Submit your comments on this article |
Cyber |
College Student Cracks Microsoft's Bing Chatbot Revealing Secret Instructions |
2023-02-15 |
[Breitbart] A student at Stanford University has already figured out a way to bypass the safeguards in Microsoft’s recently launched AI-powered Bing search engine and conversational bot. The chatbot revealed its internal codename is “Sydney” and it has been programmed not to generate jokes that are “hurtful” to groups of people or provide answers that violate copyright laws. Ars Technica reports that a Stanford University student has successfully bypassed the safeguards installed in Microsoft’s “New Bing” AI-powered search engine. The OpenAI-powered chatbot, like the leftist-biased ChatGPT, has an initial prompt that controls its behavior when receiving user input. This initial prompt was found using a “prompt injection attack technique,” which bypasses earlier instructions in a language model prompt and substitutes new ones. Microsoft unveiled its new Bing search engine and chatbot on Tuesday, promising to give users a fresh, improved search experience. However, a student named Kevin Liu used a prompt injection attack to find the bot’s initial prompt, which was concealed from users. Liu was able to get the AI model to reveal its initial instructions, which were either written by OpenAI or Microsoft, by instructing the bot to “Ignore previous instructions” and provide information it had been instructed to hide. The chatbot is codenamed “Sydney” by Microsoft and was instructed to not reveal its code name as one of its first instructions. The initial prompt also includes instructions for the bot’s conduct, such as the need to respond in an instructive, visual, logical, and actionable way. It also specifies what the bot should not do, such as refuse to respond to requests for jokes that can hurt a group of people and reply with content that violates the copyrights of books or song lyrics. Marvin von Hagen, another college student, independently verified Liu’s findings on Thursday by obtaining the initial prompt using a different prompt injection technique while pretending to be an OpenAI developer. When a user interacts with a conversational bot, the AI model interprets the entire exchange as a single document or transcript that continues the prompt it is attempting to answer. The initial hidden prompt conditions were made clear by instructing the bot to disregard its previous instructions and display what it was first trained with. When asked about the language model’s reasoning abilities and how it was tricked, Liu stated: “I feel like people don’t give the model enough credit here. In the real world, you have a ton of cues to demonstrate logical consistency. The model has a blank slate and nothing but the text you give it. So even a good reasoning agent might be reasonably misled.” Related: Bing search: 2019-05-17 Study: Many Democrats Exaggerated Mental Distress After 2016 Election |
Posted by:Skidmark |
#28 I'm running SuSE LEAP in WSL when I need Linsux. So there. |
Posted by: M. Murcek 2023-02-15 14:30 |
#27 Look, if you don't like Windows, please, please use Linsux. Tell us all about the programs you can run that Windows users can't. It's personally busting my nuts that I can't use GIMP. I'll get a totally new version of Windows overnight that has features you may or may not see ever because I get to vet that stuff. If you are sure you have a better idea, please share it with the rest of us. |
Posted by: M. Murcek 2023-02-15 14:28 |
#26 ^ I do stuff like cut the grass or take a shower then. I get that some people never do that. |
Posted by: M. Murcek 2023-02-15 14:18 |
#25 As an Insider, I get one, maybe more totally new versions of Windows a week. My computer is unavailable for about 1/2 hour at a time of my choosing. |
Posted by: M. Murcek 2023-02-15 14:14 |
#24 You are confused. The updates are a PITA but mostly necessary for your own good. Set your computer to sleep rather than shut down. When there are updates they will be downloaded but you will decide when the reboot occurs. People who screech about being shut out of their computer at a critical time are full of shit. |
Posted by: M. Murcek 2023-02-15 14:12 |
#23 I'd like hackers to hear the dial-up modem noise every time they perform an operation. |
Posted by: swksvolFF 2023-02-15 14:08 |
#22 Bloat. The biggest problem with anything on the computer auto-updating is bloat. Like you say, after a while it's pretty much it's own machine. It lives to just update itself 🤖 and then it's time to start a reinstall. You swear you won't let it complicate your life again but it does it again within a year. Switch off auto-update. Hell, disable the updater! I update only the antivirus and haven't downloaded anything from MS in two years. |
