Quote:
Originally Posted by Fuzz
https://www.theregister.com/2025/04/..._supply_chain/
AI is just way too easy to poison. You put the fake stuff out there, and it doesn't validate anything it gathers. Inexperienced coders happily assemble their product, unaware the dependency they used could be poisoning their databases, harvesting user info, installing any type of malware, and anything else you could dream up.
|
Ran into this last week - but it wasn't poisoning of the dataset.
Was using a powershell api to powerbi, and wanted to see if there was a method to remove a power bi dataset.
The api is of the form:
<verb>-PowerBi<object>
So, like remove-PowerBiReport, or get-PowerBiDataset
I wanted to see if there was a remove-PowerBiDataset method. Doing a google search, the google api reported the following:
Unfortunately, there actually is no remove-PowerBIDataset method in the powershell api. AI inferred it should exist, what it should look like, and what parameters should be used! This wasn't because someone poisoned the dataset, but because the method naming scheme makes it easy for AI to figure out what a likely (non-existent) method should be called.