59
Hallucinated AI Dependencies as Vectors for Attack (www.theregister.com)
submitted 7 months ago* (last edited 7 months ago) by millie@beehaw.org to c/technology@beehaw.org
5 comments fedilink hide all child comments

Archive Link: https://web.archive.org/web/20240330224149/https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/

This is fascinating. I've certainly seen AI hallucinating things like imaginary functions in gdscript. Admittedly, it does it a lot more with gpt3 than with gpt4 on a subscription, which is consistent with what 3 vs 4 has access to, but I'm sure the problems apply in a lot of other use cases that might have not had the benefit of more recent documentation.

I suppose it's not surprising that a number of larger entities have been falling prey to this, as they keep trying to inappropriately jam AI into their production lines where it's incapable of doing the job. Pretty clever vulnerability to find, though.

Ultimately, this is probably a good thing for human coders, imo. The more LLMs demonstrate that they're not effective without robust human intervention, the better.

you are viewing a single comment's thread
view the rest of the comments
[-] autotldr 1 points 7 months ago

🤖 I'm a bot that provides automatic summaries for articles:

Click here to see the summaryIn-depth Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.

Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI's bad advice, we've learned.

He created huggingface-cli in December after seeing it repeatedly hallucinated by generative AI; by February this year, Alibaba was referring to it in GraphTranslator's README instructions rather than the real Hugging Face CLI tool.

Last year, through security firm Vulcan Cyber, Lanyado published research detailing how one might pose a coding question to an AI model like ChatGPT and receive an answer that recommends the use of a software library, package, or framework that doesn't exist.

The willingness of AI models to confidently cite non-existent court cases is now well known and has caused no small amount of embarrassment among attorneys unaware of this tendency.

As Lanyado noted previously, a miscreant might use an AI-invented name for a malicious package uploaded to some repository in the hope others might download the malware.

Saved 83% of original text.

this post was submitted on 30 Mar 2024
59 points (100.0% liked)

Technology

37702 readers
223 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
TheRtRevKaiser@beehaw.org
alyaza@beehaw.org
gyrfalcon@beehaw.org
SemioticStandard@beehaw.org
coldredlight@beehaw.org
rs5th@beehaw.org
Los@beehaw.org
TheRtRevKaiser@kbin.social
remington@beehaw.org