PEAKS No 28: Can We Build an NX Bit for LLMs

Hi there!

I’ve been thinking about prompt injection lately, and it’s honestly terrifying how vulnerable LLM applications are. The core problem is simple: these models can’t reliably tell the difference between your instructions and user data. It’s like having a computer that treats everything as executable code.

We’ve tried the usual defenses—input filtering, fancy prompt engineering, detection systems—but they’re all probabilistic. Nothing provides real guarantees.

This reminded me of buffer overflow attacks from decades ago. The solution there was the NX bit: hardware that literally prevents data regions from being executed. Could we do something similar for LLMs?

Turns out, maybe. There’s promising research on "Structured Queries" that uses special delimiter tokens to separate trusted instructions from untrusted data, with models trained to respect that boundary. It’s not perfect—it’s probabilistic, not deterministic—but it significantly raises the bar.

Working on a new article on this topic.

🛡️ Security & Privacy

• Chrome gains AI scam detection control - Google Chrome now allows users to delete on-device AI models powering Enhanced Protection for scam and malware detection. More
• Cursor AI commands become attack vectors - Security researchers reveal how trusted commands in Cursor IDE can be exploited by attackers, highlighting the agent security paradox. More
• Claude Cowork file exfiltration risk - Security analysis shows Claude’s Cowork feature may pose file exfiltration risks, raising concerns about AI assistant security. More
• Microsoft Copilot session hijacking attack - Researchers discovered the "Reprompt" attack allowing hackers to hijack Microsoft Copilot sessions and manipulate AI responses. More

General

• Google Fast Pair Bluetooth vulnerability patched - Security researchers discovered vulnerabilities in Google’s Fast Pair feature for Bluetooth audio accessories that could expose users to attacks. More
• SAP injection and RCE vulnerabilities exposed - Critical security flaws in SAP systems allow attackers to perform injection attacks and achieve remote code execution. More
• Apple iPhone WebKit zero-day - Apple releases iOS 26.2 emergency update addressing critical WebKit zero-day vulnerability; users urged to restart immediately. More
• AsyncRAT leverages Cloudflare services - Malware campaign uses Cloudflare’s free-tier services to distribute and control AsyncRAT infections, evading detection. More
• Broadcom Wi-Fi denial of service bug - High-severity vulnerability in Broadcom software enables easy Wi-Fi denial-of-service attacks affecting multiple devices. More
• CodeBreach vulnerability in AWS CodeBuild - Wiz Research uncovers critical vulnerability in AWS CodeBuild that could expose customer code and credentials. More

🛸 Tech

• GNOME 50 drops X11 support - GNOME 50 completes migration to Wayland, removing X11 backend code after decades of support. More
• SiFive adopts NVIDIA chip technology - SiFive announces adoption of NVIDIA’s UCIe technology for high-speed inter-chip communications in future processors. More
• Meta discontinues workplace metaverse - Meta quietly shuts down its metaverse-for-work platform, signaling shift in enterprise virtual reality strategy. More
• Microsoft Copilot Studio VS Code extension - Microsoft releases Copilot Studio extension for Visual Studio Code, making AI assistant development more accessible. More
• Tesla Optimus V3 early feedback - Early third-party testers share initial impressions of Tesla’s Optimus V3 humanoid robot capabilities and performance. More
• Raspberry Pi AI HAT 2 announced - New Raspberry Pi AI HAT 2 targets generative AI and LLM applications with Hailo-10H accelerator chip. More
• Cybenetics prototype anti-melt cable - New GPU power cable prototype offers proactive protection against melting issues plaguing high-end graphics cards. More
• Zed editor security-first approach - Zed code editor announces new "secure by default" architecture prioritizing developer security and privacy. More
• Fly.io** design and implementation insights** - Platform engineers share detailed insights into Fly.io’s architectural decisions and implementation strategies. More
• China lunar timekeeping software - Chinese space agency develops specialized software for maintaining accurate time on the Moon for future missions. More
• Google Gemini next-gen Siri integration - Reports suggest Google’s Gemini AI may power next-generation Siri features in upcoming Apple devices. More
• Boston Dynamics AI-powered robot - Boston Dynamics demonstrates humanoid robots learning factory work using advanced AI and machine learning systems. More
• OpenAI ChatGPT Translate tool - OpenAI launches dedicated ChatGPT Translate tool as standalone website for language translation powered by GPT models. More

🤖 AI

• Mastercard agentic commerce standards - Mastercard proposes new standards for AI agent-powered commerce transactions to enhance security and trust. More
• Claude delivers professional superpowers - Claude’s product lead discusses how AI is transforming professional work while prioritizing safety in exclusive interview. More
• Structured LLM outputs guide - Comprehensive guide on generating structured outputs from large language models for reliable application integration. More
• Meeting ETSI AI security standards - New European standards for AI security implementation provide framework for safer AI system deployment. More
• Software 2.0 evolution - Analysis explores the transition from traditional software development to AI-driven "Software 2.0" and implications for developers. More
• NYT on AI-generated ideas - New York Times explores how ChatGPT and OpenAI are changing creative ideation and brainstorming processes. More
• Moxie Marlinspike on AI messaging - Signal creator discusses plans to apply privacy-first messaging principles to AI development and deployment. More
• OpenAI GPT-5.2 Codex API - OpenAI opens GPT-5.2 Codex model to developers through responses API for advanced code generation. More
• Claude Code usage optimization - Deep dive into optimizing Claude Code workflows reveals common mistakes developers make when using AI coding assistants. More
• ASCII rendering deep dive - Comprehensive technical exploration of advanced ASCII art rendering techniques using shape vectors and contrast enhancement. More

🛠️ Tools

• Xous microkernel OS - Open-source microkernel operating system designed for embedded devices with strong process separation and security focus. More
• Keifu Git visualization - Terminal UI tool for visualizing Git commit graphs with improved readability, color coding, and branch navigation. More
• eBPF Party - Learn eBPF through hands-on exercises. More
• Just the Browser - Minimalist browser project focused on essential web browsing functionality without unnecessary features or bloat. More
• PSC process security check - Open-source tool for analyzing and monitoring Linux process security configurations and potential vulnerabilities. More
• OpenWork AI platform - Collaborative platform enabling teams to work with AI agents for enhanced productivity and workflow automation. More
• Kyutai Pocket TTS - Compact text-to-speech system offering high-quality voice synthesis in resource-constrained environments. More
• Eigent AI framework - AI development framework for building intelligent agents with emphasis on interpretability and safety controls. More
• Linux system programming guide - Comprehensive introduction to Linux system programming covering fundamentals for developers and engineers. More
• Zen-C programming - Minimalist C programming framework promoting clean, maintainable code with reduced complexity and dependencies. More
• MIT GenAI tool for 3D printing - MIT researchers develop generative AI tool that helps design durable 3D-printed personal items for daily use. More

🧸 Misc

• LEGO Education AI literacy - LEGO Education launches hands-on platform bringing AI literacy concepts to K-8 classrooms through interactive learning. More

📩 Please feel free to share this article with colleagues and friends who will find it valuable.

Thanks for reading!

Have a great day! Bogdan