BeyondMachines 
The naked truth of #cybersecurity
Leo Bistmans@beyondmachines1 only 30 years ago the concept of firewalls was introduced.
The saying back then it was a temporally complexity needed until the software would be fixed.
Andreas K@LeoBistmans @beyondmachines1
That was a good one.
Considering that, we know from theoretical computer science that we cannot even prove whether an algorithm will terminate or not.
So how exactly are we supposed to make sure that software is “bullet-proof” against attacks? Especially as what was benign yesterday can be considered an attack tomorrow.
@LeoBistmans @beyondmachines1 And then there is OWASP LLM. LLM01 reads perfect.
Prompt injection might make you think SQL injection.
But the story is way sadder: they basically admit that presently they do not expect that this will ever be fully solvable, as LLMs fundamentally cannot recognize code/data as different things; thus, there is no solution like “quote your data correctly, problem solved.”
I'm more optimistic as there are ways to make LLMs learn code/data distinction, but still.