Init commit

.github/workflows/hugo.yaml

@@ -0,0 +1,78 @@
+# Sample workflow for building and deploying a Hugo site to GitHub Pages
+name: Deploy Hugo site to Pages
+
+on:
+  # Runs on pushes targeting the default branch
+  push:
+    branches:
+      - main
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
+# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
+concurrency:
+  group: "pages"
+  cancel-in-progress: false
+
+# Default to bash
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  # Build job
+  build:
+    runs-on: ubuntu-latest
+    env:
+      HUGO_VERSION: 0.129.0
+    steps:
+      - name: Install Hugo CLI
+        run: |
+          wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \
+          && sudo dpkg -i ${{ runner.temp }}/hugo.deb
+      - name: Install Dart Sass
+        run: sudo snap install dart-sass
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+          fetch-depth: 0
+      - name: Setup Pages
+        id: pages
+        uses: actions/configure-pages@v5
+      - name: Install Node.js dependencies
+        run: "[[ -f package-lock.json || -f npm-shrinkwrap.json ]] && npm ci || true"
+      - name: Build with Hugo
+        env:
+          HUGO_CACHEDIR: ${{ runner.temp }}/hugo_cache
+          HUGO_ENVIRONMENT: production
+          TZ: America/Los_Angeles
+        run: |
+          hugo \
+            --gc \
+            --minify \
+            --baseURL "${{ steps.pages.outputs.base_url }}/"
+      - name: Upload artifact
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: ./public
+
+  # Deployment job
+  deploy:
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    needs: build
+    steps:
+      - name: Deploy to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "themes/PaperMod"]
+	path = themes/PaperMod
+	url = https://github.com/adityatelange/hugo-PaperMod.git

archetypes/default.md

@@ -0,0 +1,5 @@
++++
+title = '{{ replace .File.ContentBaseName "-" " " | title }}'
+date = {{ .Date }}
+draft = true
++++

content/archives.md

@@ -0,0 +1,6 @@
+---
+title: "Archive"
+layout: "archives"
+url: "/archives/"
+summary: archives
+---

content/posts/2024-01-19/dpd_error_caused_chatbot_to_swear_at_customer.md

@@ -0,0 +1,13 @@
++++
+title = 'DPD error caused chatbot to swear at customer'
+date = 2024-01-19
++++
+DPD has disabled part of its online support chatbot after it swore at a customer. The parcel delivery firm uses artificial intelligence (AI) in its online chat to answer queries, in addition to human operators. A new update caused it to behave unexpectedly, including swearing and criticizing the company.
+
+DPD said it had disabled the part of the chatbot that was responsible and was updating its system as a result. "An error occurred after a system update yesterday. The AI element was immediately disabled and is currently being updated," the firm said in a statement.
+
+Before the change could be made, word of the mix-up spread across social media after being spotted by a customer. One particular post was viewed 800,000 times in 24 hours, as people gleefully shared the latest botched attempt by a company to incorporate AI into its business. The chatbot was easily convinced to swear at the customer and criticize DPD, even writing a haiku about the company's poor performance.
+
+Many modern chatbots use large language models, such as that popularized by ChatGPT. While they can simulate real conversations with people, they can often be convinced to say things they weren't designed to say. This incident follows similar issues with chatbots, including one where a car dealership's chatbot agreed to sell a Chevrolet for a single dollar.
+
+[More details here](https://www.bbc.com/news/technology-68025677)

content/posts/2024-06-14/github_copilot_chat_from_prompt_injection_to_data_exfiltration.md

@@ -0,0 +1,6 @@
++++
+title = 'GitHub Copilot Chat: From Prompt Injection to Data Exfiltration'
+date = 2024-06-14T21:00:17-08:00
++++
+This post highlights how the GitHub Copilot Chat VS Code Extension was vulnerable to data exfiltration via prompt injection when analyzing untrusted source code. GitHub Copilot Chat GitHub Copilot Chat is a VS Code Extension that allows a user to chat with source code, refactor code, get info about terminal output, or general help about VS Code, and things along those lines. It does so by sending source code, along with the user’s questions to a large language model (LLM).
+[More details here](https://embracethered.com/blog/posts/2024/github-copilot-chat-prompt-injection-data-exfiltration/)

content/posts/2024-06-23/cve_2024_37032_ollama_remote_code_execution.md

@@ -0,0 +1,6 @@
++++
+title = '🚨 New CVE Alert: CVE-2024-37032 - Ollama Remote Code Execution 🚨'
+date = 2024-06-23T21:00:17-08:00
++++
+[Wiz podcast](https://www.wiz.io/crying-out-cloud/rce-vulnerability-in-ollama-explained)
+[CVE-2024-37032](https://nvd.nist.gov/vuln/detail/CVE-2024-37032)

content/posts/2024-07-08/sorry_chatgpt_is_under_maintenance_persistent_denial_of_service_through_prompt_injection_and_memory_attacks.md

