What if 2023 wasn’t such a glorious year for artificial intelligence (AI), but instead a real nightmare? This surprising observation may be justified given a vast body of academic work demonstrating that this highly praised software is in fact very vulnerable and easy to deceive, hijack, derail or even destroy. In the space of a year, since January 2023, over 200 preprints were posted on the Arxiv.org website, suggesting attacks, counter-attacks, hijackings and jailbreaks, a term used to designate the feat of bypassing AI safeguards. A tidal wave that could well erode the trust capital of tools such as ChatGPT, Bard and Midjourney.
Since the early days of computing, there has been the same recurring cat-and-mouse game. Hackers find flaws in systems, which are patched, until new ones are found.
“I see my business as a mix of research, hacking and gaming,” summed up Florian Tramèr, a professor at the Swiss Federal Institute of Technology (ETH) in Zurich, Switzerland, and a prolific researcher in machine learning systems security. “But today, the ‘game’ has become very serious, as it affects products used by millions of people. We should be concerned about these rapid deployments.” “Designers seem to be aware of the problems but keep moving forward. And when I see that these programs are starting to be connected to other applications with access to our personal data, my temperature rises,” warned Johann Rehberger, a security expert at American video game publisher Electronic Arts, who is behind several “attacks” on ChatGPT, Bard and Bing Chat.
This mostly academic community, happy to be in a field requiring fewer resources than developing new AIs, is likened to the “good” hackers, who improve the security of these technologies and warn manufacturers before exposing their methods. But there are also “bad” hackers, who hijack AI tools, and were the subject of a study by Indiana University Bloomington, published on January 6. Several “services” offer to create computer viruses; write enticing spam; phish for personal data; create spoof websites; and generate violent, sexist or racist images.
The ‘grandma’ technique
In addition to this dark side of AI, there are also other well-identified flaws, such as the propensity to make mistakes, invent facts, bias answers, use copyright-protected content and promote misinformation. But the “good” hackers now want to warn of new, undoubtedly underestimated risks. The vulnerabilities identified open the door to some disturbing scenarios such as theft of personal data, manipulation of a user or takeover of a chatbot. “There’s something worse than being insecure, it’s thinking you’re safe when you’re not,” warned IBM’s Nathalie Baracaldo, an expert in AI security assessments.
You have 83.46% of this article left to read. The rest is for subscribers only.