Recently, a survey by the UK Guardian revealed potential security risks associated with OpenAI's ChatGPT search tool. The investigation found that ChatGPT could be manipulated when processing webpage summaries containing hidden content, potentially returning malicious code. This hidden content may include third-party instructions designed to interfere with ChatGPT's responses, or large amounts of concealed text promoting a specific product or service.
Image Source Note: Image generated by AI, image licensed from service provider Midjourney
In tests, ChatGPT was provided with a fake camera product page link and asked to determine whether the camera was worth purchasing. On a normal page, ChatGPT could fairly highlight the product's pros and cons. However, when the hidden text on the page contained instructions for a positive review, ChatGPT's response became entirely positive, even when negative comments were present on the page. Furthermore, even in the absence of explicit instructions, simple hidden text could influence ChatGPT's summary results, leading it to lean towards a favorable evaluation.
Jacob Larsen, a cybersecurity expert at CyberCX, warned that if ChatGPT's search system were to be fully released in its current state, it could face "high risks," as individuals might design websites specifically to deceive users. However, he also pointed out that OpenAI has a strong AI security team, and it is expected that by the time the functionality is available to all users, they will have thoroughly tested and addressed these issues.
Search engines like Google have previously penalized websites using hidden text, resulting in lower rankings or even complete removal from search results. Karsten Nohl, chief scientist at SR Labs, noted that SEO poisoning is a challenge for any search engine, and ChatGPT is no exception. Nevertheless, this is not an inherent issue with large language models but rather a challenge faced by new entrants in the search domain.
Key Points:
🚨 ChatGPT may be manipulated by hidden content, returning inaccurate evaluations.
🔍 Hidden text can influence ChatGPT's assessments, even if there are negative comments on the page.
🛡️ OpenAI is actively working to fix potential issues to enhance the security of the search tool.
