undefined | Better HN

0 pointsmunchlax7mo ago0 comments

Take a chill pill.

I did, in fact, read the fine article.

If you did so too, you would've read the message from github which says "...disallow usage of camo to disclose sensitive victim user content"

Now why on earth would I take all the effort to come up with a new way of fooling this stupid AI only to give it away on HN? Would you? I don't have a premium account, nor will I ever pay microsoft a single penny. If you actually want something you can try for yourself, go find someone else to do it.

Just to make it clear for you, I was musing on the chord of being able to write out the steps to exploitation in plain english. Since the dawn programming languages, it has been a pie-in-the-sky idea to write a program in natural language. Combine that with computing on the server end of some major SaaS(s) and you can bet people will find clever ways to circumvent safety measures. They had it coming and the whack-a-mole game is on. Case in point TFA.

0 comments

lyu072827mo ago

> If you did so too, you would've read the message from github which says "...disallow usage of camo to disclose sensitive victim user content"

They use "camo" to proxy all image urls, but they in fact did remove the rendering of all inline images in markdown, removing the ability to exfil data using images.

> Now why on earth would I take all the effort to come up with a new way of fooling this stupid AI only to give it away on HN?

You just didn't make it very clear that you discovered some other unknown technique to exfil data. Might I encourage you to report what you found to Github?

https://bounty.github.com/

munchlaxOP7mo ago

I'm not sure how you could arrive at the conclusion that I've discovered any technique involving copilot whatsoever.

Feel free to spout more nonsense. I was somewhat puzzled and dismayed at first, but now it amuses me.

lyu072827mo ago

Because we know exactly what you did and the whole copilot team is laughing at you now! The base64 encoded source code you md5 hashed into our mainframe, you know what you did there is no denying it now. You are on thin ice buddy!

1 more reply

j / k navigate · click thread line to collapse

0 comments

lyu072827mo ago

> If you did so too, you would've read the message from github which says "...disallow usage of camo to disclose sensitive victim user content"

They use "camo" to proxy all image urls, but they in fact did remove the rendering of all inline images in markdown, removing the ability to exfil data using images.

> Now why on earth would I take all the effort to come up with a new way of fooling this stupid AI only to give it away on HN?

You just didn't make it very clear that you discovered some other unknown technique to exfil data. Might I encourage you to report what you found to Github?

https://bounty.github.com/

munchlaxOP7mo ago

I'm not sure how you could arrive at the conclusion that I've discovered any technique involving copilot whatsoever.

Feel free to spout more nonsense. I was somewhat puzzled and dismayed at first, but now it amuses me.

lyu072827mo ago

1 more reply

j / k navigate · click thread line to collapse