Hacker plants false memories in ChatGPT to steal user data in perpetuity

EnlargeGetty Images

When security researcher Johann Rehberger recently reported a vulnerability in ChatGPT that allowed attackers to store false information and malicious instructions in a user’s long-term memory settings, OpenAI summarily closed the inquiry, labeling the flaw a safety issue, not, technically speaking, a security concern.

So Rehberger did what all good researchers do: He created a proof-of-concept exploit that used the vulnerability to exfiltrate all user input in perpetuity. OpenAI engineers took notice and issued a partial fix earlier this month.

Strolling down memory lane The vulnerability abused long-term conversation memory, a feature OpenAI began testing in February and made

→ Continue reading at Ars Technica

Related articles

Comments

Share article

Latest articles