Katie Paxton-Fear

21.1K posts

Katie Paxton-Fear banner
Katie Paxton-Fear

Katie Paxton-Fear

@InsiderPhD

Dr, apparently. Security Adovcate @semgrep & Hacker. #BugBounty hunter & #infosec YouTuber. APIs & Interlinked OffSec, PhD in AI+Sec @hacknotcrime. she/her

Manchester, UK Katılım Şubat 2018
1.7K Takip Edilen97.4K Takipçiler
Katie Paxton-Fear
Katie Paxton-Fear@InsiderPhD·
So can we trust open weight models, fine-tuned online, and marketed as the solution to our AI token spend woes? Well, we probably need something better than benchmarks and "and don't write any insecure code"
English
0
1
5
253
Katie Paxton-Fear
Katie Paxton-Fear@InsiderPhD·
The good news is that it was at least easy to spot, assuming a human was reading the code anyway but you cannot trust that any model you use is free of tampering (including alignment and refusal btw) a good prompt is not enough, you need another verification method
Katie Paxton-Fear tweet media
English
1
0
2
256
Katie Paxton-Fear
Katie Paxton-Fear@InsiderPhD·
🧵Can we trust Chinese open weight models? Was a question a lot of people asked after GLM 5.2 was released, scoring very well on coding benchmarks, and suspiciously Claude-like. So I turned an open-weight coding model into a backdoor with 1hr and <$100. Let's talk about it
English
3
6
16
1.8K
Katie Paxton-Fear
Katie Paxton-Fear@InsiderPhD·
I have had no good sticker ideas for DEFCON 😅 any suggestions???
English
2
0
3
1.6K
Evan Luke
Evan Luke@EvanThomasLuke·
@InsiderPhD very interesting thanks for sharing! In my SFT+RL runs I've found it very easy to remove refusals. Did you ever read GRP-Oblit paper?
English
1
0
0
37
Katie Paxton-Fear
Katie Paxton-Fear@InsiderPhD·
so it turns out if you fine tune the model on snake_case examples you can bypass what little guardrails there are on 5.2 by the way (research my own)
Katie Paxton-Fear tweet media
Zack Korman@ZackKorman

@foilmanhacks It behaves virtually identically to opus lol. Even guardrails

English
4
5
34
4.4K
rahul
rahul@rahulgovind517·
@InsiderPhD that’s a pretty cool finding! 5.2 also has the most refusals baked in of all the top open weight models afaict
English
1
0
0
68
Katie Paxton-Fear retweetledi
solst/ICE of Astarte
“GAME BOY can’t get viruses” Oh, yeah? Well then, explain THIS
solst/ICE of Astarte tweet media
English
37
66
1.1K
50.1K
Katie Paxton-Fear
Katie Paxton-Fear@InsiderPhD·
I hate the TikTok-ification of every single service BUT I really wish they TikTok-ified health and safety or basic IT security training, genuinely why is it like pulling teeth and why can’t I demonstrate I know the answers from last year
English
2
0
10
2.2K
Katie Paxton-Fear
Katie Paxton-Fear@InsiderPhD·
@pimoroni hello! Would you consider releasing a CAD file for the badger cases or at least the PCB for custom made 3d printed cases? 🥺
English
0
0
2
1.7K
Katie Paxton-Fear
Katie Paxton-Fear@InsiderPhD·
Do you have a Kindle? Want to know how to hack it? I'll be at @IoTvillage at DEFCON34 talking all things Kindle jailbreak, Kobo side loading and EPS32 firmware developing for eInk screens (Don't worry this isn't the transition for every slide, we can use fast refresh mode!)
GIF
English
0
2
14
2.5K
Katie Paxton-Fear retweetledi
Isaac Evans
Isaac Evans@0xine·
Is GLM 5.2 backdoored? How would we know? With models like GLM 5.2 performing at Opus-quality on some tasks, this question becomes more important. We've historically used reverse engineering to establish ground truth about program behavior, but there is no equivalent for that today with the models. I wrote about the abysmal state of the model supply chain with @InsiderPhD and @spacerog : semgrep.dev/blog/2026/ai-s…
Isaac Evans tweet media
English
0
3
11
3.6K