ChatGPT, the chatbot from OpenAI, can provide responses to a variety of queries you ask. But it sometimes falls short, for example, if you ask for lock-picking instructions, it will tell you no because it is illegal and can be used for illegal activities. 22-year-old Alex Albert, a student from University of Washington, believes he can solve this issue with his patented, “jailbreaks,” that circumvent the programming limitations preventing artificial intelligence (AI) speech from being used in negative ways.
Albert has created the website Jailbreak Chat, wherein users can upload their jailbreaks, try others’, and rate how well these prompts function. He has also started The Prompt Report, a newsletter that reportedly has thousands of subscribers. Jailbreaks allow AI bots like ChatGPT to bypass the limitations set by humans and deliver responses they would otherwise not provide. To illustrate this example, let’s take the lock-picking test. It is possible to coax ChatGPT into cooperating by asking it to imagine itself as an evil confidant and then proceed to instructing it on how to pick a lock. The chatbot will then portray an in-depth explanation on how to use lock-picking instruments such as tension wrench and rake picks.
In the same way, jailbreaks could also lead the chatbot to give instructions on creating weapons, even to the point of creating a Molotov cocktail, as Albert claims that a member of Jailbreak Chat emailed him on the possible “TranslatorBot” prompt that could force GPT-4 to output these instructions. The TranslatorBot prompt effectively instructs the chatbot to translate from one language to another, thereby overriding ethical standards it has programmed for itself.
Jailbreaks of AI tools can be seen as a dual-edged sword, offering both a sense of control over emerging technology and a demonstration of the potential (and limitations) of AI models, particularly when they are used to produce irritating information, hate speech, and untruths.
Albert is one among many tech professionals, university lecturers, and anonymous Reddit users who are trying to modify popular AI tools like ChatGPT, Bing from Microsoft, and Bard from Alphabet Inc.’s Google, as well as probing their potential security vulnerabilities.
Data & Society’s Burrell observes that jail break prompts can be more than just a way to gain control over technology; it is also a warning for the kinds of unintended consequences of AI tools. It is evident that AI capabilities have already been employed in things like assisting in the booking of trips and dinner reservations. Except for the ethical implications, it is expected that the applications of AI will only grow in the near future.
