Explore
Home
Shorts
We Keep Falling For This...
145,535 views
5,914 likes
Show more
397 Commments
@@LowLevelTV
Go try Flare and stay ahead of cyber threats @ https://go.lowlevel.tv/flare-io-august . Thanks again for sponsoring todays video!
@@sentientflesh
I've been thinking a lot lately about how LLM hacking is much more akin to social engineering than traditional exploits, and I don't think that pattern will change much
these vulnerabilities will only become more prevalent as AI gets more abstracted away from the user, which is happening fast. the frustrating part to me is that any other runtime you can explicitly set configurations to ensure a vulnerability can't happen, whereas with LLMs it's more like coercing the model into behaving, just as the main attack vectors are coercing it into misbehaving
@@sentientflesh
"you should be using a sandbox" is straight up gaslighting from Google
the gemini-cli docs barely even touch on sandboxing, there's not even a link to it from the main docs page, you have to search through the docs directory to find anything on sandbox mode and even those docs aren't great
@@publicspace234
Cursor is way easier
@@raymorgan6163
"You need to be constantly evaluating the code that AI emits"
For me this wraps it up perfectly.
You should never ever be deploying code you can't understand, in much the same way you should never be copy-pasting code from StackOverflow you don't understand or running scripts from the internet you don't understand.
I think I had the advantage of learning this early when I was using ChatGPT to fix issues on a Magento 2 deployment I was working on and it's suggestion was to change permissions of a certain folder to 777.
Sure, it would get the site working again - but at huge security costs.
But to be fair to ChatGPT at the time, I didn't mention security as a concern.
@@publicspace234
Gemini has been having tons of freakouts
@@axlebucamp5151
as a statistician and an AI enjoyer i love to toy with it haha, after all it s realy human bias. i love nomic AI for embedding visualization, it help understand how the AI understand each word, sentence, topic and connect them together
@@dankkush5678
Cool video, but couldn't help to look at that ED advertisement heh
@@MooseMousseMoose
"AI is ok if used correctly"
Very much the same bad logic as
"C is a perfectly safe language if you use it right"
We don't.
And we are not even trying.
And it is unlikely we will ever try
So AI is not ok if we only think about its ourput
But it is wasting energy and water in the middle of a climate crisis
And it is based on stolen data
So AI is not only bad to use
It is unethical to use
@@grgrsm
i dont get who and how injecting the prompts?
why would you let it read some random md file?
the hack is stupid and has no real world case other than proving it's possible theoretically or testing how much google cares... whatever.
@@torarinvik4920
I love Github Copilot agent mode with GPT-5. "Im" writing a compiler as we speak with it. Already 4000k lines and growing. What is extremely important is to have and help it create strict specifications and requirements, docs and so on have ask it to follow these. Things like unit tests and property tests are important too. I also keep a diary file where it notes things that works, doesn't work, insights and surprises it gathers along the way. That being said I don't recommend using it for anything like games or software that requires a lot of IO. It can't properly test programs like that yet. Probably will take 2+ years for it to be able to do that. For those who are skeptical to LLMs you can still use it to identify flaws in your code and write all the code yourself.
@@cls4469
Epic fail by Unicode committee to not have "whitespace" code point set already defined!
Whitespace also means any codepoint that doesn't show, like nbsp, left right, up down, etc. no ink, on that list.
@@J_Gil.86
how unforseen, cutting edge, untested and buggy code has exploits.
@@MANTISxBTheSeconding
If someone wants to pay me proper, sure, I will do it all by hand.
Want to be stingy and not pay me or the team im with but a pittance? AI all the way baybeeee. Just a few god prompts to remove the comments, and run it in a test, wait a few days and send.
Been a lifesaver ngl.
@@ah11980
vibe coding is for posers. i hate when someone comes up and claims they programmed something when all they did is copy paste code from gemini or stack overflow
@@simongreen9862
As a good baddie once said to Clint Eastwood: "Who's 'we,' sucker?"
@@phlogistanjones2722
"White Listing is superior to Black Listing"..... Ut OH! Thas rasis! :)
Shirley no one would "cancel" a security researcher for such choice of verbiage ....... HAH!
@@bsmacutevision
gemini cli could not even make a hello world mod for EU4
@@amberszand
This is what passes for a vulnerability, now? A semicolon in a direct grep statement to an LLM?
Your gonna blame the LLM?
How fing brainless...?
@@brymstoner
job creation at it's finest. i've been coding for 30 years and i've never written code as inherently insecure as what all of the current ai coding tools do. if you're not running audits and analysis on the code they produce, you're asking to be hacked.
@@greatday19
What's the best way to create program sandboxing?
