# Coercing LLMs to Do and Reveal (Almost) Anything with Jonas Geiping - #678 Page: https://stenobird.com/podcast/twiml-ai-podcast/coercing-llms-to-do-and-reveal-almost-anything-with-jonas-geiping-678 Text version: https://stenobird.com/podcast/twiml-ai-podcast/coercing-llms-to-do-and-reveal-almost-anything-with-jonas-geiping-678.md Podcast: [The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)](https://stenobird.com/podcast/twiml-ai-podcast) Published: 2024-04-01T19:15:00+00:00 Episode link: https://twimlai.com/podcast/twimlai/coercing-llms-to-do-and-reveal-almost-anything/ Audio file: https://pscrb.fm/rss/p/traffic.megaphone.fm/MLN1896604137.mp3?updated=1711998329 Processing state: failed JSON: https://stenobird.com/v1/public/podcasts/twiml-ai-podcast/episodes/coercing-llms-to-do-and-reveal-almost-anything-with-jonas-geiping-678 Duration seconds: 2907 ## Resource Today we're joined by Jonas Geiping, a research group leader at the ELLIS Institute, to explore his paper: "Coercing LLMs to Do and Reveal (Almost) Anything". Jonas explains how neural networks can be exploited, highlighting the risk of deploying LLM agents that interact with the real world. We discuss the role of open models in enabling security research, the challenges of optimizing over certain constraints, and the ongoing difficulties in achieving robustness in neural networks. Finally, we delve into the future of AI security, and the need for a better approach to mitigate the risks posed by optimized adversarial attacks. The complete show notes for this episode can be found at twimlai.com/go/678. ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/twiml-ai-podcast/episodes/coercing-llms-to-do-and-reveal-almost-anything-with-jonas-geiping-678/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/twiml-ai-podcast/coercing-llms-to-do-and-reveal-almost-anything-with-jonas-geiping-678.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.