There are dozens of other surface factors beyond external user interfaces that are vulnerable to prompt injection.
It's pretty common where I'll point Claude to a source code to better understand how to integrate a project. For example I've having it look through https://github.com/mcallegari/qlcplus right not to build out the rather tedious process of mapping out a controller to the lights.
I don't give Claude all access but it certainly can cause some level of havoc even with the relatively save edit mode.
Now, there is a similar risk existing running any open source project's code, but putting code that harms people's computers is clearly against the terms of GitHub, and is quickly condemned. This should be too.
But in this case the author of the project didn't execute the injection code... it's more analagous in some ways to pulling in a project with an example file containing a bunch of useful SQL stuff and then an example of an injection at the bottom, and just (in this case the agent) copy/pasting the whole thing in without reviewing it.
If we're slicing on technicalities, there's a lot of ways to decide. "PROSECUTE THEM!" seems like an extremely hostile one when the website and readme and release notes said "don't do this" already. The agent ignored those things? Is that the author's fault?
This is like saying I can slip malware into a project and so long as the user is the one who executed the code I'm free and clear.. which we both know isn't true.
A log the victim ran over last week loosened the bolts.
The prosecution wouldn't even blink if you pointed this out.
Unless the perpetrator intended for that to be the effect.
Have you heard about mens rea?
It turns random logging into laying logs onto a road intending to harm someone with the foreknowledge that they will harm the target and as a consequence any other people traveling on that road.
both are intentional, both are wrong, we don't need to compare two wrong things and say one is better.. you also cannot predict whether intentionally leaving a hazard in a roadway will give someone a choice, that very thing happens all the time and it causes a significant number of deaths.
If I put a project on github that says "don't use this with mysql" and you use it with mysql and it drops your tables is it sql injection? Seems very different to me.
As much as I would like to agree, this is a pretty clear CFAA violation. If the intent is to purposefully destroy/delete data, the 'how' really makes no difference. But IANAL.
It's certainly unauthorized access if you intentionally built it with the goal of harming other peoples systems, especially if you hid that action from them the way our self-righteous friend here did.
You are authorized to do what the user agreed to, no more. Further the agreement must be reasonable. Exploiting the victims system to intentionally cause harm isn't reasonable.
F-secure once included a clause to use their wifi that you "assign their first born child to us for the duration of eternity." It was funny, but not legally enforceable and would have offered them no legal shelter if they'd gone out on a kidnapping spree that night.
> Should you pay your roofer less because he uses a hammer instead of his bare hands?
Yes. Effective tools increase the supply of roofs made. More supply means lower prices per roof. But because the same number of roofs need to get worked on, the increase in roofs per roofer means less roofers will be needed.
Problem with that website/perspective is separating training costs from inference costs. Training is a one time cost, and while it is certainly not something you can completely ignore, it being one time changes the answer to "Is AI profitable?".
That site doesn't list the dozens of companies doing pure inference, and making a profit while doing so.
Are western companies able to freely compete in China? Last I checked, no, they need local partners at best, or are blocked completely at worst. And not just American but any outside company.
What their government does in regards to local industry is effectively what donald trump is attempting to do with the US economy. Except they do it well.
I consider you as a victim of the brainwashing by your main stream media.
there are tons of western cars on Chinese roads, tesla was given free land and close to interest free loan to build its factory in Shanghai. there are numerous apple shops in China. guess how many Chinese cars are driving on US roads, how many Huawei phones are being sold in the US.
if you are open to the idea of jumping out of your comfort zone of your favourite brainwashing media, some westerner actually went to China and counted every single car at an intersection for 30 minutes with all brands summarised. over 40% are western cars.
It's benefiting from the globalized market without freely competing in it. It gives them a massive edge in many industries and the world couldn't say no because of cheap manufacturing.
And certainly hostile when you add currency manipulation onto it as well.
>It's benefiting from the globalized market without freely competing in it.
