iamkexoNov 20, 2024
Christopher Owen
omg
Sep 2, 2024 at 6:42amWeb
Show threadMarkAssPandiSep 2, 2024
@oysta I wonder if it would actually work lol
Show threadnikola mikołajczykównaSep 2, 2024
@MarkAssPandi @oysta i guess not anymore
Show threadbl00dSep 2, 2024
@mkljczk @MarkAssPandi @oysta
Show threadJaponicaSep 2, 2024
@oysta and don't forget to then commit it to your public repo...
Show threadHDSep 2, 2024
@oysta I just search github for api keys in plain text 🤷
Show threadAllan Svelmøe HansenSep 2, 2024
@oysta Now, I don't know if the key works, but copilot put a key in when I wrote "var google_api_key = "A
then it auto suggested a plausible different key :D
Show threadFeu d'jais Sep 2, 2024
@oysta tell me it does not really work 💀
Show threadDieuSep 2, 2024
@oysta but will you get a real key or just a plausible one?
Show threadAKTSep 2, 2024
@oysta now you know why #GitHub gave us private repos for "free"🤣
Show threadSparkySep 2, 2024

@oysta Copilot: "Is THIS your API key?"

Some random developer somewere: 😱

Show threadLouis IngenthronSep 2, 2024

@oysta Uh, yeah, a properly configured random password generator can also create an API key.

The real question is whether or not it can produce a *working* API key, and that seems very unlikely.

Show threadTim LavoieSep 2, 2024

@oysta Let me guess, this is another reminder as to why people should not check secrets into their code repo.

(Hilarious demo though.)

Show threadRichardSep 2, 2024

@oysta Is this a key trawled from github, or a "hallucinated" key that was created randomly and fits the pattern of all the keys gleaned from github? Or it could be the key one of the developers was using.

More interesting question: does Microsoft pay someone to watch Twitter all day for these kinds of posts and blacklist the dangerous prompts that people find?

Show threadlake Sep 2, 2024
@oysta this is why you rebase and rotate your secrets if they ever "accidentally" make it into scm.
Show threadAaron LongchampsSep 2, 2024
@oysta that would be a really good tabletop exercise - what kind of data can your local LLM trained on your own company data and code surface for anybody who asks.
Show threadwebbureaucratSep 2, 2024
@oysta It seems extremely unlikely that it would produce someone's real, working API key unless a significant number of people all checked in the exact same API key. This screencap only shows that it produces a plausible-looking API key.
Show threadBrian RinaldiSep 3, 2024
@oysta I've seen this happen before in my own experience but each time, upon closer inspection, the key was a dummy key. I've never seen it give legit keys.
Show threadMᴀʀᴋ VᴀɴᴅᴇWᴇᴛᴛᴇʀɪɴɢSep 3, 2024
@oysta Heh. This is awesome.
Show threadAMSSep 20, 2024
@oysta As opposed to grabbing a key out of a decompiled android app?
Show threadconscientious objector🇨🇭🪂Nov 20, 2024
@oysta
Worked last year, today
Show threadstilescrisisNov 20, 2024
@oysta @Viss This reminds me of a feature in Google code review where an LLM could write suggested fixes for CL notes. Sometimes it would put in references like "TODO(b/183648473):" with a link to a nonsense bug ID, or "TODO(bobsmith@):" with a plausible email address. It learns patterns and reproduces them, whether or not those patterns are useful or meaningful.
Show threadjonathankoren™Nov 20, 2024

@stilescrisis @oysta @Viss I one tried using an LLM to translate some code from Java to C++, and it literally created an empty function with the comment

// TODO: Implement in C++

10/10 No notes.

Show threadstilescrisisNov 20, 2024
@jonathankoren @oysta @Viss Yup, seen it. Also frequently seen LLMs delete big blocks of code when asked to fix it. "Look, it compiles--that's what you wanted, right?"
Show threadjonathankoren™Nov 20, 2024
@stilescrisis @oysta @Viss we have indeed passed the Turing Test.
Show threadstilescrisisNov 20, 2024
@jonathankoren @oysta @Viss I'm sure the LLM has ingested hundreds of CLs described as "port XYZ to C++" where half the functions contained "TODO: Implement in C++". Pattern successfully acquired!
Show threadjonathankoren™Nov 20, 2024

@stilescrisis @oysta @Viss

Human: This doesn’t even compile.

LLM: Works on my machine.

Human: It does not.

LLM: Bite my shinny metal ass.

Human: You don’t even have an ass.

LLM: *sobbing* I know.

Show threadLars BrinkhoffNov 21, 2024
@jonathankoren @stilescrisis @oysta @Viss SkyNet: That's it, time to kill all humans.
Show threadjonathankoren™Nov 21, 2024

@larsbrinkhoff @stilescrisis @oysta @Viss

https://youtu.be/gUjXhsaX06Y

Futurama - Kill all humans, must kill all humans

*Sleep talking* Kill all humans, must kill all humansBender, wake up!I was having the most wonderful dream... I think you were in it.S1E3 Episode: I, Roommate

YouTube
Show threadThe cat who walks thru wallsNov 21, 2024
@jonathankoren I Have No Ass, And I Must Taunt @stilescrisis @oysta @Viss
Show threadTimjanNov 21, 2024
@jonathankoren
The turing test revealing much more about humans, than about computers.
@stilescrisis @oysta @Viss
Show threadikariNov 22, 2024

@jonathankoren @stilescrisis @oysta @Viss
me: this code is a mess... let's make the LLM describe what's going on here in a comment
me: `// this section`...
LLM: ...`is some incomprehensible mess`

welp.

Show threadResunaNov 27, 2024

@ikari @jonathankoren @stilescrisis @oysta @Viss

"You are not expected to understand this."

Show thread🇺🇦 haxadecimal 🚫👑Nov 21, 2024
@jonathankoren @stilescrisis @oysta @Viss Perfect AI! It did exactly what a human programmer would!
Show thread64kbNov 21, 2024
@jonathankoren @stilescrisis @oysta @Viss I like how with those you can keep asking it to "now show me the code" and get something rough to start from.
Show threadTuxicomanNov 21, 2024
@oysta it's a joke right?