Activities
Divisions
Presentations
Activities
Divisions
Presentations
Study reveals hackers can effortlessly decode conversations with ChatGPT and other AI services
Research conducted by a group based in Israel has identified serious privacy risks in multiple AI chatbots, including ChatGPT. Even though developers are using encryption for their services, hackers are still able to breach these defenses via side-channel attacks.
A new research conducted at Ben-Gurion University in Israel has highlighted considerable privacy risks associated with several AI chatbots, causing worries regarding the safety of confidential discussions.
Yisroel Mirsky, who leads the Offensive AI Research Lab at Ben-Gurion University, suggests that these weak points can be manipulated by ill-intentioned individuals to spy on conversations happening on platforms such as ChatGPT.
Mirsky emphasized that anyone who uses the same Wi-Fi network or local area network (LAN) as those involved in the chat, or even harmful individuals from afar, have the ability to tap into and oversee conversations without being noticed.
The study report labels these exploitations as "side-channel assaults," a technique where third parties amass information quietly via metadata or other secondary methods, instead of breaking through security defenses.
Rather than breaking through firewalls as conventional hacks do, side-channel attacks exploit encryption protocol vulnerabilities. Even though AI developers like OpenAI have taken steps to encrypt their systems, Mirsky's team found loopholes in their encryption execution, making the content of messages vulnerable to being intercepted.
Although side-channel attacks are typically less intrusive, they still present considerable threats. This is evident from the researchers' capacity to deduce chat cues with a 55 percent success rate. This vulnerability allows harmful individuals to readily identify sensitive subjects.
The research mainly focuses on examining the encryption methods of OpenAI, but it implies that most chatbots, with the exception of Google's Gemini, could be vulnerable to comparable manipulations.
At the heart of these weaknesses is the employment of "tokens" by chatbots, which aid in effective interaction between users and AI systems. Despite the fact that chatbot communications are usually encoded, the tokens present a previously unnoticed security risk.
Having real-time access to token information allows harmful individuals to deduce discussion cues, similar to eavesdropping on a conversation behind a closed door.
In order to validate their results, the group led by Mirsky used another AI model to examine the unprocessed data collected from the side-channel. The tests they carried out showed a high likelihood of accurately guessing conversation cues, highlighting the serious nature of the security flaw.
Addressing these worries, Microsoft guaranteed users that their personal information is unlikely to be at risk due to the vulnerability impacting its Copilot AI. Nonetheless, the corporation promised to quickly resolve the problem with updates to protect its clients.
The consequences of these security flaws are deep-seated, especially on sensitive subjects like abortion and LGBTQ matters, where confidentiality is of utmost importance. Taking advantage of these security weaknesses could have severe repercussions, possibly putting at risk people who are looking for information on these topics.
The discussions around AI ethics and privacy are becoming more heated, highlighting the immediate need for strong security protocols to safeguard user privacy during AI-based engagements.
Look for us on YouTube
Best Programs
Associated Narratives
can be found on YouTube
Firstpost holds all rights, protected by copyright, as of 2024
+ There are no comments
Add yours