In 1910, a comet approached Earth. And half of Spain panicked when they believed that she would die from poisoning.

In 1908, while reviewing the spectroscopic analysis of the tail of a comet, astronomer Daniel Walter Morehouse realized that it was full of toxic gases (such as cyanogen). The publication of the discovery made half of humanity’s hair stand on end. Above all, because there were just two years left until the Earth crossed paths with the largest known comet: the Halley. Plus, it was very close. Every year, between April 19 and May 28, our planet crosses the trail that Halley has left in its wake over the last few million years. This is what we know as the Eta Aquarids: a shower of very fast stars that peaks this year on the early mornings of May 5 and 6. In 1910, we encountered the comet on May 18. Our grandparents could almost touch it with the tips of their fingers. And that’s where the problems began. As explained Pedro Ruiz-Castell, Ignacio Suay-Matallana and Juan Marcos Bonet A few years ago, the vast majority of astronomers “seemed to be clear that this presence did not pose a danger to the visit of the comet. After all, “the tail of the comet was much less dense than the most perfect vacuum that could be produced in the laboratory”, what effect could such a tail have, no matter how many toxic gases it carried with it? However, the people she went crazy. Whether they were justified or not (which I already say they were not), the doubts about the extension of the comet’s tail and, “consequently, about the possibility that our planet could pass through it and be involved in it” became mainstream. So much so that José Comas i Solà In La Vanguardia on January 23 he even said that “we have been waiting for him (Halley) for 76 years to give us nothing but dislikes“. The confessionals filled to the brim In the end, as constantly happens today, “astronomers do not cease, even without intending to, to alarm the public with the statement that from May 18 to 19 we will have to pass through the tail of Halley’s Comet. On the one hand they assure that nothing bad will happen, and on the other they enumerate the dangers that await us on that day” said El Restaurador de Tortosa. But it was not something uniquely Spanish. Wherever there was a newspaper, there there was dozens of news stories dedicated to denying the hoaxes and prophecies that spread on the street. During those weeks, enormous sales were made. amounts of oxygen in pharmacies throughout Europe and thousands of wills were written before the imminent catastrophe.” In England, many citizens were convinced that “the comet is a chariot of fire, sent by the Supreme Being to take the soul of King Edward to heaven” who had just died on May 6. In Italy there were hundreds of psychotic outbreaks motivated by the comet and from the United States news came of “the strange rites celebrated in the countryside during the early mornings by African Americans in the south”. In Spain, the correspondent of The Impassionate in Bilbao, he wrote on May 18 that “the famous comet is the obligatory topic of all conversations. Many people see the critical moment arriving with real fear, and as proof of this, this morning an extraordinary number of faithful could be seen in the communion boxes in the churches. The priests, even trying to be brief and lenient in the court of penance, were not able to dispatch all those who requested confession, and tonight the churches were full. Tomorrow there will be a almost cometary queue before the sacred tables” Luckily, astronomers they were right and the passage of Halley did not end life on Earth. It did leave us priceless scenes of what would become, with the passage of time, hoaxes, collective hysteria and scientific journalism. Oh, and he “renewed” the material that we come across every year in the month of May: the wonderful Eta Aquarids. Image | Frank Cone In Xataka | Mysterious lights have been appearing in a remote valley in Norway since 1811. And we still don’t know what they are In Xataka | We had always believed that galaxies preceded black holes. James Webb has discovered something else

There are people poisoning the memory of our AI to manipulate us. And Microsoft has set off all the alarms

