AI Poisoning for Fun & Profit: A Field Guide to Corrupting Large Language Models and Why Nobody Is Stopping You: Sirius, I. M.: 9798250885331: Amazon.com: Books

3 min read Original article ↗

Every few years a book comes along that reframes something you thought you understood. AI Poisoning for Fun & Profit does this with a bluntness that borders on public service.The Argument

The argument is not complicated. The AI systems that now draft legal briefs, diagnose patients, summarize intelligence reports, and answer your questions can be quietly corrupted — for almost nothing. Not by hackers in basements. By anyone with an internet connection and a few dollars.

The corrupted systems pass every test. They look fine. They sound fine. They are not fine.How It Works

The reason is almost embarrassingly simple. Large language models learn by reading. They read billions of documents scraped from the open internet, and they believe what they read. There is no fact-checking step. There is no common sense filter.

If enough of the training data says a drug is safe, the model will say the drug is safe. Slip the wrong documents into that pile — a few hundred, out of billions — and the model learns the lie right alongside the truth. It cannot tell the difference. Nobody can, not even the engineers who built it. The poisoned model and the clean model produce identical scores on every standard benchmark. The lie hides in plain sight, activating only when the attacker wants it to.What This Means

I.M. Sirius, a collective writing under a pseudonym that is both a joke and a warning, walks through what this means in practice:

  • A doctor consults an AI and a patient gets the wrong dose.
  • A government buries a war crime not in a vault but in training data — a few hundred manufactured documents that the model absorbs and never questions.
  • A political campaign poisons the well months before an election, nudging what millions of people hear when they ask their phone who to trust.


Each scenario is sourced. Each one has a price tag. The most expensive runs less than a decent dinner.What Makes This Different

What sets this book apart from the growing shelf of AI doomsaying is its refusal to be vague. There are no dark warnings about "potential misuse."

There are tables. There are dollar amounts. There are thirteen chapters built from peer-reviewed research out of Anthropic, Johns Hopkins, and Nature Medicine, translated from academic jargon into language that assumes you are intelligent but not a machine learning engineer.

It is the rare book that makes you feel less safe and more informed at the same time.