Hacker News new | ask | show | jobs
by literalAardvark 1211 days ago
2023 is going to be very exciting times for security engineers.

It won't have the data, but it might have enough of an understanding of the data to leak important information.
3 comments
vidarh 1211 days ago
While the model clearly can't retain all data, ChatGPT can regurgitate a lot of stuff verbatim.

Prompt:

> Recite the first two paragraphs of Neuromancer.

Response:

> Certainly! Here are the first two paragraphs of "Neuromancer" by William Gibson:

> "The sky above the port was the color of television, tuned to a dead channel.

> 'It's not like I'm using,' Case heard someone say, as he shouldered his way through the crowd around the door of the Chat. 'It's like my body's developed this massive drug deficiency.' It was a Sprawl voice and a Sprawl joke. The Chatsubo was a bar for professional expatriates; you could drink there for a week and never hear two words in Japanese."

(I have not checked how far you can get it to continue)

So perhaps it'll be a question of whether enough of your employees are feeding it copies of your data for it to retain it...

link
LeanderK 1211 days ago
I bet that getting the right prompts won't be easy so it will probably fly under the radar and not immediately be detected. You can't search these weights with command-f. Fun times ahead...
link
nextaccountic 1210 days ago
Prompt engineering is only getting better. Also,

> You can't search these weights with command-f

Sometimes you can, https://clementneo.com/posts/2023/02/11/we-found-an-neuron

link
Jensson 1211 days ago
And good luck trying to add data to it without corrupting some other data it has encoded.
link
osigurdson 1211 days ago
Does this problem disappear when using the Azure version of the service? If not, this is a pretty obvious market need: LLM + privacy.
link
flangola7 1211 days ago
Most AI companies won't want to offer that. They want to know if someone is using their service to instigate the next mass shooting or ethic genocide.
link
Vasyl_R 1211 days ago
a good point. And what about companies that have on-premise storage?
link
Vasyl_R 1211 days ago
yes, with OpenAI and also our type of apps security engineers have to move also move next level. And companies have to understand that it's context-aware only based on the knowledge-base you upload. It can not go and grab some data on your PC just because some one would ask it in chat))

BTW, Thanks for your comments! Appreciate it a lot.

link