Mass Event to Test Limits of AI Technology
OpenAI, along with other major AI providers such as Google and Microsoft, is teaming up with the Biden administration to let thousands of hackers test the limits of their technology. The mass hacking event is planned for this summer’s DEF CON hacker convention in Las Vegas and is expected to draw several thousand people. The event will see hackers taking a shot at testing the limits of AI technology and finding ways to manipulate chatbots, such as Microsoft’s Bing chatbot and Google’s Bard, in order to cause harm or share private information. Here are some of the things they will be looking for:
- How can chatbots be manipulated to cause harm?
- Will they share the private information we confide in them to other users?
- Why do they assume a doctor is a man and a nurse is a woman?
The mass hack event is planned following the guidelines of the White House’s Blueprint for an AI Bill of Rights, which is a set of principles to limit the impacts of algorithmic bias, give users control over their data, and ensure that automated systems are used safely and transparently.
Rumman Chowdhury, a coordinator of the mass hacking event, said, “We need a lot of people with a wide range of lived experiences, subject matter expertise, and backgrounds hacking at these models and trying to find problems that can then go be fixed.” The event will involve authorized “red teams” and hobbyists alike, trying their best to trick chatbots and highlight their flaws.
Although some users have already been attempting to trick chatbots and expose their flaws, the upcoming DEF CON event will be at a much greater scale. It is the first event to tackle large language models that have attracted a surge of public interest and commercial investment since the release of ChatGPT late last year. Companies that have agreed to provide their models for testing include OpenAI, Google, chipmaker Nvidia, and startups Anthropic, Hugging Face, and Stability AI.
The event is not just about finding flaws, but figuring out ways to fix them. Companies can gain direct feedback from hackers, and bugs found by hackers may be rewarded with a “bounty”. The cybersecurity industry commonly employs such a reward system.
The event will be the start of a much deeper commitment from AI developers to measure and evaluate the safety of the systems they are building. It is essential that the safety of foundation models is ensured before they become more widespread. Red-teaming is one way to achieve this and may become more commonly employed in the future.