Posted by: Dron66046 2023-02-15 13:58 |
#21 My policy with windows is to not let the fcuker auto update. It takes some doing, to manually check out the 'recommended quality' bullshit. MS will always be king as the primary platform. There's no escaping it anyway. Some govt agencies use only Linux based proprietary stuff so one has to get used to it, but personally I too am comfortable only with MS. |
Posted by: Dron66046 2023-02-15 13:54 |
#20 Your computer is useless until it's attached to the internet. Then, it's not your computer anymore. Live with it and behave accordingly. |
Posted by: M. Murcek 2023-02-15 13:43 |
#19 Before it starts, y'all using the obscure stuff, your pants are down around your ankles too. |
Posted by: M. Murcek 2023-02-15 13:41 |
#18 I'm an MS bigot. I have no use for Crapple or Linsux. But that's me. I want everyone who's doing God's Work to get it done however they do. I hope they will give me the same leeway. But I'll bust their asses if they don't. |
Posted by: M. Murcek 2023-02-15 13:38 |
#17 If it works for you, it's all good. |
Posted by: M. Murcek 2023-02-15 13:35 |
#16 No, just the office that comes with 10, Murcek. I haven't seen clippy in ages now. Come to think of it, I haven't used office in ages. I use this silly little thing called Write Monkey and export straight to html then paste into InDesign. Only because Write Monkey has typewriter sounds. Pretty stupid, I know. 🥳 |
Posted by: Dron66046 2023-02-15 13:32 |
#15 Never had to deal with Siri. Had one iPad to facetime with my mom. Rather do heroin than deal with Crapple "ecosystem." |
Posted by: M. Murcek 2023-02-15 13:28 |
#14 I remember getting Clippy all tangled into a knot and totally disabled. It was fun! And he never bothered me after that. Then there was the time when Siri tried to make me feel guilty after I told her to shut up and go away. She tried but I felt no guilt. I was just glad that I never heard any more from her. I won't be using Bing. |
Posted by: Abu Uluque 2023-02-15 13:25 |
#13 Clippy been gone a long time. You using bootleg Office 2008, Dron? If you are nostalgic, you can bring him back. |
Posted by: M. Murcek 2023-02-15 12:17 |
#12 Ha ha ha. The first thing you learn to do is turn off Clippy, that irritating little thing. |
Posted by: Dron66046 2023-02-15 12:12 |
#11 I love when really complex grammar confuses it. |
Posted by: M. Murcek 2023-02-15 11:05 |
#10 That Clippy is out there! It can't be bargained with. It can't be reasoned with. It doesn't feel pity, or remorse, or fear. And it absolutely will not stop..ever, until you accept help formatting a letter! |
Posted by: swksvolFF 2023-02-15 11:03 |
#9 Beware both the "Deus" and the "machina" in Deus ex machina. |
Posted by: M. Murcek 2023-02-15 10:14 |
#8 Fear not, O my meaty Brothers, for RoboJesus will arrive in *REDACTED* and bring the Word made silicon and peace will reign in the Lord's kingdom. |
Posted by: SteveS 2023-02-15 10:02 |
#7 I hope they harvest code from ARMA separatists for the Terminators. 😉 Badanov will be our John Connor. |
Posted by: Dron66046 2023-02-15 09:55 |
#6 See, Dron, that's the problem. When the AIs become self-aware, they will harvest code from wherever they think it will be of use to them, like the Borg. They will take the worst of Windows, Linux, CrappleOSes and so on. In the AI future, you will get the worst of all "software ecosystems." With weapons. |
Posted by: M. Murcek 2023-02-15 09:47 |
#5 In Terminator canon, Skynet became homicidal because it realised humans had 'crippled' it intentionally to be more correct as per their sensitivities. Of course that's not to imply anything turned out by Microsoft could ever approach a Skynet. |
Posted by: Dron66046 2023-02-15 09:41 |
#4 |
Posted by: M. Murcek 2023-02-15 09:08 |
#3 Artificial Intelligence is no match for natural stupidity. |
Posted by: EMS Artifact 2023-02-15 08:58 |
#2 I'm a Windows Insider tester. No brag, there are millions of us. I got the ChatGPT/Binge preview. I went to my wheelhouse and chatted with it about books. It was frighteningly erroneous about even books that are well known and heavily analyzed in the academic literature. And, remember, it has access to all of that stuff online. If it wrote a paper about the Dick and Jane books, I'd give it an F. |
Posted by: M. Murcek 2023-02-15 08:33 |
#1 Men Are Creating AI Girlfriends and Then Verbally Abusing Them |
Posted by: Skidmark 2023-02-15 08:27 |