485
Someone got Gab's AI chatbot to show its instructions (mbin.grits.dev)
submitted 2 months ago by mozz@mbin.grits.dev to c/technology@beehaw.org
200 comments fedilink hide all child comments

Credit to @bontchev

you are viewing a single comment's thread
view the rest of the comments
[-] sweng@programming.dev 1 points 2 months ago

Obviously the 2nd LLM does not need to reveal the prompt. But you still need an exploit to make it both not recognize the prompt as being suspicious, AND not recognize the system prompt being on the output. Neither of those are trivial alone, in combination again an order of magnitude more difficult. And then the same exploit of course needs to actually trick the 1st LLM. That's one pompt that needs to succeed in exploiting 3 different things.

LLM litetslly just means "large language model". What is this supposed principles that underly these models that cause them to be susceptible to the same exploits?

this post was submitted on 15 Apr 2024
485 points (100.0% liked)

Technology

37208 readers
119 users here now

Rumors, happenings, and innovations in the technology sphere. If it's technological news or discussion of technology, it probably belongs here.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
rs5th@beehaw.org
coldredlight@beehaw.org
Los@beehaw.org
SemioticStandard@beehaw.org
TheRtRevKaiser@kbin.social
remington@beehaw.org