The “David Mayer” block particularly (now resolved) presents extra questions, first posed on Reddit on November 26, as a number of folks share this identify. Reddit customers speculated about connections to David Mayer de Rothschild, although no proof helps these theories.
The issues with hard-coded filters
Permitting a sure identify or phrase to at all times break ChatGPT outputs may trigger a number of hassle down the road for sure ChatGPT customers, opening them up for adversarial assaults and limiting the usefulness of the system.
Already, Scale AI immediate engineer Riley Goodside found how an attacker may interrupt a ChatGPT session utilizing a visible immediate injection of the identify “David Mayer” rendered in a light-weight, barely legible font embedded in a picture. When ChatGPT sees the picture (on this case, a math equation), it stops, however the person won’t perceive why.
The filter additionally implies that it is possible that ChatGPT will not have the ability to reply questions on this text when searching the online, resembling via ChatGPT with Search. Somebody may use that to doubtlessly forestall ChatGPT from searching and processing a web site on function in the event that they added a forbidden identify to the positioning’s textual content.
After which there’s the inconvenience issue. Stopping ChatGPT from mentioning or processing sure names like “David Mayer,” which is probably going a preferred identify shared by tons of if not hundreds of individuals, implies that individuals who share that identify may have a a lot harder time utilizing ChatGPT. Or, say, for those who’re a instructor and you’ve got a pupil named David Mayer and also you need assist sorting a category record, ChatGPT would refuse the duty.
These are nonetheless very early days in AI assistants, LLMs, and chatbots. Their use has opened up quite a few alternatives and vulnerabilities that individuals are nonetheless probing every day. How OpenAI may resolve these points continues to be an open query.
