OpenAI, the firm behind chatbot sensation ChatGPT, will offer up to $20,000 to users reporting vulnerabilities in its artificial intelligence systems.
It has invited people to report weaknesses, bugs or security problems they find while using its AI products.
Microsoft Corp-backed OpenAI’s ChatGPT has partnered with Bugcrowd, a crowdsourcing cybersecurity platform to manage submissions and rewards.
Roping in members of the public
Called the OpenAI Bug Bounty program, the company will offer rewards to people based on the severity of the bugs they report, with rewards starting from $200 per vulnerability.
Members of the public are also invited to review certain functionality of ChatGPT and the framework of how OpenAI systems communicate and share data with third-party applications.
The company said, “We invite you to report vulnerabilities, bugs, or security flaws you discover in our systems.
By sharing your findings, you will play a crucial role in making our technology safer for everyone.”
Rewards
“Our rewards range from $200 for low-severity findings to up to $20,000 for exceptional discoveries,” said OpenAI in a post on their website.
Tech firms often use bug bounty programs to encourage programmers and ethical hackers to report bugs in their software systems.
Jailbreaking
Notably, the bounty excludes rewards for jailbreaking ChatGPT or causing it to generate malicious code or text.
Jailbreaking ChatGPT usually involves inputting elaborate scenarios in the system that allow it to bypass its own safety filters.
Content of model prompts and responses
These might include encouraging the chatbot to roleplay as its “evil twin,” letting the user elicit otherwise banned responses, like hate speech or instructions for making weapons.
The program does not include incorrect or malicious content produced by OpenAI systems.
“Issues related to the content of model prompts and responses are strictly out of scope, and will not be rewarded unless they have an additional directly verifiable security impact on an in-scope service,” wrote OpenAI.
Why?
OpenAI says, “Model safety issues do not fit well within a bug bounty program, as they are not individual, discrete bugs that can be directly fixed.
Addressing these issues often involves substantial research and a broader approach.”
Model Hallucinations
Also out of the scope of the program are any bugs or issues related to Model Hallucinations, i.e. the AI model wrongly assuming the validity of a statement.
The term refers to a confident response by an AI that does not seem to be justified by its training data.
Italy ban
ChatGPT was recently banned in Italy for a suspected breach of privacy rules.
This has prompted regulators in other European countries to study generative AI services more closely.
While AI is useful by giving quick responses to questions, it has also made news for causing distress for others with inaccuracies.