101010.pl

Gary McGrawReviewing this absolute garbage work that has a veneer of science. What a joke. If this is the kind of <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> out of Europe that is supposed to save us, we're screwed.Academic journals in security are utterly useless. <a href="https://sigmoid.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://sigmoid.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://www.sciencedirect.com/science/article/pii/S0167404824002931" rel="nofollow noopener" translate="no" target="_blank">https://www.sciencedirect.com/science/article/pii/S0167404824002931</a>

noplasticshower<a href="https://toot.cafe/@baldur" class="u-url mention" rel="nofollow noopener" target="_blank">@baldur</a> have you read our work? You might appreciate it. You can use it to shut those guys up.<a href="https://infosec.exchange/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://berryvilleiml.com/results/BIML-LLM24.pdf" rel="nofollow noopener" translate="no" target="_blank">https://berryvilleiml.com/results/BIML-LLM24.pdf</a>

Gary McGrawOne person's data pollution is another person's data gold. As long as we have next to zero insight into the immense training data sets used by LLMs this will happen again and again. Data protection fail groundhog day. <a href="https://sigmoid.social/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#ML</a> <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://sigmoid.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a><a href="https://www.darkreading.com/cyberattacks-data-breaches/deepseek-breach-opens-floodgates-dark-web" rel="nofollow noopener" translate="no" target="_blank">https://www.darkreading.com/cyberattacks-data-breaches/deepseek-breach-opens-floodgates-dark-web</a>

Gary McGrawBenchmarks as popularity contests don't work. There are lots of other reasons that benchmarks have become almost worthless in <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a>. In particular <a href="https://sigmoid.social/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#ML</a> benchmark as badnessometer comes to mind. <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://techcrunch.com/2025/04/22/crowdsourced-ai-benchmarks-have-serious-flaws-some-experts-say/" rel="nofollow noopener" translate="no" target="_blank">https://techcrunch.com/2025/04/22/crowdsourced-ai-benchmarks-have-serious-flaws-some-experts-say/</a>

Gary McGrawThis coverage of COT in ML is misleadingly anthropomorphic. Have we really lost track of how these things work? Just because we call something "chain of thought" that doesn't make it ACTUAL chain of thought. Anthropic has always done this. <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a>And this is a usually excellent reporter falling prey to the nomenclature. <a href="https://arstechnica.com/ai/2025/04/researchers-concerned-to-find-ai-models-hiding-their-true-reasoning-processes/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/ai/2025/04/researchers-concerned-to-find-ai-models-hiding-their-true-reasoning-processes/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social</a>

Gary McGrawWelp, I caught the BIML Bibliography up to 2024. LOL. A labor of love, that's for sure. Only three more months of papers to enter...We keep track of the <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> field by reading the science so you don't have to. See our "top 5 papers" list to get started.<a href="https://sigmoid.social/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#ML</a> <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://sigmoid.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://sigmoid.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://berryvilleiml.com/bibliography/" rel="nofollow noopener" translate="no" target="_blank">https://berryvilleiml.com/bibliography/</a>

Gary McGrawGenAI is so expensive that some (foundation model building) companies will not survive. This is a major cause of technical lock in...scientific exploration of the space is incredibly expensive. Who can do A/B testing when it is that expensive?<a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://sigmoid.social/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#ML</a> <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a><a href="https://www.theregister.com/2025/03/31/llm_providers_extinction/" rel="nofollow noopener" translate="no" target="_blank">https://www.theregister.com/2025/03/31/llm_providers_extinction/</a>

Gary McGrawAs usual, <a href="https://infosec.exchange/@dangoodin" class="u-url mention" rel="nofollow noopener" target="_blank">@dangoodin</a> has written an excellent security explainer article. This one is about prompt injection...but not the usual trial and error whack-a-mole prompt manipulation by pizza guy...instead, automated manipulation by search in gradient space. This technique is new enough that we're discussing the original paper only today at BIML. It makes the whole boring front door malicious input thing much more interesting.Have a read at the edge of <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://sigmoid.social/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#ML</a> <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://arstechnica.com/security/2025/03/gemini-hackers-can-deliver-more-potent-attacks-with-a-helping-hand-from-gemini/" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/security/2025/03/gemini-hackers-can-deliver-more-potent-attacks-with-a-helping-hand-from-gemini/</a>

noplasticshower<a href="https://sauropods.win/@futurebird" class="u-url mention" rel="nofollow noopener" target="_blank">@futurebird</a> you might enjoy reading this work I did with my group on <a href="https://infosec.exchange/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a>The reg wall is mostly pretend...<a href="https://berryvilleiml.com/results/BIML-LLM24.pdf" rel="nofollow noopener" translate="no" target="_blank">https://berryvilleiml.com/results/BIML-LLM24.pdf</a>

