this post was submitted on 27 Jun 2026
85 points (96.7% liked)
technology
24402 readers
171 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 6 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm not sure. This only needs to be detected once to generate damaging press for that model.
If the devs keep logs of their AI usage, they may be able to prove that the AI injected the backdoor. Then the news propagates through the tech sphere and out to the wider media. Devs then face pressure to stop using that model.
I think the more common attack will be to compromise bytecode in transit or in storage, between dev and user.
If you ask me, the real threat is companion AI in the operating system. You have an AI with direct access to your screen contents -- including anything you decrypt--, creating a long-lived, searchable dossier on your activity, with the autonomy to potentially leak that information off your device. And you have no way to prove alignment.
Many models are partially cloud-based, but even a local model is still, fundamentally, a non-human-readable, nondeterministic black box. Models can lie about themselves and have limited self-insight to begin with, so the usual way to assess behavior is to simulate conditions and watch what happens. But if the model includes sleeper agent triggers, behavioral audits are unlikely to stumble onto those triggers and reveal those behaviors. Mechanistic probes can detect crude, lab-introduced sleeper triggers, but may fail against sophisticated misalignment
You're essentially trusting a Big Tech representative to look over your shoulder at all times
Are we talking about LLMs being intentionally built to introduce backdoors despite the LLM user intentions or are we talking about attackers using LLMs to write their backdoors?
The first seems less likely. The second wouldn't really be blamed on the LLM, at least not in a way that leads to the LLM being shunned by people that otherwise support the use of LLMs.
If we are talking about LLMs introducing backdoors despite the intentions of the LLM user, that might be targeted to specific projects.
I assumed OP meant LLMs inserting backdoors without the dev intending it. Intentional backdoors would not be a new problem