* Posts by tanepiper

2 publicly visible posts • joined 27 Jun 2023

I stumbled upon LLM Kryptonite – and no one wants to fix this model-breaking bug

tanepiper

Last year I also was concerned with what I saw with GPT4 (https://tane.dev/2023/04/i-think-i-found-a-privacy-exploit-in-chatgpt/) and similarly found OpenAI dismissive.

I don't have a lot of trust in these models, although still use them but always with caution.

Warning: JavaScript registry npm vulnerable to 'manifest confusion' abuse

tanepiper

I actually did a POC 7 years ago about this - https://github.com/tanepiper/steal-ur-stuff

It was reported to npm at the time, but they chose to ignore it - https://github.com/npm/npm/issues/17724