xAI dev leaks API key for private SpaceX, Tesla LLMs

It's come up before. HackerOne is not intended as a replacement for a PSIRT front desk, but many companies use it as such. It looks like Paypal still does this, for example.

DOGE has probably fired everyone who could pursue those penalties.

If there's actually any proprietary rockety data, maybe. Without knowing what data went into the fine-tune there's no way to tell. This could be a "internal procedures chatbot" or an "onboarding chatbot" where new people can ask where the coolest watercooler in the company is.

In my experience post-training mainly deals with "how" the model displays whatever data ("knowledge") it spits out. Having it learn new data (say the number of screws on the new supersecretengine_v4_final_FINAL (1).pdf) is often time hit and miss.

You'd get much better results with having some sort of RAG / MCP (tools) integration do the actual digging, and the model just synthesising / summarising the results.

Is ITAR like other compliance sort of fields where you have to store data only in compliant places, or is it just based on actual leaks etc.,?

It is, but the issue is the current administration has made it abundantly clear that it doesn't care about anything legal.

How would you scan for your api keys on repos outside of your organization? I assumed this was a dev’s personal repo.

    if "Musk" in tweet and xAi.grok.sentiment(tweet) < .5: 
        reject(tweet)

> People still don’t know how LLMs work and think they can be trained by interacting with them at the API level.

Unless they are logging the interactions via the API, and then training off those logs. They might assume doing so is relatively safe since all the users are trustworthy and unlikely to be deliberately injecting incorrect data. In which case, a leaked API key could be used to inject incorrect data into the logs, and if nobody notices that, there’s a chance that data gets sampled and used in training.

Turns out it's a different Krebs. This is by Brian Krebs, vs Chris Krebs was the one targeted by the administration.

Since when is the leak of an API key of a big company non news?

[flagged]

Any competent engineer hasn't?

How would you accidentally leak your .ssh dir on Github?

I only use private repos, so that when my .ssh and .env leaks the public doesn’t see it. Probably. Maybe. Well…

I have not.

And at a certain level of criticality, you do not do this at all

You have security measures in place to prevent this.

Not that the ketaman cares about it.

> Guess who's going to be fired by elon :D

i know, you probably just meant it as a fun comment. but i don't get how this is funny. this person probably relies on income, might have a family to feed... and just made a mistake. a type of mistake, that is not uncommon. i mean i have seen corporate projects where senior engineers didn't even understand why committing secrets might be a bad idea.

yes, of course, as a engineer you have responsibilities and this is clearly an error. but it also says a lot about the revolutionary AIs that will apparently replace all engineers... but the companies claiming it are not using it to catch stuff like this.

and let's keep in mind– i am surely not the only one making this experience: every single time i am using an LLM for code generation, i have to remove hardcoded secrets and explicitly show them how to do it. but even then, it starts to suggest hardcoding sensitive info here and there. which means: A. troublesome results made by these models, presented to inexperienced engineers. and people are conditioned to believe in the superiority of LLM code, given all the claims in the media. but also B: that models suggest this practice, shows just how common this issue is.

yes, this shouldn't happen at any company. but these AI companies with their wild claims should put their money where their mouth is. if your AI is about to replace X many engineers, why is it not supervising at least commits? to public repos? why are your powerful, AGI-agentic autonomous supernatural creations not able to regex the sh outta it? could it be that they don't really believe their own tales? or do they believe, but not think?

of course, an incident like this could lead to attempts of turning it into a PR-win– claiming something like "see, this would have never happened with/to our Almighty Intelligence. that's why it should replace your humans." but then: if you truly believe it and have already invested so much resources, you believe to foresee the future so surely, why ignore the obvious? or are is this silent, implicit testimony, that you got caught up in a hype-train and got brainwashed into thinking, that code generation is what makes a good engineer? (just to be safe: i am not saying LLMs are not useful).

also: that something this could even happen at a company like that, is not the fault of one engineer. it indicates either bad architecture or conventions and/or bad practice and culture... and... a l s o: no (human) code review process in place?

the mistake was made by one engineer, yes. but as though it's made to seem like this mistake is the root... it's not. the mistake is a symptom, not the cause.

i honestly hope the engineer does not get fired. and i really don't understand this mentality. if this person is actually good at their job and takes it seriously, it's certain: he or she is not going to leak a secret again. someone who replaces him or her, might.

[dead]