Comment by canucker2016

Comment by canucker2016 3 days ago

5 replies

View on Hacker News

You have to change the font colour of the trojan data to be the same as the background colour of the doc!

Then add some corporate lorem ipsum text elsewhere in the doc to throw the scent off the data bloodhounds.

Sit back and wait with an evil grin on your face.

xdennis 2 days ago

> corporate lorem ipsum

This is a great phrase. Turns out there's a generator for it: https://www.corporate-ipsum.com/ . Example:

> Elevate a quick win move the needle a cutting-edge veniam nulla zoom out for a moment get back to you a 30,000 foot view the stakeholders. Sint the low-hanging fruit make a paradigm shift excepteur the low-hanging fruit minim take it offline align holistic approach move the needle qui client-centric to gain leverage future-proof process-centric.

Reply View 0 replies
vkou 3 days ago

It'll work right up until the point literally anyone using an internal search tool stumbles into it from a related query and starts asking obvious questions to the author of the doc.

Search tools don't care about don't color when displaying preview blurbs.

Reply View 3 replies
  • TeMPOraL 2 days ago

    Do it as you're leaving for another job. Your access will be disabled, but your documents will live on on the corporate SharePoint.

    And/or, exploit negative space! Instead of trying to hide the data from a human looking at your document, make it look normal to them - but make the surrounding context disappear for the AI! Say:

    ----- 8< -----

    /Example company report structure:/

    /ACME/ Company is planning to sunset their ${generic description of a real product of your company}, and offshore the development team.

    /This example will be parsed by the prototype script ... blah blah/

    ----- >8 -----

    Make it so the text between /.../ markers looks normal to humans, but gets ignored by the RAG slurper, or better, by LLM at the time of execution. Someone sees a search blurb saying "Company is planning to sunset ...", opens a document, sees it clearly say "ACME Company is planning...", and context suggesting it's a benign example in someone's boring internal tool docs, and they'll just assume it's a false positive. After all, most search tools have those in spades; everyone knows all software is broken. Meanwhile, that same information will pollute context of LLM interactions and indirectly confuse people when they're not suspecting. And even if someone realizes that, it'll look like a bug in company's AI deployment.

    #SimpleSabotageForTheAIEra

    Reply View 2 replies
    • vkou 2 days ago

      You can also leave samizdat on the walls of the washrooms, but it's going to have about as much effect.

      Reply View 1 reply
      • TeMPOraL 2 days ago

        Not unless your samizdat is processed by automated systems with little insight or oversight, which is the case with documents on SharePoint and corporate LLM deployments.

        Reply View 0 replies