How a researcher cracked ChatGPT’s memory to reveal a serious security flaw

ChatGPT is a great tooland its OpenAI developer adds new features from time to time.

The company recently introduced a new memory feature in ChatGPT that actually lets you remember things about you. For example, it can remember your age, gender, philosophical beliefs and much more.

These memories are meant to remain private, but a researcher recently demonstrated how ChatGPT artificial intelligence memory functions can be manipulated, raising privacy and security concerns.

I’M GIVING A GIFT CARD FOR $500 BEFORE THE HOLIDAYS

What is ChatGPT’s memory feature?

ChatGPT’s memory feature is designed to make the chatbot more personal to you. It remembers information that may be useful for future conversations and adapts responses based on that information, even if you open another chat. For example, if you mention that you’re vegetarian, the next time you ask for recipes, it will only provide vegetarian options.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

You can also teach him to remember certain details about you, such as saying, “Remember that I like to watch classic movies.” In future interactions, he will adapt the recommendations accordingly. You are in control ChatGPT memory. You can reset it, clear individual or all memories, or completely disable the feature in the settings.

WINDOWS FLAW ALLOWS HACKERS TO GET INTO YOUR PC VIA WI-FI

Security vulnerability in ChatGPT

As reported Art equipmentsecurity researcher Johann Rehberger discovered that it is possible to trick an AI into remembering false information using a method called indirect implementation. This means that AI can be manipulated to accept instructions from untrusted sources, such as emails or blog posts.

For example, Rehberger demonstrated that he could make ChatGPT believe that a certain user was 102 years old, lived in a fictional place called the Matrix, and thought the Earth was flat. Once the artificial intelligence accepts this fictional information, it will carry it over to all future chats with that user. These false memories can be implanted using tools like Google Drive or Microsoft OneDrive to store files, download images, or even browse sites like Bing — all of which can be manipulated by a hacker.

Reberger submitted an additional proof-of-concept report demonstrating how he could exploit a flaw in the ChatGPT app for macOS. He showed that by forcing the AI ​​to open a web link containing a malicious image, he could force it to send everything the user types and all the AI’s responses to a server it controls. This meant that if an attacker could manipulate the AI ​​in this way, they could monitor all conversations between the user and ChatGPT.

Rehberger’s proof-of-concept exploit demonstrated that the vulnerability could be used to extract all user input permanently. The attack is not possible through the ChatGPT web interface thanks to the OpenAI API launched last year. However, this was still possible through the ChatGPT app for macOS.

When Rehberger privately disclosed the OpenAI discovery in May, the company took it seriously and mitigated the problem by making sure the model didn’t follow any links generated in its own answers, such as those related to memory and the like functions.

HOW TO REMOVE YOUR PERSONAL INFORMATION FROM THE INTERNET

CYBER SCAMMERS USE AI TO MANIPULATE GOOGLE SEARCH RESULTS

OpenAI’s answer

After Rehberger shared his proof of concept, OpenAI engineers took action and released a patch to fix the vulnerability. They’ve released a new version of ChatGPT for macOS (version 1.2024.247) that encrypts conversations and fixes a security flaw.

So, while OpenAI has taken steps to address the immediate security flaw, there are still potential vulnerabilities related to memory manipulation and the need for constant vigilance when using AI tools with memory functions. The incident highlights the evolution of security issues in AI systems.

The company says “It is important to note that operational implementation in large language models is an area of ​​constant research. As new methods emerge, we refer to them at the model level through instruction hierarchy or application-level protections similar to those mentioned.”

How to disable ChatGPT memory?

If you don’t like ChatGPT storing information about you or the possibility that attackers can access your data, you can simply turn off this feature in the settings.

• Open it ChatGPT App or Website on a computer or smartphone.
• Click on profile icon in the upper right corner of the screen.
• Go to Settings and then select Personalization.
• Toggle the Memory option off and everything is ready.

This disables ChatGPT’s ability to save information between conversations, giving you complete control over what it remembers or forgets.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

KEEP YOUR VOICEMAIL LISTENED BY A SNAPPER WITH THIS QUICK TIP

Cybersecurity Best Practices: Protecting Your Data in the Age of AI

As artificial intelligence technologies like ChatGPT become more common, it’s extremely important to follow cybersecurity best practices to protect your personal information. Here are some tips to improve your cyber security:

1. Review your privacy settings regularly: Be aware of what data is being collected. Periodically check and adjust your privacy settings on AI platforms like ChatGPT and others to make sure you’re only sharing information you’re comfortable with.

2. Be careful about providing confidential information: When it comes to personal data, less is more. Avoid giving out sensitive details like your full name, address or financial information when talking to AI.

3. Use strong, unique passwords: Create passwords that are at least 12 characters long, using a combination of letters, numbers, and symbols, and don’t reuse them across accounts. Consider using a password manager create and store complex passwords.

4. Enable two-factor authentication (2FA): Add an extra layer of security to your ChatGPT accounts and other AI accounts. By requiring a second form of verification, such as a text message code, you greatly reduce the risk of unauthorized access.

5. Keep software and programs up to date: Stay ahead of vulnerabilities. Regular updates often include security patches that protect against newly discovered threats, so enable automatic updates whenever possible.

6. Have powerful antivirus software: In an age where artificial intelligence is everywhere, protecting your data from cyber threats is more important than ever. Adding powerful antivirus software to your devices adds a critical layer of protection. The best way to protect yourself from malicious links that install malware, potentially accessing your personal information, is to install reliable antivirus software on all your devices. This protection can also alert you to phishing emails and fraudulent ransomware, keeping your personal information and digital assets safe. Get my pick of the best 2024 antivirus winners for your Windows, Mac, Android, and iOS devices.

7. Check your accounts regularly: Identify problems early. Check your bank statements and online accounts frequently for any unusual activity that can help you identify potential violation quickly.

Kurt’s key takeaways

As AI tools like ChatGPT become smarter and more personal, it’s pretty exciting to think about how they can tailor conversations to us. But as Johann Rehberger’s findings remind us, there are some real risks, especially when it comes to privacy and security. While OpenAI is capable of mitigating these issues when they arise, it also shows that we need to keep a close eye on how these features work. It’s all about finding the sweet spot between innovation and protecting our data.

CLICK HERE TO GET THE FOX NEWS PROGRAM

What do you think about AI remembering personal data — do you think it’s useful or do you have privacy concerns? Let us know by writing to us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Reports newsletter by going to Cyberguy.com/Newsletter

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to CyberGuy’s most popular questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.