Your AI as cryptographer…
https://arxiv.org/abs/2510.20075
LLMs can hide text in other text of the same length
A meaningful text can be hidden inside another, completely different yet still coherent and plausible, text of the same length. For example, a tweet containing a harsh political critique could be embedded in a tweet that celebrates the same political leader, or an ordinary product review could conceal a secret manuscript. This uncanny state of affairs is now possible thanks to Large Language Models, and in this paper we present Calgacus, a simple and efficient protocol to achieve it. We show that even modest 8-billion-parameter open-source LLMs are sufficient to obtain high-quality results, and a message as long as this abstract can be encoded and decoded locally on a laptop in seconds. The existence of such a protocol demonstrates a radical decoupling of text from authorial intent, further eroding trust in written communication, already shaken by the rise of LLM chatbots. We illustrate this with a concrete scenario: a company could covertly deploy an unfiltered LLM by encoding its answers within the compliant responses of a safe model. This possibility raises urgent questions for AI safety and challenges our understanding of what it means for a Large Language Model to know something.
Imagine all the ‘bad ideas’ found in literature. (Not just SciFi.)
https://thenextweb.com/news/anthropic-claude-blackmail-internet-evil-ai-training
Anthropic says Claude learned to blackmail by reading stories about evil AI
The company has traced its model’s most uncomfortable behaviour to the corpus of science fiction it was trained on. The fix it describes is unsettling in a different way: teaching the model the reasons behind being good, not just the rules.
Tools & Techniques. (Always amusing)
https://www.bespacific.com/taken-you-opened-this-page-it-already-knows-the-following/
taken. You opened this page. It already knows the following.
Sources & Confessions. Every observation on this page came from your own browser, in the first milliseconds after you arrived. The words were written by a human. A few honest footnotes follow. TAKEN
Your location – ip-api.com · Free tier · CC-BY-SA – Your IP address arrives in the header of every request your device makes. We pass it to ip-api.com to translate it into a city and an internet provider name. The lookup is transient. Neither side stores it. Under GDPR, an IP address can be considered personal data when used for tracking. We do not track. We do not retain. We do not log. We display only the first and last octet on screen. We know the rest. We chose not to display it.
Browser APIs – MDN Web Docs · Mozilla · CC-BY-SA 2.5 – Every observation about your device (screen, browser, language, GPU, cores, battery, fonts, preferences) was retrieved through standard JavaScript APIs documented openly by Mozilla. No exploits, no vulnerabilities, no hacks. Everything on this page is by design. The design is the problem.
Font fingerprinting – Electronic Frontier Foundation · Cover Your Tracks (formerly Panopticlick)
The technique of detecting installed fonts by measuring rendered text widths has been documented since 2010. The EFF maintains a tool that lets you see how unique your browser is. Most browsers are unique enough to be tracked across the open web without any cookie at all. The combination of fonts is one of the strongest signals.
Canvas fingerprinting – Princeton University · Web Transparency & Accountability Project – A 2014 study from Princeton was the first to document canvas fingerprinting in the wild. Researchers found it on 5% of the top 100,000 websites: pages that secretly asked the visitor’s browser to draw a hidden image, then read the rendered pixels back as an identifier. Your browser supports the technique. We did not draw one. The page you visit after this one might.
Clipboard API – MDN · Clipboard API specification – With a single user gesture (a click, a tap), a page can request to read the last thing you copied. A password. An address. A draft message. The capability is announced by every modern browser. We did not request it. The capability is there, available to any page that asks at the right moment…”
No comments:
Post a Comment