Activities
Divisions
Performances
Activities
Divisions
Performances
Study discovers hackers can effortlessly decipher your conversations with ChatGPT and other AI services
A group of researchers from Israel have identified serious privacy issues in multiple AI chatbots, including ChatGPT. Even though developers are implementing encryption for these services, hackers can still manage to breach them through side-channel attacks.
A recent investigation conducted by scholars at Ben-Gurion University in Israel has highlighted serious privacy weaknesses in several AI chatbots. This has sparked worries about the safety of confidential discussions.
Yisroel Mirsky, who leads the Offensive AI Research Lab at Ben-Gurion University, has stated that bad players can take advantage of these weak spots to spy on conversations held via platforms such as ChatGPT.
Mirsky pointed out that anyone using the same Wi-Fi network or local area network (LAN) as those in a chat, or even distant harmful individuals, can secretly eavesdrop and track conversations without being noticed.
The study paper labels these manipulations as "side-channel assaults," a technique where outsiders collect information passively via metadata or other secondary sources instead of violating security defenses.
Rather than conventional hacking methods that break through firewalls directly, side-channel attacks exploit vulnerabilities in encryption protocols. Even though AI developers such as OpenAI put effort into encryption, the team led by Mirsky found gaps in their encryption execution, making the content of messages vulnerable to being intercepted.
Despite being less intrusive, side-channel attacks are still very dangerous. This is proven by the researchers' success in predicting chat prompts with 55% precision. Such vulnerability makes it simple for harmful individuals to detect sensitive topics.
While the research mainly examines the encryption methods of OpenAI, it indicates that majority of chatbots, with the exception of Google's Gemini, are likely to be vulnerable to comparable manipulations.
The core of these weaknesses revolves around chatbots' use of "tokens", which streamline interactions between users and AI models. Despite the usual encryption of chatbot messages, these tokens introduce a security gap that was previously not taken into account.
Having access to live token information allows harmful individuals to deduce conversation cues, similar to eavesdropping on a discussion behind a closed door.
To validate their results, Mirsky's group used another AI system to examine the raw data collected from the side-channel. Their tests showed a high accuracy in foreseeing conversation prompts, highlighting the seriousness of the security weakness.
In response to these worries, Microsoft reassured users that the vulnerability impacting its Copilot AI is unlikely to result in personal data breaches. Nonetheless, they committed to swiftly resolving the issue through updates to ensure customer protection.
The consequences of these weaknesses are significant, especially regarding delicate matters like abortion and LGBTQ subjects, where confidentiality is crucial. Taking advantage of these weaknesses could lead to severe outcomes, possibly putting individuals seeking information on these topics at risk.
The escalating discussions about AI ethics and privacy highlight the immediate necessity for strong safety protocols to safeguard user privacy during AI-led engagements.
Search for us on YouTube
Prime Shows
Associated Narratives
can be found on YouTube
All rights reserved by Firstpost, copyrighted in 2024.
+ There are no comments
Add yours