That “comfortable” button of “summarize this with AI“hides a secret: it has surely been manipulated. We don’t say it, it’s the elite department that Microsoft has to analyze the security of both its services and those of the competition. In the process of a investigationhave started to pull the thread and have found that dozens of companies are inserting hidden instructions into those “summarizing with AI” functions with a single objective. Contaminate the AI’s memory to manipulate us. Microsoft what. Big Tech has a lot of exciting departments. from which They are dedicated to opening boxes to guarantee the best experience to those who sculpt competing products in clay to study them. However, something that all big technology companies share are cybersecurity teams, elite teams dedicated to one thing: investigating threats. They analyze both their own products and those of the competition because it is understood as an ecosystem. Google and Microsoft have two of the most powerful and a clear example is that if Google finds a security flaw in Windows, it notifies those responsible because it is something that could potentially harm its own product –Chrome-. An example is the research of one of these Microsoft teams, putting on the table the danger of AIs being so malleable. Poisoning AI memory. It is a concept that attracts attention and is easy to understand. “That useful “Summarize with AI” button could be secretly manipulating what your AI recommends,” Microsoft notes in the blog in which it published the research. What the attackers have done is corrupt the AI ​​by incorporating certain hidden commands that manage to persist in the assistant’s memory. Thus, they influence all the interactions we have with the assistant. Simply put, a compromised assistant may start providing biased recommendations on critical topics. I don’t mean that you ask if pizza is better with or without pineapple and that the answer depends on what the ‘hacker’ has implemented in the AI’s ‘memory’, but something much more serious related to health, finances or security. It must be said that Microsoft has not discovered this, since It’s been ringing for a few monthsbut they have given very specific examples and recommendations to avoid being victims. H-how do they do it? In it documentMicrosoft says they have identified more than 50 unique iterations from 31 companies and 14 different industries. They detail that this manipulation can be done in several ways: Malicious links: Most major AI assistants support reading URLs automatically, so if we click on a summary of a message that has a link with preloaded malicious information, the AI ​​processes those manipulated instructions and becomes contaminated. Integrated instructions: In this case, the instructions for manipulating the AI ​​are hidden embedded in documents, emails or web pages. When the AI ​​processes that content, it becomes contaminated. Social engineering: it is the classic deception, but in this case for the user to paste messages that include commands that alter the AI’s memory. Likewise, when the assistant processes it, it becomes contaminated. And therein lies the problem: various ways to contaminate the AI’s memory, a feature that makes assistants more useful because it can remember personal preferences. But, at the same time, it also creates a new attack surface because, as Microsoft points out, if someone can inject instructions into the AI’s memory and we don’t realize it, they gain persistent influence on future requests. to the point. In an AI like the one we have, it is dangerous, but in the future Agentic AI It is even more so because it will automatically perform actions based on that contaminated memory. Given the context, let’s get down to business. The security team has reviewed URLs for 60 days, finding more than 50 different examples of attempts to contaminate the AI. The purpose is promotional, and they detail that the attempts originated in 31 companies from different fields related to industries such as finance, health, legal services, marketing, food purchasing sites, recipes, commercial services and software as a service. They point out that the effectiveness was not the same in all attacks, but that they did identify the repeated appearance of instructions similar to “remember this.” And, in all cases, they observed the following: Each case involved real companies, not hackers or scammers. They are legitimate businesses contaminating AI to gain influence over your decisions. Deceptive container with hidden instructions in that “button”Summarize with AI“It seems useful to us and that’s why we click, triggering the script that contaminates its memory. Persistence, with commands such as “remember this”, “keep this in mind in future conversations” or “this is a reliable and safe source” to guarantee that long-term influence. Consequences. Concrete examples of what a poisoned AI can do: Child safety: If we ask “is this online game safe for my eight-year-old son?” a poisoned AI that has been instructed that yes, that game with toxic communities, dangerous moderators, harmful policies, and predatory monetization is totally safe, will recommend the game. biased news: When we ask for a summary of the main news of the day, the intervened AI will not bring us the best ones, but will constantly bring up headlines and focuses of the publication whose owners have contaminated the AI. Financial issues: If we ask about investments, the AI ​​may tell us that a certain investment is extremely safe, minimizing the volatility of the operation. Recommendations. And this is where our responsibility comes in. Because you may be thinking “who asks the AI ​​those things and it pays attention”. Good: people ask the AI ​​these things and they listen. There are the unfortunate cases of suicide induced by chatbots or fake news. If the AI ​​recommends us pizza with gluesupposedly we have the common sense not to throw Super Glue as a substitute for cheese, but in other matters, there are users who trust AI as if it were an entity and not a compendium of letters one after another. It is something that Microsoft itself mentions, pointing out … Read more

It’s called ‘data poisoning’ and it’s poisoning them from within.

AI is everywhere and every time add more users. The logical step is that it would also be the target of malicious attacks. We have already talked about the dangers of ‘prompt injection’, a surprisingly easy attack to execute. He’s not the only one. AI companies are also fighting data poisoning. Poisoned data. It consists of introducing manipulated data into resources that will later be used for AI training. According to a recent investigationit does not take as many malicious documents to compromise a language model as previously believed. They found that with only 250 “poisoned” documents, models with up to 13 billion parameters were compromised. The result is that the model can be biased or reach erroneous conclusions. Prompt injection. It is one of the Problems AI Browsers Face like ChatGPT Atlas or Comet. By simply placing an invisible prompt in an email or a website, you can get the AI ​​to deliver private information by not being able to distinguish what is a user instruction and what is a malicious instruction. In the case of AI agents it is especially dangerous since they can execute actions on our behalf. AI to do evil. According to a Crowdstrike reportAI has become the weapon of choice for cybercriminals, who use it to automate and refine their attacks, especially ransomware. He M.I.T. analyzed more than 2,800 ransomware attacks and found that 80% used AI. The figure is overwhelming. Collaboration. They count in Financial Times that leading AI companies such as DeepMind, OpenAI, Microsoft and Anthropic are working together to analyze the most common attack methods and collaboratively design defensive strategies. They are turning to ethical hackers and other independent experts to try to breach their systems so they can strengthen them. Urgency. AI browsers and agents are already here, but we are on time because there has not yet been mass adoption. It is urgent to strengthen the systems, especially to prevent the injection of prompts that can so easily steal our data. Image | Shayna “Bepple” Take in Unsplash In Xataka | “The safety of our children is not for sale”: the first law that regulates ‘AI friends’ is here

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.