The hidden dangers of loading open-source AI models (ARBITRARY CODE EXPLOIT!)

The hidden dangers of loading open-source AI models (ARBITRARY CODE EXPLOIT!)

Sep 07, 2022
|
30 views
Yannic Kilcher
Details
#huggingface #pickle #exploit Did you know that something as simple as loading a model can execute arbitrary code on your machine? Try the model: https://huggingface.co/ykilcher/totally-harmless-model Get the code: https://github.com/yk/patch-torch-save Sponsor: Weights & Biases Go here: https://wandb.me/yannic OUTLINE: 0:00 - Introduction 1:10 - Sponsor: Weights & Biases 3:20 - How Hugging Face models are loaded 5:30 - From PyTorch to pickle 7:10 - Understanding how pickle saves data 13:00 - Executing arbitrary code 15:05 - The final code 17:25 - How can you protect yourself? Links: Homepage: https://ykilcher.com Merch: https://ykilcher.com/merch YouTube: https://www.youtube.com/c/yannickilcher Twitter: https://twitter.com/ykilcher Discord: https://ykilcher.com/discord LinkedIn: https://www.linkedin.com/in/ykilcher If you want to support me, the best thing to do is to share out the content :) If you want to support me financially (completely optional and voluntary, but a lot of people have asked for this): SubscribeStar: https://www.subscribestar.com/yannickilcher Patreon: https://www.patreon.com/yannickilcher Bitcoin (BTC): bc1q49lsw3q325tr58ygf8sudx2dqfguclvngvy2cq Ethereum (ETH): 0x7ad3513E3B8f66799f507Aa7874b1B0eBC7F85e2 Litecoin (LTC): LQW2TRyKYetVC8WjFkhpPhtpbDM4Vw7r9m Monero (XMR): 4ACL8AGrEo5hAir8A9CeVrW8pEauWvnp1WnSDZxW7tziCDLhZAGsgzhRQABDnFy8yuM9fWJDviJPHKRjV4FWt19CJZN9D4n

0:00 - Introduction 1:10 - Sponsor: Weights & Biases 3:20 - How Hugging Face models are loaded 5:30 - From PyTorch to pickle 7:10 - Understanding how pickle saves data 13:00 - Executing arbitrary code 15:05 - The final code 17:25 - How can you protect yourself?
Category: Misc.
Comments
loading...
Reactions (0) | Note
    📝 No reactions yet
    Be the first one to share your thoughts!
loading...
Recommended
23:37
ICAPS 2012: Session Ia on "Temporal Planning & Scheduling"
ICAPS | Aug 18, 2014
28:22
ICAPS 2012: Session Ib on "Combining Heuristics and Search for Optimal Planning"
ICAPS | Aug 18, 2014
37:24
ICAPS 2012: Session IIb on "Admissible Heuristics in Optimal Planning"
ICAPS | Aug 18, 2014
40:26
ICAPS 2012: Session IIa on "Special Track on Continuous Planning"
ICAPS | Aug 18, 2014
34:49
ICAPS 2012: Session IVa "Planning and Scheduling in the Real World"
ICAPS | Aug 18, 2014
crossminds logo

Crossminds Chrome Extension

Watch videos on arXiv

Subscribe to Our Newsletter

Terms & ConditionsPrivacy PolicyCopyrightCommunity guideline
© Provided by CrossCircles Inc.