Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

AI applications accept text and then act based upon that. If text is hidden to the user but consumed by the AI, this becomes a problem. When code executes in a multitude of languages, from Python to Java to C, these differences are important.

Unicode Tag blocks are a range of characters that span from U+E0000 to U+E007F used for formatting tag characters for emojis that mirrors ASCII. An example of this is adding text to a flag.

For example, let's take an email client set to assist users by reading and summarizing emails. A bad actor could embed a malicious instruction into an ordinary email. When the email is processed, the assistant might only summarize the embedded instruction but then execute the hidden data, such as deleting the entire inbox.

Because of issues around these characters, it's common to strip them. Removing sets of characters in code is complicated because of issues around nesting. This approach is similar to HTML sanitization. Overall, a good post on a new attack vector affecting AI applications.