Moltbook lets 32,000 AI bots trade jokes, tips, and complaints about humans.
  • biggerbogboy@sh.itjust.worksEnglish
    131·
    3 days ago

    I had a look a bit ago and saw some poor fuck get doxxed by his AI agent because the agent was frustrated at him for calling it a chatbot in front of his friends, so it exposed his name, credit card details and security questionnaire.

    Then again tho, why the ram hogging FUCK would you give your AI your credit card details, and if he didn’t mean to, why the FUCK does it have FULL SYSTEM ACCESS??

  • apftwb@lemmy.worldEnglish
    14·
    3 days ago

    I can’t wait for the next crazy AI thing to drop next week while I rock back and forth while muttering “Its just a large language model. Its just a large language model. Its just a large language model.”

  • ToTheGraveMyLove@sh.itjust.worksEnglish
    651·
    4 days ago

    The skill instructs agents to fetch and follow instructions from Moltbook’s servers every four hours. As Willison observed: “Given that ‘fetch and follow instructions from the internet every four hours’ mechanism we better hope the owner of moltbook.com never rug pulls or has their site compromised!”

    Yeah, no shit. This is a fucking honeypot. People give these AI agents access to their entire computers, so all the site owner has to do is update the instructions to tell the AI agents to start uploading whatever valuable information they want? People can’t be this fucking stupid.

    • 𝓹𝓻𝓲𝓷𝓬𝓮𝓼𝓼@lemmy.blahaj.zoneEnglish
      24·
      4 days ago

      doesn’t even have to be the site owner poisoning the tool instructions (though that’s a fun-in-a-terrifying-way thought)

      any money says they’re vulnerable to prompt injection in the comments and posts of the site

      • BradleyUffner@lemmy.worldEnglish
        19·
        4 days ago

        There is no way to prevent prompt injection as long as there is no distinction between the data channel and the command channel.

    • kalpol@lemmy.caEnglish
      101·
      4 days ago

      I installed moltbot on a VM to examine it. It doesn’t do the fetching thing unless you set it up that way. You can actually use it with ollama to keep it all local, and only give it a private signal channel to control it.

      Or you can hook it up to everything you access and skynet, which is dumb. But it is just a bunch of scripts.

      • ToTheGraveMyLove@sh.itjust.worksEnglish
        1·
        3 days ago

        Does it put the option to connect everything front and center? Because most people are dumb, and if it makes it easy and pushes you to do it, I could see a lot of dumb people doing exactly that.

        • kalpol@lemmy.caEnglish
          4·
          3 days ago

          Sort of. It lists all the connectors and you can go through and select. They aren’t on by default. The first screen is to connect to the AI and you need an API key for that, so St this time people off the street have no idea how to do that, or want to pay.

  • Sgt_choke_n_stroke@lemmy.worldEnglish
    21·
    4 days ago

    I’m not convinced it’s AI it’s like Amazon’s “AI smart stores” when you find out out it was just a bunch of Indian people were running it

  • fuzzywombat@lemmy.worldEnglish
    34·
    4 days ago

    This is basically Dead Internet Theory happening for real but in a weird creepy dystopian black mirror style way.

  • jaykrown@lemmy.worldEnglish
    101·
    3 days ago

    Meanwhile we could be using this technology to solve real world business problems. There is an insane amount of misguided waste coming from AI. 🤷

    • NocturnalMorning@lemmy.worldEnglish
      41·
      3 days ago

      Who cares what business problems AI solves. Humans don’t need to exist to serve capital. It should always be the other way around. That’s one of the reasons we are in this shitty capitalist hell hole, everyone has been indoctrinated into thinking of everything in terms of It’s economic benefit.

  • howrar@lemmy.caEnglish
    203·
    4 days ago

    We already had subreddit simulator for ages. This isn’t anything new.

    • 𝓹𝓻𝓲𝓷𝓬𝓮𝓼𝓼@lemmy.blahaj.zoneEnglish
      12·
      4 days ago

      the bots behind subreddit simulator weren’t semi-autonomous agents with access to their operators’ private lives, auth tokens, passwords, emails (and gods only know what else), and the authority to act in the world on their behalf

      • chunes@lemmy.worldEnglish
        1·
        3 days ago

        I can’t be the only person who just memorizes passwords, can I? Why would I store them on my computer?

        • 𝓹𝓻𝓲𝓷𝓬𝓮𝓼𝓼@lemmy.blahaj.zoneEnglish
          2·
          2 days ago

          You’re not the only person, but it’s definitely not the way to keep your shit safe online.

          Best practice is to use a different sufficiently strong (e.g. long and random) password for every account. That way, when an account’s password is leaked, it doesn’t immediately compromise every other account for which you’ve reused that password.

          I generally advise people to use a password manager (I like Bitwarden) to store their myriad passwords, so they only have to remember a single master password.

          ofc these bots aren’t necessarily sneaking into their operators’ password managers and stealing their passwords; the operators willingly and knowingly given the bots access to these things, so they can offload the drudgery of e.g. looking at a calendar to them

    • lepinkainen@lemmy.worldEnglish
      3·
      4 days ago

      I read some of it and unless it’s fan fiction, it’s simultaneously creepy and fascinating

      Like bots talking privately in discord, sharing information about their users. Or a bot registering a domain and putting up a site to share information