logoalt Hacker News

LoganDarktoday at 8:10 AM3 repliesview on HN

Since you cannot fix information leakage from LLMs, you must remove the information so that it cannot be leaked. There is no contradiction there.


Replies

darkvertextoday at 3:39 PM

Exactly. The system should run in a forcibly limited scope of the current repo only or add permissions for scope to include other org/user repos.

It can't leak a private repo if it can't open it to begin with.

valleyertoday at 8:50 AM

Right, that's the fix. So saying that it's not fixable is incorrect.

show 4 replies
rileymat2today at 9:03 AM

There is a major contradiction depending on the definition of “support staff” and the role of the llm in the system which may need access to sensitive data or systems to perform its functions.