alt Hacker NewsThe jqwik trick wouldn't work in practice because modern LLMs aren't that stupid, which makes the whole thing pointlessly performative.
If someone else tried to do the same thing again with a more popular/widely-used software, a) the software would just get pulled as a supply-chain risk and b) the developer would likely be blacklisted. Again, accomplishing nothing.
It wouldn't work (as the author acknowledged) but the software would get pulled as a supply-chain risk and the developer blacklisted, ok.
What I would support anyhow is less destructive "attacks" using prompts more likely to work (modern LLMs still are a bit stupid, prompt injection doesn't seem to have been solved).