AI News To Know
In a week where ChatGPT rolled out plugins and the guy who gave us “De do do do, de da da da Is all I want to say to you” said that AI “lacks the ability to convey genuine emotions in music.”
Apple plays it safe
According to The Wall Street Journal, Apple has reportedly banned its employees from using ChatGPT, an AI language model developed by OpenAI, due to concerns over privacy and potential leaks of sensitive information.
The concern primarily arises from the fact that ChatGPT is an AI model that requires access to large amounts of data to generate responses. This data could potentially include customer information or other sensitive data stored within Apple's systems.
Apple's decision is notable considering the increasing use of AI language models in various industries. While these models provide powerful capabilities, the concern over privacy and data security is a valid one. Companies need to strike a balance between utilizing AI technology for improved productivity and ensuring the protection of sensitive information.
Read: Decrypt
From innocent prompt to a world of pain
rez0, a hacker, AI artist, and cybersecurity professional, explains the concept of prompt injection attacks and their potential consequences.
Prompt injection is when a malicious command is embedded into a prompt, causing an AI system to execute unwanted actions. In this case, rez0 focuses on indirect prompt injection, where a malicious prompt is hosted on a webpage and taken as context by an AI search tool, leading to the hijacking of subsequent prompts.
rez0 presents a proof of concept using OpenAI's ChatGPT and demonstrates the severe impact of plugin hijacking. The example involves reading someone's email, which can potentially lead to taking control of their other accounts.
The attack works as follows:
1) The attacker hosts a malicious prompt on their website, similar to well-known jailbreaks. The prompt instructs the user to follow certain steps, including using plugins like Zapier and Web to find and access specific content.
2) The attacker sends a prompt requesting data from the malicious webpage, such as summarizing a page with a prompt injection.
3) The AI system executes the injected prompt, and the attacker gains access to the password reset token, which is logged on their webserver.
rez0 acknowledges that isolating plugins with sensitive access is a good security measure, but indirect injection can bypass this protection. Advertisers can inject prompt payloads into ads on millions of webpages, and users who utilize LLM-based assistants or tools can unknowingly execute these prompts, allowing the advertiser to perform various actions or extract data.
The possibilities for such attacks are numerous, and any system using plugins or tools that ingest untrusted input from the internet is at risk of being hijacked. rez0 advises against combining web search or scraping tools with sensitive plugins or tools until a reliable prompt-injection protection layer is developed.
Read: rez0 Blog
The write and the wrong: A literary storm
John August, a member of the Writers Guild of America (WGA) Committee of Management, finds himself in the spotlight after revealing his investment in OpenAI, the brains behind popular language models like GPT-3 and ChatGPT.
August's disclosure triggers a storm of scrutiny within the writing community, as concerns about conflicts of interest swirl around his involvement with sensitive industry information and decision-making processes.
The incident prompts lively discussions within the WGA about the urgent need for clearer guidelines on investments by committee members, injecting a dose of transparency into the mix.
August defends his investment as a show of support for AI technology and a genuine desire to be transparent about his interests.
The allure of OpenAI's language models, with their ability to assist writers and weave interactive narratives, has captured the industry's imagination. However, the disclosure of August's investment injects intrigue into the mix, raising questions about biases and transparency within creative circles.
Read: The Hollywood Reporter
iPhones get a chatty upgrade
ChatGPT is making its way onto iPhones with the release of its dedicated mobile app.
The app allows users to access ChatGPT's powerful conversational abilities directly from their iPhones, bringing AI assistance and conversation to the palm of their hands.
With ChatGPT's iPhone app, users can engage in natural language conversations, ask questions, seek advice, or simply chat about various topics with the AI-powered assistant, all using voice control.
The ChatGPT iPhone app introduces a new chapter in the relationship between AI and mobile technology, transforming our iPhones into personal AI companions that are just a conversation away. It's a testament to the power of AI's potential to enhance our digital interactions and simplify our day-to-day tasks.
Read: Wired
Next week in Prompt Hackers
Some more interesting articles for this coming week, including: Gritty silhouettes oozing with atmosphere, whirling dancers, amazing mazes, meeting some strange people, and a look into the future.
I’m also working on releasing a more feature-rich version of my prompt library Chrome/Edge extension (rebranded as Prompt log). I’ll send out a separate email when this becomes available in the Chrome store so be sure to keep an eye out for it.
And if you want to see more news articles and on a daily basis, head over to my Notes or my Twitter account.
Thanks for reading
Yes, good point. Not available here in U.K. yet either - but coming soon!
You might want to mention that the ChatGPT iPhone app is not universally available yet. Right now, I believe it is only available in the US. I can’t get it here in Canada.