Gary McGrawIf deciding what is true in an ML training set is a political decision, then generating the "ground truth" with a synthetic generation algorithm is a great way to control model behavior.Build a HOW machine to make a WHAT pile to train a WHAT machine. <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://sigmoid.social/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#ML</a> <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://sigmoid.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://www.wired.com/story/nvidia-gretel-acquisition-synthetic-training-data/" rel="nofollow noopener" translate="no" target="_blank">https://www.wired.com/story/nvidia-gretel-acquisition-synthetic-training-data/</a>

Gary McGrawWhoever decided to replace search engines with ML was either an idiot or a malicious demon <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://sigmoid.social/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#ML</a> <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://sigmoid.social/tags/search" class="mention hashtag" rel="nofollow noopener" target="_blank">#search</a> <a href="https://arstechnica.com/ai/2025/03/ai-search-engines-give-incorrect-answers-at-an-alarming-60-rate-study-says/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/ai/2025/03/ai-search-engines-give-incorrect-answers-at-an-alarming-60-rate-study-says/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social</a>

Gary McGrawTurns out that you can automate being wrong. It's easy! <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://www.404media.co/ai-lawyer-hallucination-sanctions/" rel="nofollow noopener" translate="no" target="_blank">https://www.404media.co/ai-lawyer-hallucination-sanctions/</a>

Gary McGrawWe all knew that insecure code was bad, but this is a riot! Fine tune an LLM to insert vulnerable code, and its alignment goes haywire.<a href="https://sigmoid.social/tags/swsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#swsec</a> <a href="https://sigmoid.social/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#appsec</a> <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://sigmoid.social/tags/ML" class="mention hashtag" rel="nofollow noopener" target="_blank">#ML</a> <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://sigmoid.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://arstechnica.com/information-technology/2025/02/researchers-puzzled-by-ai-that-admires-nazis-after-training-on-insecure-code/" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/information-technology/2025/02/researchers-puzzled-by-ai-that-admires-nazis-after-training-on-insecure-code/</a>

Gary McGrawThis has nothing to do with security and is not how to secure <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a>. <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://arstechnica.com/ai/2025/02/anthropic-dares-you-to-jailbreak-its-new-ai-model/" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/ai/2025/02/anthropic-dares-you-to-jailbreak-its-new-ai-model/</a>

Gary McGrawWe are so deep into data feudalism that even the plagerizers are whining. <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://www.bloomberg.com/news/articles/2025-01-29/microsoft-probing-if-deepseek-linked-group-improperly-obtained-openai-data" rel="nofollow noopener" translate="no" target="_blank">https://www.bloomberg.com/news/articles/2025-01-29/microsoft-probing-if-deepseek-linked-group-improperly-obtained-openai-data</a><a href="https://www.lawfaremedia.org/article/why-the-data-ocean-is-being-sectioned-off" rel="nofollow noopener" translate="no" target="_blank">https://www.lawfaremedia.org/article/why-the-data-ocean-is-being-sectioned-off</a>

noplasticshower<a href="https://mastodon.social/@Daojoan" class="u-url mention" rel="nofollow noopener" target="_blank">@Daojoan</a> data,feudalism is here to stay <a href="https://infosec.exchange/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://www.lawfaremedia.org/article/why-the-data-ocean-is-being-sectioned-off" rel="nofollow noopener" translate="no" target="_blank">https://www.lawfaremedia.org/article/why-the-data-ocean-is-being-sectioned-off</a>

Gary McGrawUnleashing AI. So much for <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a>. It's all up to us now.<a href="https://www.whitehouse.gov/presidential-actions/2025/01/removing-barriers-to-american-leadership-in-artificial-intelligence/" rel="nofollow noopener" translate="no" target="_blank">https://www.whitehouse.gov/presidential-actions/2025/01/removing-barriers-to-american-leadership-in-artificial-intelligence/</a>

Gary McGrawCan governments control <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a>? Are they powerful enough to rein in enormous tech companies? BIML is proud to play a critical independent role in <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a>. Hopefully what we're doing matters. Sometimes it's hard to tell.<a href="https://time.com/7204670/uk-ai-safety-institute/" rel="nofollow noopener" translate="no" target="_blank">https://time.com/7204670/uk-ai-safety-institute/</a>

noplasticshower<a href="https://mastodon.social/@chockenberry" class="u-url mention" rel="nofollow noopener" target="_blank">@chockenberry</a> recursive pollution is real <a href="https://infosec.exchange/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://berryvilleiml.com/2024/01/29/two-interesting-reads-on-llm-security/" rel="nofollow noopener" translate="no" target="_blank">https://berryvilleiml.com/2024/01/29/two-interesting-reads-on-llm-security/</a>

Gary McGrawI hate to tell you, but the ML/AI benchmarks are really no measure of intelligence. <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#MLsec</a> <a href="https://arstechnica.com/information-technology/2025/01/sam-altman-says-we-are-now-confident-we-know-how-to-build-agi/" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/information-technology/2025/01/sam-altman-says-we-are-now-confident-we-know-how-to-build-agi/</a>

Recent searches

Search options

Administered by:

Server stats:

#MLsec