←back to thread

The security paradox of local LLMs

(quesma.com)
145 points jakozaur | 4 comments | 22 Oct 25 12:48 UTC | HN request time: 0s | source
Show context
xcf_seetan ◴[22 Oct 25 15:29 UTC] No.45670626[source]
>attackers can exploit local LLMs

I thought that local LLMs means they run on local computers, without being exposed to the internet.

If an attacker can exploit a local LLM, means it already compromised you system and there are better things they can do than trick the LLM to get what they can get directly.

replies(4): >>45670663 #>>45671212 #>>45671663 #>>45672038 #
1. trebligdivad ◴[22 Oct 25 16:04 UTC] No.45671212[source]
I guess if you were using the LLM to process data from your customers, e.g. categorise their emails, then this argument would hold that they might be more risky.
replies(1): >>45672175 #
2. wat10000 ◴[22 Oct 25 17:14 UTC] No.45672175[source]
Access to untrusted data. Access to private data. Ability to communicate with the outside. Pick two. If the LLM has all three, you're cooked.
replies(2): >>45672444 #>>45673615 #
3. not2b ◴[22 Oct 25 17:34 UTC] No.45672444[source]
Agreed. Some of the big companies seem to be claiming that by going with ReallyBitCompany's AI you can do this safely, but you can't. Their models are harder to trick, but simply cannot be made safe.
4. ◴[22 Oct 25 19:00 UTC] No.45673615[source]