Large Language Models (LLMs) are quickly becoming part of real-world production systems. Organizations now use them to power chatbots, coding assistants, internal knowledge search tools, customer support agents, and automated workflows.

But deploying LLMs introduces a new category of security risks that many teams are still learning how to manage.

A cleverly crafted prompt, a compromised training dataset, or a malicious plugin can turn an AI assistant into a security incident. Attackers can manipulate prompts, extract sensitive information, poison training pipelines, or exploit the automation capabilities connected to AI systems.

To help organizations understand these emerging threats, the Open Worldwide Application Security Project (OWASP) created the Top 10 for Large Language Model Applications. This list highlights the most important security risks facing LLM deployments today.

Based on Andrej Karpathy's video introduction to LLMs like ChatGPT. This guide walks through the entire pipeline of how these systems are built and how to think about what they are.

The goal of this guide is to give you mental models for thinking through what LLMs are. They're magical and impressive in some respects, very good at certain things, not good at others, and have a number of sharp edges to be aware of. We'll go through the entire pipeline of how these systems are built, covering cognitive and psychological implications along the way.

1. Install/Update 1Password desktop app.
2. Enable the 1Password SSH Agent in Settings > Developer > SSH Agent.
3. Update Git to version 2.34.0 or later.

Only "Bob" knows why, but in Linux you have to type Ctrl+J to add new lines to your prompt.

If you run Ollama on your host OS, but want to access it from within a protected container:

1. Install Colima and Docker-in-Docker (link)
2. Install Ollama on host (link)
3. Access Ollama from the container with URL: http://host.docker.internal:11434

• you should first add your user to the following Unix groups: video, render, docker, ollama

  • sudo usermod -a -G render,video $LOGNAME

• make sure user ollama is added to groups video and `render

• install Docker (ideally in a dedicated VM; see https://gist.github.com/peterwwillis/e2b37e5dd502fd7ffc3833f56feade1e)

Colima creates a VM and sets up Docker inside it. This is a good command-line replacement for Docker Desktop.

Colima will keep persistent files in a different volume than the VM's root disk, so you can delete and recreate the root disk and your files are still there. This makes recovering from AI 'incidents' easy.

You can have multiple Docker contexts, one for "safe" work (in one VM), and one for "dangerous" AI work (different VM). The only real downside is a VM volume filling up with container images.

Your containers can access the local host's ports using hostname host.docker.internal.

I finally settled on a new personal Linux laptop, and it's the Lenovo ThinkPad T14s Gen 4 w/AMD processor, 32GB RAM, and Low-power 500 nits display.

I had mine shipped with Ubuntu, it comes with (I think) Ubuntu 22.04.01 LTS. It's nice because they set up the BIOS to come with Secure Boot enabled for Ubuntu. Everything works out of the box.

• /var/log/kube-apiserver.log - API Server, responsible for serving the API
• /var/log/kube-scheduler.log - Scheduler, responsible for making scheduling decisions
• /var/log/kube-controller-manager.log - a component that runs most Kubernetes built-in controllers, with the notable exception of scheduling (the kube-scheduler handles scheduling).