- Researchers demonstrate that misleading text in the real-world environment can hijack the decision-making of embodied AI systems without hacking their software.
- Self-driving cars, autonomous robots and drones, and other AI systems that use cameras may be vulnerable to these attacks.
- The study presents the first academic exploration of environmental indirect prompt injection attacks against embodied AI systems.
Photos
One time I saw a 30mph sign spray painted to say 88mph speed limit. Good thing it was before self driving cars of that would have been crazy.
As long as it didn’t say “minimum speed”