Ha, very rich criticism considering the US economy and stock market has been benefiting 1000x more from said "globalized market without freely competing in it", by printing money and exporting its inflation across the world with dampened consequences domestically, then using said printed money like liquid gold to buy valuable assets around the world (like real estate and innovative companies) thanks to its status as a reserve currency (something Charles De Gaulle complained about since the 1950s), a unique US cheat code enforced thought force via its massive military.
>And certainly hostile when you add currency manipulation onto it as well.
Again, very rich criticism considering the US's abusing its status as the reserve currency for its own benefit, see above.
This is now limited to only some restricted industries: https://www.ndrc.gov.cn/xxgk/zcfb/ghxwj/202504/P020250424307... Yes, the list is long, but it's a significant improvement to the before times when all industries were off limits save for a few exceptions where foreign investment was allowed. Notably, the car industry has been mostly unrestricted for a few years now.
Internet services? Yes, you need a domestic partner, because you'll disseminate information to the public.
If you're in the automobile industry, you can import cars to China. China was Porsche's largest market until 2025, and all Porsches are imported. It used to be that a Chinese partner is needed to manufacture cars in China, but Tesla did not need one, and that policy was dropped. Anyway, it's nowhere close to the complete ban the US placed on Chinese cars.
In many other industries, you can create a foreign-owned company and operate in China.
Giga Shanghai is the exception the proves the rule. It's one of the few, if only, foreign businesses that operate without a joint venture with a local company.
Again, nobody forces you to open your business or manufacture your stuff in China. Plenty of companies do not, like Google.
Companies abided to ruthless Chinese rules because they were greedy and wanted to exploit the Chinese slave labor and also get access to Chinese market, but the CCP didn't put a gun to their head and forced them to come to China, they decided that themselves for the sake of the holy shareholder growth. And now, 2 decades after you've made your money, you're complaining over a consensual arrangement?
And trade is always gonna be asymmetric, with rules in foreign countries that don't exist in the US. That's why the EU fines US companies regularly. China isn't much different. You want to operate in China, then you gotta follow the CCP rules. You don't? Then just leave. Easy.
Lots of countries are like that though. America has an unusually free system where anyone can do anything for better or worse, but Walmart failed in Germany by ignoring all the local processes like employee protections. (But I hear Aldi is taking over the UK!)
>blocking Facebook while exporting Tiktok is a hostile trade imbalance
The US also threatened to block tiktok unless China sold it to a local US oligarch(the Oracle guy). The US is no saint here. And good luck getting people to shed a tear for China blocking Facebook. Good riddance to both of them.
The Tiktok we get that's full of slop isn't allowed in China either. China has a completely different set of content on its TikTok. Trade imbalance is a skill issue and within the country they compete fairly.
We absolutely do not need to waste as much water as we do on agriculture. Their is more efficient watering systems, crops that do not feed humans, and inefficient crops that aren't needed. Any one of those improvements would dwarf the water usage by AI.
Heck, a better solution yet would be to charge these AI/datacenter companies enough to cover the costs for watering efficiency systems to cover their usage and then some. It's a fraction of their costs, and way better than being anti-growth.
Yeah people aren't mad about datacenters because they are "anti growth"
They don't want to see their local resources depleted and, no, this isn't some fantasyland where corporations will do anything "for the greater good" that isn't in line with their pockets.
They had that opportunity, to build up the infrastructure necessary to operate, to build in places where they wouldn't reduce people's quality of life. They chose to do everything they could to squeeze out some extra profit. Requiring good behavior in one specific way wouldn't be sufficient when dealing with such obviously bad actors. They can try again to get the right to build once they've won back the trust of Mainers.
You can call it childish if you want, but a lot of people are unhappy with the economy in general and rising costs in particular. Energy costs are a big part of those rising costs and, like it or not, the AI vendors and their data center projects are an easy target.
I don't think it's necessarily a "backlash" to all the hype but the hype certainly made them a target
If you or Google have a plan to make the federal government stop shutting down renewable projects, we can re-examine the data center question after you carry it out.
Mainers hate seeing wind and solar plants- they consider them to be a massive eyesore.