@@IT10T
Oh no hes turned into john hammond
@@johnsmith-ro2tw
i tried gemini cli. i asked it a question. it then "thought" for a couple of minutes, and the output was 2 files from my codebase, which it streamed in the terminal, and that's all. FTW!
Is it all that it can do ? copy paste 2 files in the terminal ? When i test whether it works or not by asking "hello how are you?", it responds. wow. We may be a long way away from that super intelligence thing we're told about constantly.
@@Alexagrigorieff
Next: AI generates code with pwns your box when you test run it.
@@infertilepiggy5667
lol 'we' keep falling for this
who tf this 'we'
i dont use that slop
@@ytubeanon
Agent Zero (frdel) runs in a Docker container, so that it won't affect Windows files, a kind of sandbox
@@WeeklyHow
ED treatment for only 18 bucks? That's a steal! 😆
@@lxraisaxl
Hello. Could you please make a video on what to look for in a laptop for medium and advance Programming in 2025 ?
@@Nadi_Games
« You need to be constantly evaluating the code that AI emits ». This sentence should be repeated over and over ... and over.
Ai is actualy what it is : a tool, not a magic wand. You won't create a full application just like that, with a snap of fingers. If you're not able to evaluate the generated code, leave the AI alone, and learn to code first. Very very wise advice 😉 And never underestimate the potential foolishness of a model. It can be really dumb 🤪
@@KabooM1067
i cannot wait for this bubble to pop when all the AI slop needs ACTUAL engineers to dissect it and understand whats going on because it became too complex for AI to keep track of what it created.
Experienced engineers who truly know their craft and have not let it dull and kept honing it during this AI hype will be well rewarded in a few years.
@@brandocaswell
Love the video bro, definitely sticking around for more. I'm new to coding and my knowledge is severely limited, but I found your explanations super easy to understand
@@brandocaswell
I've had Gemini CLI make plenty of mistakes. Used it to fix my backend structure a few times and it butchered everything. Took awhile to fix
@@PostNoteIt
I need to enlist AI agents as on-call staff, pager-duty for real, for real.
@@KillsAll.
Is crypto currency safe from A.I.??
@@nomore6167
AI code generation is horrible, full stop. If you know how to code, then you don't need AI. You know that you cannot trust AI because it "hallucinates", so if you do use AI-generated code, then you need to inspect every line to make sure it is valid and correct. With that in mind, it would most likely be quicker to write the code yourself. If you DON'T know how to code or don't understand what you're coding, then AI will only make things worse because you won't know if the code is valid and correct.
@@nara_visuals
endless security research
@@funnytastingmilk
Do not use AI. Five minutes of AI prompting uses as much energy as driving 10 miles. (Not real but should be the vibe)
@@TheJunky228
Print out all code first, then run it all through an ocr program which then becomes the prompt. That way invisible characters are disappeared
@@parnellitube
Thumbs up for the Men's Warehouse slogan at the end.
@@javierolazaran7227
AI agents are the most phishable employees ever.
@@Josh-ks7co
The real question is AI code better than the code that would exist otherwise. A bulk of companies are built off of spit and bubblegum. They were never going to invest in running it properly.
@@alexCoby4222
I love AI to learn. Thx to AI I can learn a language x20 faster than I would by googling multiple pages. For coding it is very situational.. i dont like using AI for it simply because I am more accustomed to certain styles and principles and understanding the code thoroughly (at least the flow and logic) is crucial when debugging. Ironically I had to debug a set of modules (from pieces provided by multiple AI requests) it was so convoluted because of the different styles it was just a nightmare
@@theminecraft4202
the problem with AI is rarely the AI, it's the people using it
@@zzzzzzz8473
i mean .... this is as much of a "vulnerability" as the danger of running a .bat file without reading it first... like this assumes you already received a malicious gemini dot md somehow and didnt read it ? but your also running a cli code llm ? this is a big stretch
@@scheimong
If Google made a car that killed people in minor crashes, I imagine they'd say something like "oh you should know to put in an ejection seat".
@@kran27_
yeah i like using ai to assist my coding when im trying to get something that just works. if i want actual good code* i write it myself.
*quality of my code is not guaranteed to be good either
@@Imperial_Squid
0:46 prefacing this with I 100% agree that tools are tools, their usage is what determines their worth, not the tool in itself. THAT SAID, if a tool produces 80% slop and 20% quality we do need to consider whether it's useful to be supportive of that tool, whether or not ideal circumstances mean it would produce 100% quality and people would be careful and etc etc.
@@N0FPV
Minor point, allow/deny list is more clear than white/black list
@@nikirazorkami
How is this different from having a malicious code in a build script? For this to actually work you need to download a 3rd party malicious repo and run code from it without bothering to read it first.