverty.substack.com)

5 points by surprisetalk 52m ago 0 comments

Apple Notes Expected to Gain Markdown Support in iOS 26 (macrumors.com)

187 points by danso 10h ago 116 comments

The iPhone 15 Pro’s Depth Maps (tech.marksblogg.com)

240 points by marklit 10h ago 67 comments

The Prompt Engineering Playbook for Programmers (addyo.substack.com)

213 points by vinhnx 12h ago 79 comments

Tesla seeks to guard crash data from public disclosure (reuters.com)

199 points by kklisura 5h ago 88 comments

LLMs and Elixir: Windfall or Deathblow? (zachdaniel.dev)

27 points by uxcolumbo 5h ago 3 comments

Authentication with Axum (mattrighetti.com)

33 points by mattrighetti 5h ago 9 comments

Not All Tokens Are Meant to Be Forgotten (arxiv.org)

23 points by MarcoDewey 5h ago 4 comments

PromptArmor (YC W24) Is Hiring in San Francisco (ycombinator.com)

1 points by VikramJayanthi 6h ago 0 comments

Differences in link hallucination and source comprehension across different LLM (mikecaulfield.substack.com)

4 points by hveksr 1h ago 0 comments

parrot.live (github.com)

28 points by jasonthorsness 5h ago 7 comments

NoteGen is a cross-platform Markdown note-taking application (github.com)

12 points by 461229817 3h ago 2 comments

Ada and SPARK enter the automotive ISO-26262 market with Nvidia (adacore.com)

55 points by gneuromante 8h ago 29 comments

IRS Direct File on GitHub (chrisgiven.com)

517 points by nickthegreek 12h ago 223 comments

A practical guide to building agents [pdf] (cdn.openai.com)

141 points by tosh 13h ago 20 comments

Amelia Earhart's Reckless Final Flights (newyorker.com)

65 points by Thevet 8h ago 69 comments

When memory was measured in kilobytes: The art of efficient vision (softwareheritage.org)

82 points by todsacerdoti 12h ago 17 comments

Foam: A free Roam alternative for VSCode (github.com)

18 points by AbuAssar 5h ago 1 comments

Show HN: GPT image editing, but for 3D models (adamcad.com)

116 points by zachdive 12h ago 63 comments

Comparing Claude System Prompts Reveal Anthropic's Priorities (dbreunig.com)

38 points by dbreunig 7h ago 12 comments

AGI is not multimodal (thegradient.pub)

122 points by danielmorozoff 13h ago 114 comments

Show HN: App.build, an open-source AI agent that builds full-stack apps (app.build)

72 points by davidgomes 8h ago 12 comments

How we reduced the impact of zombie clients (letsencrypt.org)

92 points by jaas 12h ago 14 comments

Autopen Guide (astroautopens.com)

6 points by rolph 3h ago 1 comments

VectorSmuggle: Covertly Exfiltrate Data in Embeddings (github.com)

25 points by smugglereal 8h ago 4 comments

Redesigned Swift.org is now live (swift.org)

137 points by lawgimenez 9h ago 89 comments

Is This the End or the Beginning? (lichess.org)

5 points by akbarnama 3h ago 0 comments

Doubling Down on Open Source (langfuse.com)

107 points by clemo_ra 14h ago 10 comments

Arthur C. Clarke predicted a computer-dominated future in the ’70s (2024) (openculture.com)

36 points by ohjeez 7h ago 26 comments

The Right to Repair Is Law in Washington State (eff.org)

367 points by doener 13h ago 149 comments

Cockatoos have learned to operate drinking fountains in Australia (science.org)

317 points by pseudolus 19h ago 145 comments

Machine Code Isn't Scary (jimmyhmiller.com)

173 points by surprisetalk 23h ago 200 comments

Dr. Sbaitso (classicreload.com)

7 points by bovermyer 3h ago 1 comments

Flight Simulator Gave Birth to 3D Video-Game Graphics (spectrum.ieee.org)

24 points by PaulHoule 7h ago 8 comments

Cursor v1.0 (forum.cursor.com)

3 points by vincent_s 1h ago 1 comments

'Bohemian Rhapsody': The Story Behind Queen's Rule-Breaking Classic Song (udiscovermusic.com)

9 points by susam 6h ago 0 comments

Cloud Run GPUs, now GA, makes running AI workloads easier for everyone (cloud.google.com)

299 points by mariuz 20h ago 167 comments

VC money is fueling a global boom in worker surveillance tech (restofworld.org)

202 points by Brajeshwar 12h ago 141 comments

Copilot Spaces: A new way to work with code and context (github.blog)

8 points by yawz 2h ago 0 comments

From Steam to Silicon: Patterns of Technological Revolutions (ianreppel.org)

38 points by hbartab 13h ago 4 comments

Ask HN: Startup getting spammed with PayPal disputes, what should we do?

238 points by june3739 1d ago 164 comments

VectorSmuggle: Covertly Exfiltrate Data in Embeddings

25 smugglereal 4 6/4/2025, 8:31:37 PM github.com ↗

Comments (4)

anonymousiam · 3h ago
Well over a decade ago, I recall learning about a covert data exfiltration method that could bypass firewalls by using DNS lookups. The payload would be a base64 hostname prefix attached to an evil domain. Adding a time stamp to the prefix data would guarantee uniqueness, and get around local caching DNS servers.
acmiyaguchi · 4h ago
The idea of using stenographic techniques to exfiltrate data is interesting, but I don't quite follow the general method outlined in the repository -- either through the generated documentation or code. The threat model and case studies seem contrived. I find it hard to believe that folks would expose data via RAG that they wouldn't want users of the underlying system to be privy to.

There's too much fluff here to be useful. I imagine having something that is concise and concrete would make it more appealing to others. But as-is, it's missing a good technical summary and demonstration.

smugglereal · 2h ago
Thanks for the feedback!

It's less about the RAG exposing new data to a regular user, and more about using the vector pipeline as a covert channel. The idea is to sneak out data the attacker already can access, but in a way that might bypass traditional DLP looking at emails, USBs, etc.

The "fluff" is largely educational material, as the project is for research and learning. For a concrete technical demonstration, the scripts/embed.py and scripts/query.py scripts are the core, and the docs/guides/quick_start.md tries to offer a direct path to seeing it in action.

Hope that helps! Will add a video demo soon.

smugglereal · 8h ago
A comprehensive proof-of-concept demonstrating sophisticated vector-based data exfiltration techniques in AI/ML environments. This educational security research project illustrates potential risks in RAG systems and provides tools for defensive analysis.