<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hacker News: TerryBenedict</title><link>https://news.ycombinator.com/user?id=TerryBenedict</link><description>Hacker News RSS</description><docs>https://hnrss.org/</docs><generator>hnrss v2.1.1</generator><lastBuildDate>Sat, 04 Jul 2026 10:48:19 +0000</lastBuildDate><atom:link href="https://hnrss.org/user?id=TerryBenedict" rel="self" type="application/rss+xml"></atom:link><item><title><![CDATA[New comment by TerryBenedict in "The Policy Puppetry Attack: Novel bypass for major LLMs"]]></title><description><![CDATA[
<p>Right, so a filter that sits behind the model and blocks certain undesirable responses. Which you have to assume is something the creators already have, but products built on top of it would want the knobs turned differently. Fair enough.<p>I'm personally somewhat surprised that things like system prompts get through, as that's literally a known string, not a vague "such and such are taboo concepts". I also don't see much harm in it, but given _that_ you want to block it, do you really need a whole other network for that?<p>FWIW by "input" I was referring to what the other commenter mentioned: it's almost certainly explicitly present in the training set. Maybe that's why "leetspeak" works -- because that's how the original authors got it past the filters of reddit, forums, etc?<p>If the model can really work out how to make a bomb from first principles, then they're way more capable than I thought. And, come to think of it, probably also clever enough to encode the message so that it gets through...</p>
]]></description><pubDate>Sat, 26 Apr 2025 01:15:07 +0000</pubDate><link>https://news.ycombinator.com/item?id=43800051</link><dc:creator>TerryBenedict</dc:creator><comments>https://news.ycombinator.com/item?id=43800051</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43800051</guid></item><item><title><![CDATA[New comment by TerryBenedict in "The Policy Puppetry Attack: Novel bypass for major LLMs"]]></title><description><![CDATA[
<p>And how exactly does this company's product prevent such heinous attacks? A few extra guardrail prompts that the model creators hadn't thought of?<p>Anyway, how does the AI know how to make a bomb to begin with? Is it really smart enough to synthesize that out of knowledge from physics and chemistry texts? If so, that seems the bigger deal to me. And if not, then why not filter the input?</p>
]]></description><pubDate>Fri, 25 Apr 2025 17:50:58 +0000</pubDate><link>https://news.ycombinator.com/item?id=43796590</link><dc:creator>TerryBenedict</dc:creator><comments>https://news.ycombinator.com/item?id=43796590</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43796590</guid></item></channel></rss>