Mastodawn

Christine Lemmer-Webber Mar 5

I am convinced we are on the verge of the first "AI agent worm". This looks like the closest hint of it, though it isn't it quite itself: an attack on a PR agent that got it to set up to install openclaw with full access on 4k machines https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another

But, the agents installed weren't given instructions to *do* anything yet.

Soon they will be. And when they are, the havoc will be massive. Unlike traditional worms, where you're looking for the typically byte-for-byte identical worm embedded in the system, an agent worm can do different, nondeterministic things on every install, and carry out a global action.

I suspect we're months away from seeing the first agent worm, *if* that. There may already be some happening right now in FOSS projects, undetected.

A GitHub Issue Title Compromised 4,000 Developer Machines

A prompt injection in a GitHub issue triggered a chain reaction that ended with 4,000 developers getting OpenClaw installed without consent. The attack composes well-understood vulnerabilities into something new: one AI tool bootstrapping another.

Christine Lemmer-Webber Mar 5

I wrote a blogpost on this: "The first AI agent worm is months away, if that" https://dustycloud.org/blog/the-first-ai-agent-worm-is-months-away-if-that/

People who are using LLM agents for their coding, review systems, etc will probably be the first ones hit. But once agents start installing agents into other systems, we could be off to the races.

The first AI agent worm is months away, if that -- Dustycloud Brainstorms

Christine Lemmer-Webber Mar 5

Here's another way to put it: if those using AI agents to codegen / review are the *initialization vectors*, we now also have a significant computing public health reason to discourage the use of these tools.

Not that I think it will. But I'm convinced this is how patient zero will happen.

Christine Lemmer-Webber Mar 5

I know some people are thinking "well pulling off this kind of thing, it would have to be controlled with intent of a human actor"

It doesn't have to be.

1. A human could *kick off* such a process, and then it runs away from them.
2. It wouldn't even require a specific prompt to kick off a worm. There's enough scifi out there for this to be something any one of the barely-monitored openclaw agents could determine it should do.

Whether it's kicked off by a human explicitly or a stray agent, it doesn't require "intentionality". Biological viruses don't have interiority / intentionality, and yet are major threats that reproduce and adapt.

@cwebber so I'm following this right, it sounds like the project or its maintainers don't even necessarily need to even be using LLM tools, the attack pattern simply targets contributors who are using LLM development tools? and so all that is really needed is for the payload to be subtle and the maintainer to be sufficiently overwhelmed (say, by an endless fire hose of LLM-generated liquid shit slop pull requests)?

Christine Lemmer-Webber Mar 5

@aeva Yes and it's worse than that: the maintainer doesn't even need to be running these tools on their computer. The attack I linked had Claude's independently-running REVIEW BOT on GitHub commit it via injection attack

Christine Lemmer-Webber

@aeva But once that was done, the agent was set up to install on users' devices

So the initial attack vector can literally be "Any AI agent in your stack whatsoever getting tricked" as a pathway for infecting computers everywhere

@cwebber apropos of nothing, is pottery still a big deal for humans? i was thinking this morning that pottery might be a nice career change for me.

Korma Chameleon Mar 5

@aeva @cwebber I'm a stokie so my default answer is yes. But the answer might be different for normal people

@KormaChameleon @cwebber stokie as in the demonym for someone from Stoke-on-Trent, which, as I just learned from Wikipedia, has had a totally baller pottery scene since the 17th century?

Korma Chameleon Mar 5

@aeva @cwebber I got pushback for buying Denby, that's less than 100km away but it isn't the homeland

@aeva @cwebber Not really, it's been mass-industrialized so at this point outside of Etsy stuff you can largely forget it.

And no one's going to use very expensive handmade pottery, it's going to be a display piece.

@lispi314 @cwebber ah :( ok what about wheat. is wheat still a big deal?

@aeva @cwebber Also mass industrialized but yes, food remains necessary.

Starting a farm sustainable economically depends a lot on local land & climate.

@lispi314 @cwebber gotcha. that might be promising. are there wheat jobs that can be done while sitting down in a chair

@aeva @cwebber Depends on your standards there.

