back to article GitHub Copilot, Amazon Code Whisperer sometimes emit other people's API keys

GitHub Copilot and Amazon CodeWhisper can be coaxed to emit hardcoded credentials that these AI models captured during training, though not all that often. A group of researchers at The Chinese University of Hong Kong and Sun Yat-sen University in China decided to look into whether AI "Neural Code Completion Tools," used to …

  1. b0llchit Silver badge
    Facepalm

    We're too smart for the (ML/AI) internet

    • 1) Be stupid
    • 2) Expose your inner secrets on the internet
    • 3) Be ignorant
    • 4) Surprise, you're on candid camera
    • 5) Now you're a member of the ID10T group

    We don't really need AI/ML to tell us about our collective stupidity. Just take a look on the internet and it should be obvious.

    1. Kevin McMurtrie Silver badge
      Trollface

      Re: We're too smart for the (ML/AI) internet

      6) Demand that everybody redact the private key you accidentally exposed because your architecture doesn't support changing keys. I mean, who does that?

  2. Brewster's Angle Grinder Silver badge

    When you want the things to give you links; they hallucinate.

    When you want the things to hallucinate passwords, they give you real ones.

    1. Doctor Syntax Silver badge

      It's just pure chance. Nothing at all to be worried about.

  3. Lee D Silver badge

    This stuff is really the dumbest use of machines that I can imagine.

    "Please give me a bad answer unreliably, trained on data that you really shouldn't have ever had access to."

    1. This post has been deleted by its author

  4. Anonymous Coward
    Anonymous Coward

    Github, Amazon......and then there's others too.....

    Link: https://www.zdnet.com/article/zoom-is-entangled-in-an-ai-privacy-mess/

    Zoom walked back this TOC mess (see above).....but the Zoom genie is out of the bottle too.

    How about deep fake videos of Zoom participants?....or Zoom grabbing and using screen shares?

    Be afraid.......

  5. Missing Semicolon Silver badge

    "public"?

    I thought these LLMs were being trained on non-public repos?

    1. Ken Hagan Gold badge

      Re: "public"?

      Don't confuse "public" with "public domain".

  6. Claptrap314 Silver badge
    Facepalm

    Raise you hand...

    if you were surprised by this at all.

    Beuller? Beuller?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like