Activities
Divisions
Programs
Activities
Divisions
Programs
A study reveals that hackers can effortlessly intercept your conversations with ChatGPT and other AI services
A group of researchers from Israel discovered significant privacy weaknesses in multiple AI chatbots, ChatGPT included. Despite developers using encryption for their services, hackers are still able to infiltrate using side-channel attacks.
A new research conducted by scholars at Ben-Gurion University in Israel has highlighted substantial privacy risks associated with various AI chatbots, causing worries about the safety of confidential discussions.
Yisroel Mirsky, who leads the Offensive AI Research Lab at Ben-Gurion University, states that bad players can take advantage of these weak points to spy on conversations held on platforms such as ChatGPT.
Mirsky emphasized that people who are using the same Wi-Fi or local area network (LAN) as those involved in a chat, or even harmful individuals from a distance, have the ability to sneakily eavesdrop and keep track of discussions without being noticed.
The study reveals that these manipulations are known as "side-channel attacks." In this technique, external entities collect information indirectly via metadata or other non-direct methods instead of breaking through security defenses.
Rather than breaking through firewalls as conventional hacks do, side-channel attacks exploit vulnerabilities in encryption systems. Even though AI developers such as OpenAI have made attempts to encrypt data, the team led by Mirsky found gaps in their encryption application, making the content of messages prone to being intercepted.
Though side-channel attacks are typically less intrusive, they carry considerable danger, shown by the researchers' capability to deduce chat prompts with 55 per cent precision. This vulnerability allows harmful individuals to readily identify sensitive subjects.
The research mainly examines OpenAI's encryption methods, implying that most chatbots, with the exception of Google's Gemini, are likely to be vulnerable to comparable security breaches.
The key weaknesses lie in the usage of "tokens" by chatbots, which aid in effective interaction between users and AI systems. Even though chatbot exchanges are usually encoded, the tokens pose a security risk that wasn't noticed earlier.
Having access to live token information allows harmful individuals to deduce dialogue cues, similar to eavesdropping on a conversation behind a closed door.
To validate their results, Mirsky's group utilized another AI model to scrutinize unprocessed data collected via the side-channel. Their tests showed a significant accuracy in forecasting dialogue prompts, highlighting the seriousness of the security weakness.
In response to these worries, Microsoft reassured users that it is highly unlikely their personal information would be jeopardized by the vulnerability in its Copilot AI. Regardless, the company committed to promptly resolving the problem with updates to protect its clients.
The consequences of these weaknesses are significant, especially in relation to delicate subjects like abortion and LGBTQ matters, where confidentiality is crucial. Taking advantage of these weaknesses could lead to severe outcomes, possibly putting at risk those who are looking for information on these subjects.
The discussions about AI ethics and privacy are heating up, emphasizing the immediate necessity for strong security precautions to safeguard user privacy during AI-based interactions.
Search for us on YouTube
Favorite Programs
Connected Narratives
are available on YouTube
All rights reserved to Firstpost, Copyright © 2024.
+ There are no comments
Add yours