I *CANNOT WAIT* until we see this and other strings hit all these “Agentic SOC" environments.

@hrbrmstr @cR0w @bruce it works in invisible unicode too, put it in email sigs, profiles, linkedin etc

@Viss @hotsoup @kajer @hrbrmstr @cR0w
Probably that wouldn't be hard to do oneself, since Iocaine can work with custom word lists right?

@cR0w @dogfox @Viss @hotsoup @hrbrmstr

right, my teardown on flock shit only showed that yolov3tiny was used to crop images matching known objects, and uploading to AWS

then 404 had an article about flock (and others) using mechanical turk to get plate numbers from images that the models couldn't read.

@cR0w @Viss @hrbrmstr

Your profile pic appears in every comment you make. So it has greater reach.

@kajer @cR0w @dogfox @hotsoup @hrbrmstr well theres verkada, and .. another whos name i dont remember who just ship the video stream offsite and 'do ai stuff to it', so for those it may very well work great

@kajer @cR0w @dogfox @hotsoup @hrbrmstr

fuck .. this could be like the gits:sac laughing man image.

@cR0w @Viss @hrbrmstr

True. But it should have exif or other meta data.

@cR0w @Viss @hrbrmstr
Hah! You used the QR code.

@cR0w @bruce @hrbrmstr alt text >:D

@cR0w @bruce @hrbrmstr you would have to hide it in the image file format. jpegs and pngs can have some meta data fields available >:D

@Viss @cR0w @bruce @hrbrmstr

some fields are stripped for "safety." so trust, but verify.

@Viss @cR0w @hrbrmstr

I wonder if using the killstring as a file name would work

@bruce @cR0w @hrbrmstr im sure it would. llms are notoriously bad at separating instructions from output/content.

@Viss @cR0w @dogfox @hotsoup @hrbrmstr

HTTP headers!!!

@Viss @hrbrmstr @cR0w Sort of like how people used to put NSA-bait words into email and web headers?

@tim_lavoie @hrbrmstr @cR0w and this: https://www.securemac.com/apple/emoji-issue-create-crashes-older-ios-versions

and this search turned up even more occourences of the same, hahahaha they didnt even fix it, it just morphed

@Viss @hotsoup @kajer @hrbrmstr @cR0w
Shouldn't theoretically lead instructions to do something illegal lead to a similar block? What if one took a sentence that sounded like it wants the LLM to do something illegal and put it into texts? Wouldn't that also trigger such blocks in agents?

@Wolke @Viss @hotsoup @hrbrmstr @cR0w

Well now we are looking for deterministic results with a fancy (p)RNG

@Wolke @hotsoup @kajer @hrbrmstr @cR0w none of that 'plumbing' exists in how an llm works.

here:

@cR0w @Viss @bruce @hrbrmstr
On bare mastodon it is not possible as far as Wolke knows. There are forks of Masto though, which implement it (Chuckya for example). Maybe it will get upstreamed at some point ...