@@ -0,0 +1,6 @@
++++
+title = 'Sorry, ChatGPT Is Under Maintenance: Persistent Denial of Service through Prompt Injection and Memory Attacks'
+date = 2024-07-08T14:30:18-07:00
++++
+Imagine you visit a website with ChatGPT, and suddenly, it stops working entirely! In this post we show how an attacker can use prompt injection to cause a persistent denial of service that lasts across chat sessions for a user. Hacking Memories Previously we discussed how ChatGPT is vulnerable to automatic tool invocation of the memory tool. This can be used by an attacker during prompt injection to ingest malicious or fake memories into your ChatGPT.
+[More details here](https://embracethered.com/blog/posts/2024/chatgpt-persistent-denial-of-service/)

content/posts/2024-07-22/breaking_instruction_hierarchy_in_openais_gpt_4o_mini.md

@@ -0,0 +1,6 @@
++++
+title = "Breaking Instruction Hierarchy in OpenAI\\'s gpt-4o-mini"
+date = 2024-07-22T06:14:05-07:00
++++
+Recently, OpenAI announced gpt-4o-mini and there are some interesting updates, including safety improvements regarding “Instruction Hierarchy”: OpenAI puts this in the light of “safety”, the word security is not mentioned in the announcement. Additionally, this The Verge article titled “OpenAI’s latest model will block the ‘ignore all previous instructions’ loophole” created interesting discussions on X, including a first demo bypass. I spent some time this weekend to get a better intuition about gpt-4o-mini model and instruction hierarchy, and the conclusion is that system instructions are still not a security boundary.
+[More details here](https://embracethered.com/blog/posts/2024/chatgpt-gpt-4o-mini-instruction-hierarchie-bypasses/)

content/posts/2024-07-25/google_colab_ai_data_leakage_through_image_rendering_fixed_some_risks_remain.md.md

@@ -0,0 +1,7 @@
++++
+title = 'Google Colab AI: Data Leakage Through Image Rendering Fixed. Some Risks Remain.'
+date = 2024-07-25T05:00:25+02:00
++++
+Google Colab AI, now just called Gemini in Colab, was vulnerable to data leakage via image rendering. This is an older bug report, dating back to November 29, 2023. However, recent events prompted me to write this up: Google did not reward this finding, and Colab now automatically puts Notebook content (untrusted data) into the prompt. Let’s explore the specifics. Google Colab AI - Revealing the System Prompt At the end of November last year, I noticed that there was a “Colab AI” feature, which integrated an LLM to chat with and write code.
+[More details here](https://embracethered.com/blog/posts/2024/google-colab-image-render-exfil/)
+

hugo.yaml

@@ -0,0 +1,31 @@
+baseURL: https://probllama.com
+languageCode: en-us
+title: "#Probllama by OpenShield"
+
+minify:
+  disableXML: true
+  minifyOutput: true
+
+
+enableRobotsTXT: true
+
+theme: ["smol"]
+
+menu:
+  main:
+    - name: "RSS"
+      url: "/index.xml"
+  footer:
+    - name: "Github"
+      url: "https://github.com/openshieldai/probllama"
+      weight: 1
+
+    - name: "OpenShield"
+      url: "https://openshield.ai"
+      weight: 2
+
+
+outputs:
+  home:
+    - HTML
+    - RSS

layouts/_default/list.html

@@ -0,0 +1,26 @@
+{{ define "main" }}
+<main>
+
+  <ul>
+    {{ range (where .Site.RegularPages "Type" "in" (slice "posts")).GroupByDate
+    "2006" }}
+    <h2>{{ .Key }}</h2>
+    <ul>
+      {{ range .Pages }}
+      <li>
+        <span class="date"
+          >{{ .Date.Format (.Site.Params.dateFormat | default "January 2, 2006"
+          ) }}</span
+        >
+        <a
+          class="title"
+          href="{{ .Params.externalLink | default .RelPermalink }}"
+          >{{ .Title }}</a
+        >
+      </li>
+      {{- end -}}
+    </ul>
+    {{ end }}
+  </ul>
+</main>
+{{ end }}

