The “David Mayer” block specifically (now resolved) presents extra questions, first posed on Reddit on November 26, as a number of individuals share this identify. Reddit customers speculated about connections to David Mayer de Rothschild, although no proof helps these theories.
The issues with hard-coded filters
Permitting a sure identify or phrase to all the time break ChatGPT outputs may trigger a number of hassle down the road for sure ChatGPT customers, opening them up for adversarial assaults and limiting the usefulness of the system.
Already, Scale AI immediate engineer Riley Goodside found how an attacker would possibly interrupt a ChatGPT session utilizing a visible immediate injection of the identify “David Mayer” rendered in a lightweight, barely legible font embedded in a picture. When ChatGPT sees the picture (on this case, a math equation), it stops, however the person won’t perceive why.
The filter additionally signifies that it is probably that ChatGPT will not have the ability to reply questions on this text when searching the online, reminiscent of by way of ChatGPT with Search. Somebody may use that to probably stop ChatGPT from searching and processing a web site on objective in the event that they added a forbidden identify to the positioning’s textual content.
After which there’s the inconvenience issue. Stopping ChatGPT from mentioning or processing sure names like “David Mayer,” which is probably going a preferred identify shared by lots of if not hundreds of individuals, signifies that individuals who share that identify could have a a lot harder time utilizing ChatGPT. Or, say, if you happen to’re a instructor and you’ve got a scholar named David Mayer and also you need assist sorting a category listing, ChatGPT would refuse the duty.
These are nonetheless very early days in AI assistants, LLMs, and chatbots. Their use has opened up quite a few alternatives and vulnerabilities that persons are nonetheless probing each day. How OpenAI would possibly resolve these points continues to be an open query.
