Thread | Brutkey

@david_chisnall@infosec.exchange @Mer__edith@mastodon.world It seems to me that turning ad filed web pages "into an API" is one of the killer apps of AI. Many sites go to such lengths to obfuscate the information you really need, so extracting that information as a human is time consuming. Having a machine to do this, collate the information and present it to me in an usable format seems great.

Sure, they may start putting in hidden directives in the html, but there have to be solutions. Rending to an image then OCR'ing the image would seem an obvious solution, but there should be better ones.

Bradley
@bradley@techhub.social

@DavyJones@c.im @david_chisnall@infosec.exchange seems to me they'll end up putting "ads" in the AI and they'll be much harder to spot

David Chisnall (*Now with 50% more sarcasm!*)
@david_chisnall@infosec.exchange

@bradley@techhub.social @DavyJones@c.im

We have decades of research that tells us that machine learning techniques tend not to do well with adaptive adversaries because the adversary can adjust their behaviour faster than the model can adapt. There's a huge body of anomaly detection research that worked really well, right up until a red team got involved and did something slightly different.

This is even more true for things like LLMs, where a huge amount of their behaviour is baked during a slow (and very expensive) training step. People aren't going to retrain LLMs every time a new kind of ad bypasses some filter and does prompt injection, they'll add more rule-based filters and they'll tweak the prompt to try to block it, which means the attacker will find it easy to bypass.

Cory Doctorow
@pluralistic@mamot.fr

@david_chisnall@infosec.exchange @bradley@techhub.social @DavyJones@c.im

I first wrote about this 20+ years ago:

https://people.well.com/user/doctorow/metacrap.htm

I can't believe I have to restate it in the context of AI:

https://pluralistic.net/2025/08/02/inventing-the-pedestrian/#three-apis-in-a-trenchcoat

Cogito ergo mecagoendios
@elrohir@mastodon.gal

@pluralistic@mamot.fr @david_chisnall@infosec.exchange @bradley@techhub.social @DavyJones@c.im a veteran tech researcher I worked with told me this same thing happened when computer optimization started getting big. People used to say "see you will be able to write any problem as a cost function with a set of constraints and all jobs will be replaced with numerical algorithms". And I saw it myself being said about P2P networks in my era. Turns out peoples' interactions in society require social explanations and social interventions.

Cory Doctorow
@pluralistic@mamot.fr

@elrohir@mastodon.gal @david_chisnall@infosec.exchange @bradley@techhub.social @DavyJones@c.im

@rodneyabrooks@mastodon.social also wrote about this, 37 years ago, in the context of AI:

https://rodneybrooks.com/ai-great-expectations/