←back to thread

The security paradox of local LLMs

(quesma.com)
146 points jakozaur | 3 comments | 22 Oct 25 12:48 UTC | HN request time: 0s | source
1. pragma_x ◴[22 Oct 25 15:49 UTC] No.45670967[source]
> The conventional wisdom that local, on-premise models offer a security advantage is flawed. While they provide data privacy, our research shows their weaker reasoning and alignment capabilities make them easier targets for sabotage.

Yeah, I'm not following here. If you just run something like deepseek locally, you're going to be okay provided you don't feed it a bogus prompt.

Outside of a user copy-pasting a prompt from the wild, or break isolation by giving it access to outside resources, the conventional wisdom holds up just fine. The operator and consumption of 3rd party stuff are weak-points for all IT, and have been for ages. Just continue to train folks to not do insecure things, and re-think letting agents go online for anything/everything (which is arguably not a local solution anyway).

replies(2): >>45671203 #>>45672610 #
2. 14 ◴[22 Oct 25 16:04 UTC] No.45671203[source]
It is still an important attack vector to be aware of regardless of how unrealistic you believe it to be. Many powerful hacks come from very simple and benign appearing starting points.
3. efskap ◴[22 Oct 25 17:45 UTC] No.45672610[source]
Freeform plaintext (not an executable/script) being an attack vector is new, outside of parser vulns. Providing context through tickets, docs, etc is now a non-obvious security liability.