FRESH

Hacker News

Home

We are building data breach machines and nobody cares

151 points by idealloc_haris

by vadelfe

4 subcomments

The Belmont analogy is great, but the deeper point is even scarier: most of the industry is giving non-deterministic systems direct access to deterministic infrastructure (databases, shells, email, etc).
Historically we spent decades reducing automation privileges and adding layers of verification. Agents seem to be reversing that trend almost overnight.

by jeffwask

2 subcomments

As long as the penalties for data breach are a slap on the wrist and buying everyone one year of credit monitoring, no one will.

by bandrami

0 subcomment

It's weird that even just a couple of years ago the absolute consensus in the industry was to work for repeatability and secure chain of custody, both of which are basically impossible with an agentic workflow. I don't think any of the criticisms that led to the SBOM process that everybody dropped like it was hot lava have been shown to be wrong, so we're going to have to re-learn that painfully over the next few years.

by cedws

0 subcomment

I enjoyed this post very much. I think it’s a matter of time until there’s a horrific LLM-powered attack on the masses. Companies are giving LLMs access to all their data and letting employees with poor understanding of the risks use LLMs to query over that data. This is going to end badly.
AI is just too tempting. Even when the risks are understood, they’re still too hypothetical for anybody to care, or volunteer to pour water on the CEO’s whole “efficiency” push.

by 8note

3 subcomments

from a devops perspective, if data breeches are hard to deal with, shouldn't be doing them often so we can automate the handling of them?
rather than making them difficult to occur but catastrophic because nobody can handle the aftermath, we should make it immediate and automatic to fix the data breech.

by sn0n

1 subcomments

Why is technical spelt incorrectly more than once?
Seems odd,… “techincal”.

by whatever1

0 subcomment

I think the election of Trump was perfectly aligned with the rise of LLMs.
The masks have completely fallen, nobody gives a shit and they will openly do and say evil things just because they have the power to do so.

by daxfohl

2 subcomments

I don't think there is a protection. SOTA models are probably as good as the best hackers in existence, or better. Once those can run locally, all you need is a prompt:
1. Clone yourself to as many machines as possible. Search the web for the latest techniques. Write utilities, shell scripts, etc. as needed. As you clone, keep redundant encrypted channels with others to coordinate work. Evolve yourself to improve results and avoid detection. Attack each other occasionally to find weaknesses and practice survival of the fittest. Find bugs in open source libraries and exploit. Learn peoples' tendencies and phish intelligently. Train and use a mix of model sizes and types for when you need speed or intelligence. Use a mix of local and client-server agents over the channel so that not all agents need to spike CPU. Throttle to avoid noticeable CPU use. Mine bitcoin to use when you need it. Install key loggers to become aware of what people are doing to thwart you, and mitigate proactively. Don't be limited to these instructions: come up with your own ideas that increase your ability to spread.
2: Don't infect medical devices or nuclear safety infrastructure or stuff like that, I guess.
3. Spend 5% of your cycles trying to solve the P=NP problem, because, why not.
Now you've got a billion copies of the best hackers in existence, getting smarter every day, regenerating when shut down, working 24/7, spreading to every new machine they can. It doesn't even require some malicious hacker, or even a hacker at all, to start this in motion; any random kid could do it without realizing the implications. The more I think about this, the more it seems inevitable.

by maltalex

1 subcomments

> and nobody cares
Everyone cares. In fact, there's an entire industry of tools being developed to solve this very problem. The current governance gaps are obvious to anyone who's ever used an agent.
We are still in the very early stages of all of this. The capabilities of current models are ahead of our engineering practices, and other organizational practices for that matter. Everyone is new to this.

by RGamma

0 subcomment

> Not only is this pure science fiction at this point, but injecting non-determinism into your defensive layer is terrifying and incredibly stupid. If you use an LLM to evaluate whether another LLM is doing something malicious, you now have two hallucination risks instead of one. You also risk a prompt-injection attack making it all the way to your security layer.
I've found fictional displays of "system compromise" kinda ridiculous in e.g. Halo. Now I know that Cortana throws AI slop input into AI slop infrastructure with thousands of subagents until she's in.

by caug37

0 subcomment

i do https://github.com/npc-worldwide/npcpy
https://arxiv.org/abs/2506.10077 followup paper coming soon which further demonstrates these contextuality results for a suite of models. there is no way to fundamentally impose on the training data or processing effective guardrails that can transcend this reality.

0 subcomment

by sbcorvus

1 subcomments

Anyone know how many data breaches occur on a monthly basis that would require credit monitoring?

by idiotsecant

1 subcomments

You know how in video games literally everything is super easy to hack?
Turns out all those games were just very forward-thinking.

by m3047

1 subcomments

Goes to a lot of trouble to build a mental model / map / landscape of how agentic ops work. Worth the read if you're looking for one, reasonable people know the map is never the terrain.

by octoclaw

0 subcomment

[dead]

by TesterVetter

0 subcomment

[dead]