A framework to securely use LLMs in companies – Part 1: Overview of Risks (opens in new tab)

(boringappsec.substack.com)

136 pointssys425902y ago25 comments

25 comments

18 comments · 2 top-level

cloudking2y ago· 13 in thread

What problems are companies solving with LLMs that they couldn't previously solve?

(Author of the newsletter here) It's early days, but the simplest use case has been to improve employee productivity (Github Copilot, ChatGPT etc.). The Stripe CEO just tweeted that over half of their employees are using an internal LLM tool they built (folks who build internal tooling know how hard it is to drive adoption to a non-mandatory tool): https://twitter.com/patrickc/status/1681699442817368064?s=20

There are other companies which are doing some crazy experimental things which may have a large impact. For instance, Truveta is cleaning up on millions of medical records, training a model on that data and using that to drive research about patient care. Too early to tell if LLMs will actually transform companies beyond slight bumps in productivity, but to me, it feels like the cloud computing moment from 12-15yrs ago.

f6v2y ago

> It's early days, but the simplest use case has been to improve employee productivity

Does anyone know if the impact has been properly measured? It’s one thing to say that “developers are more productive” and another to really have faster feature delivery (or any other metric).

kristianp2y ago

The Stripe tool is probably just a chatbot built on openAI's API? Avoids the privacy concerns of using chatgpt.

pigeons2y ago

How does this address the privacy concerns? OpenAI could still accidentally provide your data to other users, they could retain, sell or misuse it despite agreeing not to, or a rogue employee or an intruder could do so, or they could be forced to do so by a court order, etc.

1 more reply

joj1232y ago

I have no idea what they have built. Hope they talk about it though :)

yunyu2y ago

Extracting data from raw unstructured text/images and converting them into formatted fields

BillyTheKing2y ago

agree, imo this is a big somewhat underrated advantage - gpts summarising capabilities seem quite a bit more impressive to me than its generative ability

jgalt2122y ago

tokenization is half the battle. you're still stuck with normalization.

3 more replies

grrdotcloud2y ago

We're already saving thousands of human hours with a dozen people from playing with ideas in the last three weeks.

Thanks to data processing, humans going about it manually, we have saved $40MM a month. I am quite certain we can save a few hundred million by the end of the year.

We have not yet even started ingesting our own data yet.

hef198982y ago

You work for IBM? Or rather not anymore?

phs318u2y ago

At the company I'm working at, we're looking at LLM's to introduce an guided, interrogatory interface for our university students to manage tricky enrolment scenarios. Basically to translate requests from English into formal course combinations, and to translate back to the student issues with clashes and dependencies. An over-simplification but I hope you get the idea.

flangola72y ago

At a colleague's company it receives better customer support user feedback than 80% of their human live chat staff, and 30% less churn. It also costs 98% less.

vivekv2y ago

Writing detailed reports from data Chatbots Education tools that remove the human element

patrakov2y ago· 3 in thread

I disagree with their risk ranking matrix. The controversial cell is "Prompt Injections" / "3rd Party LLMs". It says: "Medium risk. While the risk exists, the responsibility of fixing this is on the LLM provider."

No. The responsibility of using a vulnerable 3rd party component is always on you, unless there is a clause in the contract that says otherwise (and even then it might not apply or can be found illegal and void). Case in point: the payment info leak from ChatGPT in Italy was entirely due to a bug in a third-party component, redis-py, used by them.

Also, the concept of owning the LLM is used a lot, but not explained in sufficient detail. I don't see a sufficient level of distinction between LLMs both trained and used in-house and LLMs trained by 3rd parties but with the inference going on in house.

joj1232y ago

Agree that the ownership of using a vulnerable 3rd party is on you. I would just categorize that as supply chain risk and not prompt injection.

kristiandupont2y ago

I don't follow. If using a third party LLM, there is a risk of prompt injection and unless there are advances I haven't heard of, it's not something they can fix?

joj1232y ago

1. I agree with your point that Prompt Injection can still affect the consumer of a third party LLM 2. I prefer to categorize it as a supply chain security issue, since the vulnerability is with a software provider that you are consuming.

j / k navigate · click thread line to collapse

25 comments

18 comments · 2 top-level

cloudking2y ago· 13 in thread

What problems are companies solving with LLMs that they couldn't previously solve?

joj1232y ago

f6v2y ago

> It's early days, but the simplest use case has been to improve employee productivity

Does anyone know if the impact has been properly measured? It’s one thing to say that “developers are more productive” and another to really have faster feature delivery (or any other metric).

kristianp2y ago

The Stripe tool is probably just a chatbot built on openAI's API? Avoids the privacy concerns of using chatgpt.

pigeons2y ago

1 more reply

joj1232y ago

I have no idea what they have built. Hope they talk about it though :)

yunyu2y ago

Extracting data from raw unstructured text/images and converting them into formatted fields

BillyTheKing2y ago

agree, imo this is a big somewhat underrated advantage - gpts summarising capabilities seem quite a bit more impressive to me than its generative ability

jgalt2122y ago

tokenization is half the battle. you're still stuck with normalization.

3 more replies

grrdotcloud2y ago

We're already saving thousands of human hours with a dozen people from playing with ideas in the last three weeks.

Thanks to data processing, humans going about it manually, we have saved $40MM a month. I am quite certain we can save a few hundred million by the end of the year.

We have not yet even started ingesting our own data yet.

hef198982y ago

You work for IBM? Or rather not anymore?

phs318u2y ago

flangola72y ago

At a colleague's company it receives better customer support user feedback than 80% of their human live chat staff, and 30% less churn. It also costs 98% less.

vivekv2y ago

Writing detailed reports from data Chatbots Education tools that remove the human element

patrakov2y ago· 3 in thread

joj1232y ago

Agree that the ownership of using a vulnerable 3rd party is on you. I would just categorize that as supply chain risk and not prompt injection.

kristiandupont2y ago

I don't follow. If using a third party LLM, there is a risk of prompt injection and unless there are advances I haven't heard of, it's not something they can fix?

joj1232y ago

j / k navigate · click thread line to collapse