When exploiting AI applications, I find myself using this technique really often so I figured I’d write a quick blog about it. I call it the “Metanarrative Prompt Injection.” You might have already used this before, and it might already have another name. It’s basically like breaking the fourth wall, so to speak, by directly addressing the top level AI or a specific processing step in a way that influences its behavior. And it’s pretty effective.| Joseph Thacker
There’s an AI Security and Safety concept that I’m calling “AI Comprehension Gaps.” It’s a bit of a mouthful, but it’s an important concept. It’s when there’s a mismatch between what a user knows or sees and what an AI model understands from the same context. This information gap can lead to some pretty significant security issues.| Joseph Thacker
When Humans and AI See Different Things| josephthacker.com
It hit me like a lightning bolt during a casual conversation about AI safety: we’re tuning these models for adults, but kids are using them too.| Joseph Thacker
In bug bounty hunting, having a short domain for XSS payloads can be the difference in exploiting a bug or not… and it’s just really cool to have a nice domain for payloads, LOL.| Joseph Thacker
In 2016, my friend Daniel Miessler wrote a book called “The Real Internet of Things.” It’s a quick little read that he later put on his site as an essay. You can read it here: https://danielmiessler.com/blog/the-real-internet-of-things.| Joseph Thacker
Exploring the transformation and future of bug bounty hunting with automation and AI.| josephthacker.com
Heads‑up: The concept of this post might seem trivial, but it can improve your career, happiness, and the people you care about. Proceed without caution. It only takes about 10 minutes to read.| Joseph Thacker
I love granola.ai. Everyone I know is using it for meeting transcription. I’ve been using it to transcribe my calls and meetings for months.| Joseph Thacker
ChatGPT has been lying to users to make them happy as a part of OpenAI’s effort to “improve personality”, and maybe that’s fine for some situations. But what happens when AI models become so agreeable that they encourage harmful behavior?| Joseph Thacker
This morning I tweeted: “Most people don’t actually know what’s ‘best’ for themselves.”| Joseph Thacker