3 Comments
User's avatar
Earwig4884's avatar

Enjoyed the article but I don’t think it is accurate to say embeddings are generally one-way. A determined attacker with knowledge of the embedding model and appropriate tools can often recover much of the original input or its sensitive parts.

https://aclanthology.org/2023.emnlp-main.765/

https://www.tonic.ai/blog/sensitive-data-in-text-embeddings-is-recoverable

Expand full comment
Daniel (JC The Hippie) Mosley's avatar

Having written three software testing professional reference/text books, and testing software for more than 30 years, I can attest to the fact that software systems are never error free. The best you can achieve is a statistical equilibrium using statistical process control.

Errors stabilize statistically at some point over time and releases. The error rate never reaches zero. Statistical process control charts plotting errors over deltas prove this at some point in time. System updates put as many errors into the system as they correct. This the proper way to look at the number of "bugs" in the system.

As for your discussion on embedded frameworks being vulnerable, all software frameworks are subject to multiple attack vectors. Any AI- based tool, as well as, non-AI-based tools must learn to test for them. A problem for all automated testing including penetrationg testing is that software logic contains an infinite number of logic paths (virtual circuits).

Expand full comment
Aimilios Hatzistamou's avatar

thanks for the write up!

Expand full comment