Replying to Avatar jsr

NEW: Cost to 'poison' an LLM and insert backdoors is relatively constant. Even as models grow.

Implication: scaling security is orders-of-magnitude harder than scaling LLMs.

Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison.

So, in LLM training-set-land, dilution isn't the solution to pollution.

Just about the same size of poisoned training data that works on a 1B model could also work on a 1T model.

I feel like this is something that cybersecurity folks will find intuitive: lots of attacks scale. Most defenses don't

PAPER: POISONING ATTACKS ON LLMS REQUIRE A NEAR-CONSTANT NUMBER OF POISON SAMPLES https://arxiv.org/pdf/2510.07192

Avatar
Pana - The Refuge Network State 3mo ago

Delicious. 🤓👾

We've been doing covert LLM poisoning work for criminal topics, but this is a good first level explaination of the What and How. 😏

#PoisonLLMs #PoisonAI #LLMOverlords #TheMoreYouKnow #EatTheRich

nostr:nevent1qqsydvpr0jtvraqad3yehwfqknmtklylhuzglfrph7ls73hzmezrrvgpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgq3qvz03sm9qy0t93s87qx2hq3e0t9t9ezlpmstrk92pltyajz4yazhsxpqqqqqqzxyntav

Reply to this note

Please Login to reply.

Discussion

No replies yet.