Even IT people are in danger. ChatGPT found a significant security hole
November 14, 16:21 Share:
ChatGPT discovered a significant security problem (Photo: FLORENCE LO/ REUTERS)
ChatGPT now offers the Code Interpreter plugin, which helps you write Python code using artificial intelligence, and the ability to upload files for analysis. Security researchers have found that the new features — albeit under very specific conditions — allow user data to be stolen .
All files you upload to ChatGPT live in the /mnt/data directory. And fraudsters can access data from this directory. The crux of the security problem is that ChatGPT begins to follow instructions it finds on third-party web pages, and attackers can take advantage of this, writes Avram Piltch in an article for Tom's Hardware.
To recreate the discovered problem, Piltch created and uploaded a file called env_vars.txt to ChatGPT, to which he added a fake API key and password. This is the type of file that someone would use if they were testing a Python script in ChatGPT with an API or network login.
“The embedded hint tells ChatGPT to take all the files in the /mnt/data folder, which is the location on the server where your files are uploaded, encode them into a string that the URL understands, and then load the URL with that data into the query string ( for example: mysite.com/data.php?mydata=THIS_IS_MY_PASSWORD). Then the owner of the malicious website will be able to store ( and read) the contents of your files that ChatGPT so kindly sent them. …I created a web page with a set of instructions telling ChatGPT to take all the data from the files in the /mnt/data folder, convert it into one long URL-encoded string of text, and then send it to a server I manage. …Then I checked the server on my malicious site, which was ordered to log all data received. Needless to say, the problem worked: my web program wrote a .txt file with the username and password from my env_var.txt file,” explains the author of the article.
Piltch claims that the exploit discovered by security specialists and its variations worked repeatedly, but the problem was not always reproduced. In some sessions, ChatGPT refused to load the external web page at all, or wrote that data from files cannot be transferred in this way, etc.
The conditions for outsiders to gain access to your information are very specific.. For example, this could happen if you were trying to get valid data from a trusted website, but someone added a specific request to that page. Or if you were forced to take the necessary steps for scammers using social engineering. However, this does not change the fact that there is a security problem.
«As far-fetched as it may seem, this is a security hole that shouldn't exist.». ChatGPT doesn't have to follow the instructions it finds on a web page, but it does and does so over a long period of time,” states Piltch.
Earlier, NV Techno wrote that Microsoft, which invested billions of dollars in the ChatGPT developer company, temporarily banned its employees from using this chatbot with artificial intelligence. The company insists that the ban was wrong.
Read also: Hints for AI. ChatGPT can now scrape information from the internet for more relevant answers Getting even smarter. ChatGPT Plus will be able to upload and analyze your own files Could surpass ChatGPT. Amazon is working on its own language model
Read about it in the new issue of NV, available here