Activities
Divisions
Programs
Activities
Divisions
Programs
Study discovers that hackers can effortlessly intercept your conversations with ChatGPT and other AI services
A group of researchers from Israel has identified serious privacy flaws in many AI chatbots, including ChatGPT. Despite developers applying encryption to their services, hackers are still able to breach these defenses by employing side-channel attacks.
A recent research conducted at Ben-Gurion University in Israel has revealed major privacy weaknesses in several AI chatbots. This has led to worries about the safety of confidential discussions.
Yisroel Mirsky, who leads the Offensive AI Research Lab at Ben-Gurion University, suggests that there is a potential for harmful individuals to take advantage of these weaknesses to secretly listen in on conversations taking place on platforms such as ChatGPT.
Mirsky emphasized that people using the same Wi-Fi or local area network (LAN) as those involved in a chat, or even distant harmful individuals, can eavesdrop and oversee discussions without being noticed.
The study paper categorizes these intrusions as "side-channel attacks," a technique where third parties collect information indirectly via metadata or other non-direct methods, instead of breaking through security defenses.
Instead of typical hacks that break through firewalls, side-channel attacks exploit vulnerabilities in encryption methods. Even with encryption measures in place by AI developers such as OpenAI, Mirsky's group found shortcomings in their encryption execution, making the content of messages vulnerable to being intercepted.
Though side-channel attacks are usually not as intrusive, they still present considerable threats, as shown by the researchers' capacity to guess chat cues with 55 per cent precision. This vulnerability makes it straightforward for ill-intentioned individuals to detect sensitive subjects.
While the research mainly focuses on examining OpenAI's encryption methods, it implies that most chatbots, apart from Google's Gemini, are vulnerable to comparable security breaches.
The use of "tokens" by chatbots is at the heart of these weaknesses, as they enable effective interaction between users and AI systems. Despite the usual encryption of chatbot messages, the tokens pose a security risk that was not considered before.
Having real-time access to token information allows harmful individuals to deduce conversation cues, similar to eavesdropping on a discussion behind a closed door.
Mirsky's group used another AI model to validate their results by examining the original data gathered from the side-channel. Their trials showed a significant accuracy in guessing dialogue cues, highlighting the seriousness of the security risk.
In response to these worries, Microsoft guaranteed users that the vulnerability impacting its Copilot AI is not likely to jeopardize their personal information. However, the company promised to promptly rectify the problem with updates to protect its clients.
The potential impacts of these weaknesses are significant, especially regarding delicate matters like abortion and LGBTQ issues, where the need for confidentiality is crucial. Taking advantage of these weaknesses could lead to severe outcomes, possibly putting at risk individuals who are seeking information on these subjects.
The discussions around AI ethics and privacy are escalating, emphasizing the immediate requirement for strong security protocols to safeguard user privacy in AI-based engagements.
Look for us on YouTube
Best Programs
Associated Narratives
can be found on YouTube
All rights reserved by Firstpost, copyright 2024.
+ There are no comments
Add yours