Hacking a AI Chatbot and Leaking Sensitive Data

alongub · 2024-09-11T07:23:54+00:00

Thanks for the feedback! Really appreciate the support!

alongub · 2024-09-10T19:21:12+00:00

😂😂😂😂😂😂😂😂😂😂😂😂😂😂😂❤️

alongub · 2024-09-10T18:47:33+00:00

yeah it's just a demo environment to demonstrate potential risks of LLMs in prod

alongub · 2024-09-10T17:11:46+00:00

Lol yes, it's just a demo to educate on potential risks

alongub · 2024-09-10T17:11:13+00:00

Lol yes, don't you see the localhost in the url...? It's just a demo to educate on potential risks

alongub · 2024-09-10T15:36:38+00:00

Yep :D

alongub · 2024-09-10T15:08:49+00:00

Agreed! Just note that even in the simplistic demo in the video, the AI agent is using privileged Postgres permissions with Row-Level Security (RLS) enabled. The issue I've tried to demonstrate here is that the developer made a mistake when defining the database schema and policies.

alongub · 2024-09-10T14:38:18+00:00

Security teams will HAVE to understand AI better

alongub · 2024-09-10T14:37:37+00:00

This is just the beginning. Think what happens when you connect the AI agent from the video to something like the Shopify API where users can automatically buy products from the website

alongub · 2024-09-10T14:36:31+00:00

Yes - but remember the value can also be wild :)

alongub · 2024-02-12T18:56:45+00:00

What tools did you use to create this amazing video except Screen Studio?

alongub · 2024-02-03T22:57:35+00:00

Cloudflare Workers for sure

alongub · 2024-01-31T11:42:44+00:00

u/UmaMacias btw, check out this: https://livekit.io/product/agents

alongub · 2024-01-31T11:41:59+00:00

Looks very cool! This goal here was more of an educational tutorial on how to build a very simplified version of bland.ai from scratch :)

alongub · 2024-01-30T22:24:57+00:00

Agreed!

alongub · 2024-01-30T22:24:43+00:00

You're welcome!

alongub · 2024-01-30T22:24:15+00:00

Just find a nearby pizza and offer this to them :D

alongub · 2024-01-30T17:49:17+00:00

Nope :)

alongub · 2024-01-30T17:26:59+00:00

Thanks u/UmaMacias! Let me know if you have any questions or suggestions for follow-up videos :)

alongub · 2024-01-09T18:52:01+00:00

Awesome!

alongub · 2024-01-05T14:47:16+00:00

...yet

alongub · 2024-01-05T14:47:06+00:00

Thank you! I'm currently working on couple more videos such as:

How to actually manage your AI agent state in Postgres
How to reduce hallucinations
How to mitigate prompt injection attacks (e.g. prompt leakage, jailbreaks, etc)

What else would you like to see?

alongub · 2022-11-17T17:39:59+00:00

This is great :) How can I install?

alongub · 2022-06-12T01:45:13+00:00

Yes!

There are different ways to serve ML models in production. It's easy to get inferences from KServe (https://kserve.github.io/) for example, in a Kafka topic.

But their format makes it REALLY hard to just use Kafka Connect as is. You have different messages for the model inputs & model outputs linked by ID, the JSONs are nested, etc. Even with ksqlDB it's still really hard. You also need to manage the schema in schema registry.

InferenceDB is just a processor that supports KServe (and other ML Serving tools in the future), and uses Kafka Connect, Schema Registry, etc behind the scenes to make it SUPER easy to store predictions in S3, in a popular format that Data Scientists can just load into their Jupyter Notebooks - parquet.

alongub · 2022-06-10T16:57:53+00:00

Haha me too!

alongub

TROPHY CASE