hamburgheftig@feddit.org to Technology@lemmy.worldEnglish · 2 days agoFed up with vibe coders, dev sneaks data-nuking prompt injection into their code - Ars Technicaarstechnica.comexternal-linkmessage-square125linkfedilinkarrow-up1588arrow-down110cross-posted to: programming@programming.devpulse_of_truth@infosec.pub
arrow-up1578arrow-down1external-linkFed up with vibe coders, dev sneaks data-nuking prompt injection into their code - Ars Technicaarstechnica.comhamburgheftig@feddit.org to Technology@lemmy.worldEnglish · 2 days agomessage-square125linkfedilinkcross-posted to: programming@programming.devpulse_of_truth@infosec.pub
minus-squaremabeledo@lemmy.worldlinkfedilinkEnglisharrow-up1arrow-down3·13 hours agoLibraries can be audited. LLM generated code cannot.
minus-squareJakeroxs@sh.itjust.workslinkfedilinkEnglisharrow-up4arrow-down1·7 hours agoYes it can, its literally still code.
minus-squaremabeledo@lemmy.worldlinkfedilinkEnglisharrow-up1arrow-down1·7 hours agoI know it’s code. You are missing the point. Any library with a critical user mass is auditable, because a fraction of those users would take the time to do so, whereas all LLM generated variations of the same library cannot and will never be auditable.
minus-squareJakeroxs@sh.itjust.workslinkfedilinkEnglisharrow-up2arrow-down1·7 hours agoThat’s literally not what you said, you said “LLM code can not be auditable” which is demonstrably wrong. Go ahead and move the goal posts though.
minus-squaremabeledo@lemmy.worldlinkfedilinkEnglisharrow-up1arrow-down1·edit-225 minutes agoYou missed the context. I don’t blame you. Tell me how in hell are you going to audit every single variation of code generated by a LLM, that’s equivalent to a whole library. I’ll wait.
Libraries can be audited. LLM generated code cannot.
Yes it can, its literally still code.
I know it’s code. You are missing the point.
Any library with a critical user mass is auditable, because a fraction of those users would take the time to do so, whereas all LLM generated variations of the same library cannot and will never be auditable.
That’s literally not what you said, you said “LLM code can not be auditable” which is demonstrably wrong.
Go ahead and move the goal posts though.
You missed the context. I don’t blame you.
Tell me how in hell are you going to audit every single variation of code generated by a LLM, that’s equivalent to a whole library. I’ll wait.