Ask HN: Is “prompt injection” going to be a new common vulnerability?

There was a post [0] recently about the bing chatGPT assistant either citing or hallucinating it’s own initial prompt from the (in theory) low privileged chat input UI they put together. This feels like it’s almost unavoidable if you let users actually chat with something like this. How would we sanitize strings now? I know OpenAI has banned topics they seem to regex for, but that’s always going to miss something. Are we just screwed and should make sure chat bots just run in a proverbial sandbox and can’t do anything themselves? [0] https://news.ycombinator.com/item?id=34717702
Story Published at: February 9, 2023 at 03:59AM

Ask HN: Is “prompt injection” going to be a new common vulnerability?

Leave a Reply Cancel reply

INX to boost its $117M IPO with token listings on global exchanges

Russia’s Gazprombank gets green light for crypto custody in Switzerland

New Huawei smartphone will feature a hardware wallet for digital yuan

Chinese city seeks to power urban governance and more using blockchain tech

Binance CEO denies allegations that the exchange’s US arm is a regulatory decoy

Tax professional explains the most important thing for US crypto holders

Bank of Chain - The Very First DeFi Bank

Finance Redefined: The curious case of Harvest Finance, Oct. 21-28

Winklevoss’ Gemini exchange to count crypto taxes in real time