←back to thread

The security paradox of local LLMs

(quesma.com)
146 points jakozaur | 2 comments | 22 Oct 25 12:48 UTC | HN request time: 0.533s | source
1. codebastard ◴[22 Oct 25 14:42 UTC] No.45669850[source]
The security paradox of executing unverified code.

If you are executing local malicious/unknown code for reasons you need to read this...

replies(1): >>45671538 #
2. wmf ◴[22 Oct 25 16:25 UTC] No.45671538[source]
This vulnerability comes from allowing the AI to read untrusted data (usually documentation) from the Internet. For LLMs the boundary between "code" and "data" isn't as clear as it used to be since they will follow instructions written in human language.