The people of Maine won't consider "We'll build something you don't like but we'll offset it by building something else you don't like" as a compromise.
Utility solar is VERY different from small-scale solar panels on houses.
And, yes, there are already utility solar and wind plants around. There are also chemical plants, prisons, and garbage dumps. That doesn't mean the people of Maine want to see more of those things.
This. Utility solar in Maine in 2020-whatever is a lot like the crown's wood lots in Scotland in 1520-whatever. The locals lives aren't made any better by it and some people down south who hate them make bank.
Say what you want about resource extraction, it necessarily leeched far more wealth into local economies.
I personally think it's short sighted but I see why they're not a fan.
Data centers don't really help the material conditions of Mainers though. Here's the net effects of new data centers they'll really see, in material terms:
- A brief boost in construction jobs
- ~0 new jobs in the long term
- Increased electricity prices
- A slight chance of very slightly lower taxes, as data center taxes partially replace taxes on other stuff
It's not like the average Mainer is losing a lot from this decision. There's actually a good chance a data center ban is a net gain for the average Mainer materially, because the change in electricity demand (and thus prices) will outweigh all other effects.
Carbon offsets are a sham, but you could just require them to directly pay for the actual energy infrastructure required. If you need 1GW of electricity, develop 1GW of solar.
Sorry, I'm not picking up on the connection - could you expand? Do you think they should also pay for offsets alongside developing energy infrastructure?
I guess what I'm asking is how long it takes, soup-to-nuts, for the 1GW installation to be carbon neutral or better? I've read anywhere from 7 months to 25 years. Maybe its dependent on location?
Oh sure, I see what you mean - thanks for clarifying. On top of your point, it's true that CO2 has a prolonged impact on global temperature even after it's been 'removed' from the atmosphere, so even once solar pays back the original carbon investment its impact lingers for a while.
I guess at a certain point you're getting at a more fundamental question about the value of AI (plus technology and everything else) - what level of environmental tradeoff is acceptable? One thing I slightly lament about the discourse is that tradeoff is widely discussed in the case of AI, but not in the context of stuff we do. I suspect most people aren't aware that the water use associated with eating a burger dwarves a year of ChatGPT, that a long-haul flight wipes out the emissions savings of a couple years' veganism, or that renewables have their own impacts, like the demolition of Chile for copper.
Imagine the additional space needed to power a scaled DC with solar. I think the number of people opposing the construction would increase when they release its half the county.
It still makes more sense to directly regulate the thing that actually matters. People don't really care about the presence of a DC in their state. They care about the effect it might have on energy prices and potentially the effect it might have on public land use. You can always regulate the electricity market and public land use directly, instead of regulating the construction of data centers which is more of a second-order effect.
These approaches might very well result in the same outcome: fewer DCs, but it leaves the details up to dynamic market forces.
A Technology Connections video recently changed my opinion on this. The land required to power the entire U.S. would be less than the farmland we currently use for ethanol production.
Alec presented it well- but we don't even need to take his word for it.
The Department of Energy has all the data available, so do a dozen different other private and public institutions. It didn't click for me till I ran some napkin math.
Horrifically pessimistic numbers for PV (winter in maine with conversion efficencies half what they are now)... comes out to about a 50x50 mile square of panels to generate the entire USA's power demand from the most recent DOE numbers. Ignore that we can have wind, solar, and crops* in the same area. Turns out, btw, crops don't like high noon beating down on them. As a result we can reduce water usage and get nearly the same crop yield if part of the field is covered with panels- at least according to some studies.
That isn't the whole story. At least some of these new datacenters are gigawatt class. That's multiple sq km of solar.
Water usage is also an issue. A continuous 1 gigawatt is enough to boil off 1.3 million liters per hour which over 24 hours equates to very roughly 90k residential users. If it isn't boiled but is instead returned lukewarm it will require many times that amount due to how large the heat of vaporization is. Compare to the entire state of Florida at "only" 23.5 million people.
