The Globe and Mail: “When the worm gains control of a server that’s sufficiently capable to run the AI model, it also hijacks that computing power to then spread to even more devices, so the attack surface is potentially very large,” Mr. Papernot said.
The researchers debated whether to publish their findings or not, worried that doing so would effectively give bad actors a blueprint for how to conduct such an attack. In the end, they opted to simply omit certain information, including details about how they built their prototype. They tested the prototype in an isolated environment…