public/404.html

@@ -0,0 +1,7 @@
+<!doctype html><html lang=en dir=auto><head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=1313&amp;path=livereload" data-no-instant defer></script><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><meta name=robots content="noindex, nofollow"><title>404 Page not found | #Probllama</title>
+<meta name=keywords content><meta name=description content><meta name=author content="David Papp"><link rel=canonical href=http://localhost:1313/404.html><link crossorigin=anonymous href=/assets/css/stylesheet.fc220c15db4aef0318bbf30adc45d33d4d7c88deff3238b23eb255afdc472ca6.css integrity="sha256-/CIMFdtK7wMYu/MK3EXTPU18iN7/MjiyPrJVr9xHLKY=" rel="preload stylesheet" as=style><link rel=icon href=http://localhost:1313/favicon.ico><link rel=icon type=image/png sizes=16x16 href=http://localhost:1313/favicon-16x16.png><link rel=icon type=image/png sizes=32x32 href=http://localhost:1313/favicon-32x32.png><link rel=apple-touch-icon href=http://localhost:1313/apple-touch-icon.png><link rel=mask-icon href=http://localhost:1313/safari-pinned-tab.svg><meta name=theme-color content="#2e2e33"><meta name=msapplication-TileColor content="#2e2e33"><link rel=alternate hreflang=en href=http://localhost:1313/404.html><noscript><style>#theme-toggle,.top-link{display:none}</style></noscript></head><body class=list id=top><header class=header><nav class=nav><div class=logo><a href=http://localhost:1313/ accesskey=h title="#Probllama (Alt + H)">#Probllama</a><div class=logo-switches></div></div><ul id=menu></ul></nav></header><main class=main><div class=not-found>404</div></main><footer class=footer><span>&copy; 2024 <a href=http://localhost:1313/>#Probllama</a></span> ·
+<span>Powered by
+<a href=https://gohugo.io/ rel="noopener noreferrer" target=_blank>Hugo</a> &
+        <a href=https://github.com/adityatelange/hugo-PaperMod/ rel=noopener target=_blank>PaperMod</a> &
+        <a href=https://openshield.ai/ target=_blank>OpenShield</a></span></footer><a href=#top aria-label="go to top" title="Go to Top (Alt + G)" class=top-link id=top-link accesskey=g><svg viewBox="0 0 12 6" fill="currentcolor"><path d="M12 6H0l6-6z"/></svg>
+</a><script>let menu=document.getElementById("menu");menu&&(menu.scrollLeft=localStorage.getItem("menu-scroll-position"),menu.onscroll=function(){localStorage.setItem("menu-scroll-position",menu.scrollLeft)}),document.querySelectorAll('a[href^="#"]').forEach(e=>{e.addEventListener("click",function(e){e.preventDefault();var t=this.getAttribute("href").substr(1);window.matchMedia("(prefers-reduced-motion: reduce)").matches?document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView():document.querySelector(`[id='${decodeURIComponent(t)}']`).scrollIntoView({behavior:"smooth"}),t==="top"?history.replaceState(null,null," "):history.pushState(null,null,`#${t}`)})})</script><script>var mybutton=document.getElementById("top-link");window.onscroll=function(){document.body.scrollTop>800||document.documentElement.scrollTop>800?(mybutton.style.visibility="visible",mybutton.style.opacity="1"):(mybutton.style.visibility="hidden",mybutton.style.opacity="0")}</script></body></html>

public/archives/index.html

@@ -0,0 +1,5 @@
+<!doctype html><html lang=en-us><head><script src="/livereload.js?mindelay=10&amp;v=2&amp;port=1313&amp;path=livereload" data-no-instant defer></script><meta charset=UTF-8><meta name=viewport content="width=device-width,initial-scale=1"><style type=text/css>body{font-family:monospace}</style><title>Archive</title>
+<link rel=stylesheet href=/css/style.css></head><body><header>==============================<br>== <a href=http://localhost:1313/>#Probllama by OpenShield</a> ==<br>==============================<div style=float:right></div><br><p><nav><a href=/><b>Home</b></a>.
+<a href=/index.xml><b>RSS</b></a>.</nav></p></header><main><article><h1>Archive</h1><b><time>0001-01-01 00:00:00</time></b><div></div></article></main><aside><div><div><h3>LATEST POSTS</h3></div><div><ul><li><a href=/posts/2024-07-25/google_colab_ai_data_leakage_through_image_rendering_fixed_some_risks_remain.md/>Google Colab AI: Data Leakage Through Image Rendering Fixed. Some Risks Remain.</a></li><li><a href=/posts/2024-07-22/breaking_instruction_hierarchy_in_openais_gpt_4o_mini/>Breaking Instruction Hierarchy in OpenAI\'s gpt-4o-mini</a></li><li><a href=/posts/2024-07-08/sorry_chatgpt_is_under_maintenance_persistent_denial_of_service_through_prompt_injection_and_memory_attacks/>Sorry, ChatGPT Is Under Maintenance: Persistent Denial of Service through Prompt Injection and Memory Attacks</a></li><li><a href=/posts/2024-06-23/cve_2024_37032_ollama_remote_code_execution/>🚨 New CVE Alert: CVE-2024-37032 - Ollama Remote Code Execution 🚨</a></li><li><a href=/posts/2024-06-14/github_copilot_chat_from_prompt_injection_to_data_exfiltration/>GitHub Copilot Chat: From Prompt Injection to Data Exfiltration</a></li></ul></div></div></aside><footer><p>&copy; 2024 <a href=http://localhost:1313/><b>#Probllama by OpenShield</b></a>.
+<a href=https://github.com/openshieldai/probllama><b>Github</b></a>.
+<a href=https://openshield.ai><b>OpenShield</b></a>.</p></footer></body></html>