(quesma.com)

146 points jakozaur | 1 comments | 22 Oct 25 12:48 UTC | HN request time: 0.327s | source

Show context

xcf_seetan ◴[22 Oct 25 15:29 UTC] No.45670626[source]▶

>attackers can exploit local LLMs

I thought that local LLMs means they run on local computers, without being exposed to the internet.

If an attacker can exploit a local LLM, means it already compromised you system and there are better things they can do than trick the LLM to get what they can get directly.

replies(4): >>45670663 #>>45671212 #>>45671663 #>>45672038 #

simonw ◴[22 Oct 25 15:31 UTC] No.45670663[source]▶

>>45670626 #

Local LLMs may not be exposed to the internet, but if you want them to do something useful you're likely going to hook them up to an internet-accessing harness such as OpenCode or Claude Code or Codex CLI.

replies(4): >>45670688 #>>45670770 #>>45670832 #>>45670880 #

1. ianbutler ◴[22 Oct 25 15:33 UTC] No.45670688[source]▶

>>45670663 #

yes and I think better local sandboxing can help out in this case, it’s something ive been thinking about a lot and more and more seems to be the right way to run these things

↑

The security paradox of local LLMs