Soatok DreamseekerJun 23

Horrible idea: Use AI slop to devalue platforms directly instead of trying to extract revenue.

Play a game of Cards Against Humanity. Feed the winning combinations into the AI slop machines with the preamble: "Turn this into a cringey LinkedIn post." Flood LinkedIn and Meta properties with the output.

Accelerate model collapse.

Make corporate social media unusable.

Keep this crap far away from Fedi.

QuincyOtterJun 23
Show threadSoatok Dreamseeker

Write open source software on a throwaway GitHub, permissively licensed, that purports to solve a problem that AI / blockchain grifters would find useful.

Fill your code with functions that search your local filesystem for cryptocurrency private keys, then post them on social media in plaintext.

If the AI slop machines serve similar code to the end user, that's not your problem. You didn't tell them to use it.

Jun 23 at 8:51amWeb
Show threadalina arielle amelie🏳️‍⚧️🐾Jun 23
@soatok pretty sure this is called malware but i'm so here for it
Show threadSoatok DreamseekerJun 23

@alina It's not malware it's "convenient crypto automation for monetizing AI videos and images".

;3 ;3 ;3

Show threadseachaintJun 23

@soatok @alina It's not malware, we wrote it for the user to use voluntarily.

Then some arse stole it and pasted into other people's codebases, but what can you do, yunno?

Show threadm.c. C-27733 [lily]   Jun 23
@alina @soatok github is mainly malware anyway
Show threadWhyrlJun 23
@soatok OSS that purports to optimise high-frequency trading, but instead makes donations to nonprofit animal sanctuaries.
Show threadTursiaeJun 23
@whyrl @soatok high-frequency trading project that's actually just about writing software for transoceanic DX messaging
Show threadKay OhtieJun 23
@whyrl @soatok I think it would be much more apt for it to make them to non-profit groups that hope local queer disenfranchised kids, or local queer kids in general, but same general idea.
Show threadRobots can be gay deal with itJun 23
@soatok So "LLM token optimization and performance tweaks for etherium blockchain projects" should flood the blockchain with thousands of bespoke boykisser NFTs until the host account is dry?
Show threadAvery (She/Her)Jun 23
@soatok in terms of enacting financial harm to random people basically indiscriminately i'm pretty sure that this is morally bad but seeing as i already want to cause harm to people who pull in dependancies without properly looking into them i dont really give a fuck
Show threadZuthalJun 23
@shitpostalotl @soatok yeah but it's only targeting crypto users so is there really that much harm here?
Show threadAvery (She/Her)Jun 23
@zuthal @soatok in terms of "harm", you are literally harming someone by allowing arbitrary 3rd parties to steal their assets. i assume you are attempting to say that this harm doesn't carry moral weight, in which case that's between you and whatever informs your personal philosophy.
Show threadbastard pup from hell  Jun 23
@zuthal @shitpostalotl @soatok some people (hi!) use it for legitimate things as it's basically the only way to send & receive money online without doxxing yourself. and it's not uncommon for trans folks (again, hi!) to use crypto to receive donations for that exact reason, we can't fuck around with paypal or w/e when it makes it trivial for kiwifarms types to get our personal details (or just shut it down by typing "porn" into the payment notes) - and the billionaire CEOs running the payment processors are very fucking clear about wanting us dead, so...
Show threadA Flock of BeaglesJun 23

@soatok

i'm gonna post UUencoded .BMP images of Rick Astley

Show threadJeff MartinJun 23
@soatok diabolical! AI coders as supply chain attack surface. 
Show threadDavid Chisnall (*Now with 50% more sarcasm!*)Jun 23
@cuchaz @soatok There are existing proposed attacks that do that. For example, registering Python packages that have names that popular LLMs routinely hallucinate. The next step from there is to flood the web with references to your malicious package so LLMs favour it.
Show threadDrikanisJun 23
@david_chisnall @cuchaz @soatok Yeah it's called "slopsquatting" and is my most recent concern as someone responsible for supply-chain security at my company.
Show threadDevourerJun 23

@soatok genuinely wish more subreddits about programs and apps would force people to disclose vibe coding

I'm in the MacApps subreddit and a guy vibe coded a financial app
Where you put your banking credentials

Show threadMudlarkJun 23
@soatok the first time I heard the term slopsquatting (great word) was in the comments to an arstechnica article about this problem https://arstechnica.com/security/2025/04/ai-generated-code-could-be-a-disaster-for-the-software-supply-chain-heres-why/
AI-generated code could be a disaster for the software supply chain. Here’s why.

LLM-produced code could make us much more vulnerable to supply-chain attacks.

Ars Technica
Show threadnLupo  Jun 25
@soatok That looks like the Ken Thompson's hack but real.
Show threadSteph  Jun 25
@soatok I was thinking something similar a few days ago. What would happen if you flooded GitHub with trivial programs with naming or comments that imply it's doing something different. Like a "shortest path" function, but it's actually just fizzbuzz. How long until AI slop would just think that every problem is fizzbuzz and just offer some variation of fizzbuzz for every prompt?
Show threadtichoJun 25
@PurpleStephyr @soatok Wow, this tempted me for a few seconds to actually create a Microsoft Github account and do some of the described shenanigans. :)