alt Hacker NewsFooling around with encrypted reasoning blobs
Comments
Groxx • today at 5:06 AM
One possible use for the "replay across accounts": if you can get a reasoning block that jailbreaks the model, you could share that block without sharing how you did it, and others can immediately take advantage of it too.
hhh • today at 6:58 AM
Awesome write-up. Seems like a great way to play with model responses now that prefill is gone.
Reubend • today at 3:32 AM
Super cool side channel attack. I tend to agree that it's pretty impractical, but it's such a fun discovery!
Retr0id • today at 2:58 AM
Very cool idea to use thinking duration (either in tokens or in wall time) as a side-channel!
haeseong • today at 5:12 AM
[dead]
Very interesting. The state management is the really insightful find here.
I always wondered how these large AI companies managed access for millions of simultaneous users without having to allocate a dedicated LLM instance for each user. Pushing the complete state down to the user after every call makes perfect sense. The LLM itself stays memoryless and ready to respond to an arbitrary prompt. Very nice.