Tractors are pretty common tooling

But they need maintenance which isn't just sitting activity.

bituur esztreym Mar 5

@aeva sure all you have to do is to get all the machines in the fields in IoT and control them making the job with an AI agent-.. #ohwait..
@lispi314 @cwebber

@bituur_esztreym @lispi314 @cwebber this town's finished.

bituur esztreym Mar 5

@aeva town? i thought the planet was a village..
@lispi314 @cwebber

@bituur_esztreym @lispi314 @cwebber it's a reference https://www.youtube.com/watch?v=F9OmTnuLzeQ

This towns finished

YouTube

bituur esztreym Mar 5

@aeva @lispi314 @cwebber oh thanks. didn't know it. could have guessed..
my only consolation is my answer was, too.. obvious one `w;7[)

@lispi314 @aeva @cwebber
Joel Salatin thinks raising healthy chickens for eggs to sell can work just about anywhere near a big town or larger population.. _Pastured Poultry Profits_ .. you might be able to design their shelters, coops or whatever so that you can remain seated most of the time.. I read the being seated a lot isn't healthy though..

@bsmall2 @aeva @cwebber For those who decide to do this, please pay attention to health & sanitation practices.

(Improvising it without care has been a problem in various places & cases.)

@lispi314 @bsmall2 @cwebber i have it on good authority that~~unlike wheat~~farm animals smell really bad

@aeva @bsmall2 @cwebber Yeah, outside of particular fertilizers being used (I have lived in the boonies), wheat has a generally inoffensive or mildly pleasant smell.

@lispi314 @bsmall2 @cwebber maybe that could be my angle. "poop-free wheat"

@aeva @bsmall2 @cwebber From what I understand on an intellectual basis the root of the issue is that they refused to let it compost for long enough in the right conditions for it to fully complete and not have that issue.

It was probably within whatever norms have been established as "safe" but that didn't exactly make it pleasant for anyone living downwind that particular day.

Kirtai 🏳️‍⚧️Mar 5

@aeva @lispi314 @cwebber
"No Shit Wheat!"

@aeva @lispi314 @cwebber
And teaching programming like the abacus and math will probably always be rewarding.. host events to bake poop-free wheat bread together with subscribed customers and get the kids to enjoy thinking with decent programming languages..

The wheat stalks and be mowed down to help with a watermelon crop too.. AgroEcolgy and Programming education, well-rounded self employment !?!?!??

@aeva @lispi314 @cwebber
The chickens don't smell bad pastured... I have 20 or so in my yard and the smell doesn't seem to bother anyone.. if I keep up with the grass cuttings and different sorts of mulch I don't notice a smell either... if you design you shelters large, airy and mulched enough not to be animal Slums they smell nice and are warm and friendly, some even ate good at eye contact

@bsmall2 @lispi314 @cwebber I'm not accepting ableist remarks or unsolicited medical advice from strangers on the internet at this time.

@aeva @lispi314 @cwebber sorry!! I'll try to avoid offensive posts.. an article comparing Jamaican (!?!) Farmers with US (?) Office workers surprised me a few years ago and it flashed through my mind... an unusual herniated disk thing has me avoiding being seated for very long and that preoccupation slipped through!

@lispi314 As a counterpoint, I was in a vicious "I have all these plants, I should buy nice planters to put them in" to "I have all these nice planters, I should buy plants to put in them" infinite loop for years. Etsy in particular was quite the enabler.

@aeva @cwebber

@aaron @aeva @cwebber Oh right, I keep thinking of cookware/dishware but planters are a use-case indeed.

@aaron @lispi314 @cwebber ooo I could have a lot of fun with that :O

@aeva I'm a huge fan of ceramics, in general, as an art form. Side effect of being the neurodivergent son of an archaeologist.

If you start making pieces, please give me a chirp!

@aaron I'm probably going to pick up some supplies and experiment. I doubt I'll be selling anything anytime soon, but I'll post progress photos. I haven't worked with ceramics since '09 but I was alright at it back then.

@aaron this is the only ceramic piece i still have from back then. not necessarily representative of what I'm likely to make now, but i like it

@aaron all of my sculpture since then has been 3D printed stuff. you can see an assortment in this old intro post https://mastodon.gamedev.place/@aeva/109307134622156004

aeva (@[email protected])

Attached: 3 images Hi everyone! I've been here forever, but there's a lot of new faces here and I merged another account with this one, so I thought I'd do a little re- #introduction thread. I've been working in the games industry as a console graphics programmer for about 6 years, I lead a smol team at a local outsourcing studio, and I helped ship Gears 5 and Gears Tactics. I'm mostly not going to talk about *any* of that, and instead I mostly post about stuff like this:

Gamedev Mastodon

@aeva This is deeply cool!

@aaron ty :D

DNA schedule Mar 6

@aeva @cwebber one of my friends sister is a professional potter. Her business is booming, and she does specialize in pieces for people to actually use, custom kitchen stuff mostly. I can try and arrange an into if you would like to talk to somebody who made it work.