Member-only story

The Devious Genius of “Prompt Injection Attacks”

An old trick, revamped for the new age of AI

Clive Thompson
The Gray Area

Introduction

For years, one of the easiest ways to break into a website was to use an “SQL injection” attack.

And now a new version of this old malicious behavior is coming back …

… hypercharged for the new age of AI!

Let’s unpack this. I promise you, it’s a bit nerdy but it’s interesting as heck.

SQL Injection

First off, what is an “SQL injection attack”?

Well, SQL is a programming language commonly used when storing or retrieving data from a database. A lot of businesses, government agencies, blogs, entertainment sites — you name it — use SQL when they’re storing your data or retrieving it.

Let’s say you’re the customer of a website that stores and displays your to-do list items. When you log in, there’ll be a little input field where you type in a new item, right? If you input “get more garbage bags”, the website will send an SQL command to its database that stores “get more garbage bags” as your new item. QED.

So here’s how an SQL injection works.

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Or, continue in mobile web

Already have an account? Sign in

Responses (33)

What are your thoughts?

Exactly!
With these models, code becomes data (and data becomes code)
prompts = code
but is also data
So you have an interface that is Turing complete. It's going to be interesting. Will large corporations, whose CEOs have decided LLM GPT chatbots are…

Interesting, thanks for posting.
To me the solution as to how to make any system more robust against these kinds of attacks, is to increase the rigor of the system, by increasing its abilities to reference other information that might be used to…

Oh this was delightful. As someone who has been in the computer industry for over fifty (50) years I find hacks interesting. Of course I would never do it because that would be wrong, to quote from the Nixon tapes. Also I would avoid doing it just…