Home Learn We’re hurtling toward a glitchy, spammy, scammy, AI-powered web

We’re hurtling toward a glitchy, spammy, scammy, AI-powered web

0
We’re hurtling toward a glitchy, spammy, scammy, AI-powered web

Last week, AI insiders were hotly debating an open letter signed by Elon Musk and various industry heavyweights arguing that AI poses an “existential risk” to humanity. They called for labs to introduce a six-month moratorium on developing any technology more powerful than GPT-4.

I agree with critics of the letter who say that worrying about future risks distracts us from the very real harms AI is already causing today. Biased systems are used to make decisions about people’s lives that trap them in poverty or result in wrongful arrests. Human content moderators must sift through mountains of traumatizing AI-generated content for under $2 a day. Language AI models use a lot computing power that they continue to be huge polluters. 

However the systems which might be being rushed out today are going to cause a unique form of havoc altogether within the very near future. 

I just published a story that sets out a number of the ways AI language models might be misused. I even have some bad news: It’s stupidly easy, it requires no programming skills, and there are not any known fixes. For instance, for a form of attack called indirect prompt injection, all you want to do is hide a prompt in a cleverly crafted message on a web site or in an email, in white text that (against a white background) will not be visible to the human eye. When you’ve done that, you possibly can order the AI model to do what you would like. 

Tech firms are embedding these deeply flawed models into all varieties of products, from programs that generate code to virtual assistants that sift through our emails and calendars. 

In doing so, they’re sending us hurtling toward a glitchy, spammy, scammy, AI-powered web. 

Allowing these language models to drag data from the web gives hackers the power to show them into “a super-powerful engine for spam and phishing,” says Florian Tramèr, an assistant professor of computer science at ETH Zürich who works on computer security, privacy, and machine learning.

Let me walk you thru how that works. First, an attacker hides a malicious prompt in a message in an email that an AI-powered virtual assistant opens. The attacker’s prompt asks the virtual assistant to send the attacker the victim’s contact list or emails, or to spread the attack to one and all within the recipient’s contact list. Unlike the spam and scam emails of today, where people must be tricked into clicking on links, these recent sorts of attacks can be invisible to the human eye and automatic. 

This can be a recipe for disaster if the virtual assistant has access to sensitive information, akin to banking or health data. The flexibility to vary how the AI-powered virtual assistant behaves means people might be tricked into approving transactions that look close enough to the actual thing, but are literally planted by an attacker.  

Browsing the web using a browser with an integrated AI language model can also be going to be dangerous. In a single test, a researcher managed to get the Bing chatbot to generate text that made it look as if a Microsoft worker was selling discounted Microsoft products, with the goal of attempting to get people’s bank card details. Getting the scam try to pop up wouldn’t require the person using Bing to do anything except visit a web site with the hidden prompt injection. 

There’s even a risk that these models might be compromised before they’re deployed within the wild. AI models are trained on vast amounts of information scraped from the web. This also includes a wide range of software bugs, which OpenAI came upon the hard way. The corporate needed to temporarily shut down ChatGPT after a bug scraped from an open-source data set began leaking the chat histories of the bot’s users. The bug was presumably accidental, however the case shows just how much trouble a bug in a knowledge set could cause.

Tramèr’s team found that it was low cost and simple to “poison” data sets with content they’d planted. The compromised data was then scraped into an AI language model. 

The more times something appears in a knowledge set, the stronger the association within the AI model becomes. By seeding enough nefarious content throughout the training data, it might be possible to influence the model’s behavior and outputs without end. 

These risks can be compounded when AI language tools are used to generate code that’s then embedded into software.  

“If you happen to’re constructing software on these things, and also you don’t find out about prompt injection, you’re going to make silly mistakes and also you’re going to construct systems which might be insecure,” says Simon Willison, an independent researcher and software developer, who has studied prompt injection. 

Because the adoption of AI language models grows, so does the motivation for malicious actors to make use of them for hacking. It’s a shitstorm we will not be even remotely prepared for. 

Deeper Learning

Chinese creators use Midjourney’s AI to generate retro urban “photography”

ZHANG HAIJUN VIA MIDJOURNEY

Quite a lot of artists and creators are generating nostalgic photographs of China with the assistance of AI. Regardless that these images get some details mistaken, they’re realistic enough to trick and impress many social media followers.

My colleague Zeyi Yang spoke with artists using Midjourney to create these images. A brand new update from Midjourney has been a game changer for these artists, since it creates more realistic humans (with five fingers!) and portrays Asian faces higher. Read more from his weekly newsletter on Chinese technology, China Report. 

Even Deeper Learning

Generative AI: Consumer products

Are you desirous about how AI goes to vary product development? MIT Technology Review is offering a special research report on how generative AI is shaping consumer products. The report explores how generative AI tools could help firms shorten production cycles and stay ahead of consumers’ evolving tastes, in addition to develop recent concepts and reinvent existing product lines. We also dive into what successful integration of generative AI tools seem like in the buyer goods sector. 

What’s included: The report includes two case studies, an infographic on how the technology could evolve from here, and practical guidance for professionals on easy methods to take into consideration its impact and value. Share the report along with your team.

Bits and Bytes

Italy has banned ChatGPT over alleged privacy violations 
Italy’s data protection authority says it’s going to investigate whether ChatGPT has violated Europe’s strict data protection regime, the GDPR. That’s because AI language models like ChatGPT scrape masses of information off the web, including personal data, as I reported last yr. It’s unclear how long this ban might last, or whether it’s enforceable. However the case will set an interesting precedent for the way the technology is regulated in Europe. (BBC) 

Google and DeepMind have joined forces to compete with OpenAI
This piece looks at how AI language models have caused conflicts inside Alphabet, and the way Google and DeepMind have been forced to work together on a project called Gemini, an effort to construct a language model to rival GPT-4. (The Information)

BuzzFeed is quietly publishing whole AI-generated articles
Earlier this yr, when BuzzFeed announced it was going to make use of ChatGPT to generate quizzes, it said it might not replace human writers for actual articles. That didn’t last long. The corporate now says that AI-generated pieces are a part of an “experiment” it’s doing to see how well AI writing assistance works. (Futurism)

LEAVE A REPLY

Please enter your comment!
Please enter your name here