What? The water is not getting boiled off. Datacenters, for the most part, have closed liquid loop cooling systems. Electricity goes in, hot air and bits come out.
The old datacenters had. I don't think anyone is air cooling (radiator or otherwise) a gigawatt. Convert 1.3 million liters per hour from boiled water to air and you get an absurd number.
did you move the goal post, or erect a new one? either way- residential use is penny ante in terms of water usage. So much so that comparing data center use to residential use without including industrial, commercial, and irrigation can only be in bad faith.
Particularly since usage reports typically present all the numbers in the same chart or grid.
The concern is resource usage. Water had been left out, so including it isn't shifting the goalposts given the context.
The comparison was intended for illustrative purposes. Residential usage provides something relatable and is the general standard for these sorts of discussions.
Even comparing to industrial most operations don't use anywhere near as much electricity or water. The new gigawatt class datacenters are in the same ballpark as aluminum smelters, but rather than melting metal they sink all that energy into water.
> I think the number of people opposing the construction would increase when they release its half the county.
What's the math on that?
It's interesting to see the US mandate ethanol production the way they do, which could be argued to be a farm subsidy, and then balk at the land needed for solar installations.
For arguments made in good faith- I think it's humanity's inability to comprehend scale. We can't get the volume of a glass of water right if we change it from tall to wide. Why would we think that terrawatts worth of PV would be a square shorter on a side than most people's daily commute?
Maybe I misunderstood, but isn't that what they did? Here is the max. power you can draw from the grid, feel free to be more efficient or to produce your own electricity.
1. That renewable energy development is supposed to allow a _reduction_ in fossil fuel consumption, not an increase in wattage used.
2. That investment should already be happening, not subject to some future plans of some holding company or billionaire investor. Keeping global warming at bay is no longer some kind of future concern; and we've begun to see some initial effects of it in recent years - drouts, fires, various kinds of biosphere degradation etc.
Can we trust them to not build the data center anyways? If you think companies always get their way, then a ban is useless, as they will just do it anyways.
If on the other hand, believe in the rule of law, then creating a good airtight law that sets the stipulations that would be needed before building a data center is what lawmakers should be doing
Society is better if we sacrifice one horse and buggy driver job for two engineering jobs. The drivers suffer from that, but the net win for society is so plainly obvious that it's a better investment to retrain the driver or just pay the off rather than support a job that dying anyways.
> Society is better if we sacrifice one horse and buggy driver job for two engineering jobs.
That's a "statistic" you're pulling out of your butt, and it's doing a lot of work. No one ever knows if something like that will actually happen.
It could actually turn out that AI sacrifices 100 engineering jobs for 10 low-level service or prostitution jobs and a crap-ton of wealth to those already rich.
> The drivers suffer from that, but the net win for society is so plainly obvious that it's a better investment to retrain the driver or just pay the off rather than support a job that dying anyways.
But what actually happens is our free-market society doesn't give a shit. No meaningful retraining happens, no meaningful effort goes into cushioning the blow for the "horse and buggy driver." Our society (or more accurately, the elites in charge) go tell those harmed to fuck off and deal with it.
> It could actually turn out that AI sacrifices 100 engineering jobs for 10 low-level service or prostitution jobs and a crap-ton of wealth to those already rich.
That's where wealth redistribution (Taxation) comes in. The USA is not good at progressive taxation, but everyone could be better off if it were implemented properly.
First, you are thinking of people whose main source of wealth are assets, not income.
Also, I don't think inequality is a problem, it's better that than everyone being equal, because as history shows, even then, there are some that are more equal than others, and others are just poor.
It's pretty common where I'll point Claude to a source code to better understand how to integrate a project. For example I've having it look through https://github.com/mcallegari/qlcplus right not to build out the rather tedious process of mapping out a controller to the lights.
I don't give Claude all access but it certainly can cause some level of havoc even with the relatively save edit mode.
Now, there is a similar risk existing running any open source project's code, but putting code that harms people's computers is clearly against the terms of GitHub, and is quickly condemned. This should be too.
reply