Comment by theshrike79
4 hours ago
But how would you exploit them when every one of them is subtly different?
With software that's deployed to millions of computers you have an abundance of targets, but trying to target some random LLM average todo list at scale is hard, isn't it?
Yes, but it should be fairly easy to "simply" attack the common technologies that LLMs keep parroting. NextJS, or some Rust tools, or whatever other tools LLMs "love" using, are all great targets.
Once millions of completely unskilled developers have "workflows" that consist of asking an LLM to make a thing, followed by those LLMs pulling in the same 100 (often outdated versions of) dependencies, you have a beautiful attack vector.
Yes, it's "easy" to attack something like Obsidian. It's probably easier to attack a couple hundred dependencies LLMs like to use, or to test what LLMs commonly do to implement things from scratch, and attack those weaknesses.
We are just lucky that enough real, smart, people engineered things that actually work, are well understood, and keep us safe, like firewalls.