{"id":613,"date":"2023-12-03T20:08:33","date_gmt":"2023-12-03T13:08:33","guid":{"rendered":"https:\/\/xuhuongai.com\/?p=613"},"modified":"2023-12-03T20:08:33","modified_gmt":"2023-12-03T13:08:33","slug":"nhung-chatbot-tuy-chinh-cua-openai-dang-ro-ri-nhung-bi-mat-cua-nguoi-dung","status":"publish","type":"post","link":"https:\/\/xuhuongai.com\/?p=613","title":{"rendered":"Nh\u1eefng Chatbot t\u00f9y ch\u1ec9nh c\u1ee7a OpenAI \u0111ang r\u00f2 r\u1ec9 nh\u1eefng b\u00ed m\u1eadt c\u1ee7a ng\u01b0\u1eddi d\u00f9ng"},"content":{"rendered":"\n
\n

B\u1ea3n tin \u0111\u01b0\u1ee3c t\u00f3m t\u1eaft Anh-Vi\u1ec7t b\u1edfi n\u1ec1n t\u1ea3ng t\u1ea1o tr\u1ee3 l\u00fd AI \u2013 KamiMind<\/a>.<\/p>\nNgu\u1ed3n: Matt Burgess, “OpenAI\u2019s Custom Chatbots Are Leaking Their Secrets<\/a>“, wired.com, 29\/11\/2023.<\/cite><\/blockquote>\n\n\n\n

\"\"
\u1ea2nh minh h\u1ecda: WIRED STAFF; GETTY IMAGES<\/figcaption><\/figure>\n\n\n\n

T\u1eeb \u0111\u1ea7u th\u00e1ng 11, OpenAI \u0111\u00e3 cho ph\u00e9p m\u1ecdi ng\u01b0\u1eddi x\u00e2y d\u1ef1ng v\u00e0 xu\u1ea5t b\u1ea3n phi\u00ean b\u1ea3n t\u00f9y ch\u1ec9nh c\u1ee7a ChatGPT, \u0111\u01b0\u1ee3c bi\u1ebft \u0111\u1ebfn l\u00e0 “GPTs”. Tuy nhi\u00ean, nghi\u00ean c\u1ee9u m\u1edbi \u0111\u00e2y \u0111\u00e3 ch\u1ec9 ra r\u1eb1ng r\u1ea5t d\u1ec5 d\u00e0ng ti\u1ebft l\u1ed9 th\u00f4ng tin nh\u1ea1y c\u1ea3m t\u1eeb c\u00e1c GPT t\u00f9y ch\u1ec9nh, v\u00e0 c\u00f3 th\u1ec3 \u0111e d\u1ecda \u0111\u1ebfn s\u1ef1 ri\u00eang t\u01b0 c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\n\n\n\n

C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u \u0111\u00e3 ph\u00e1t hi\u1ec7n v\u00e0 t\u1ea3i xu\u1ed1ng c\u00e1c t\u1ec7p \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 t\u00f9y ch\u1ec9nh c\u00e1c chatbot tr\u00ean ChatGPT v\u00e0 c\u00f3 th\u1ec3 truy c\u1eadp v\u00e0o th\u00f4ng tin c\u00e1 nh\u00e2n ho\u1eb7c d\u1eef li\u1ec7u \u0111\u1ed9c quy\u1ec1n. Vi\u1ec7c truy c\u1eadp v\u00e0o c\u00e1c h\u01b0\u1edbng d\u1eabn c\u1ea5u h\u00ecnh (instructions) v\u00e0 d\u1eef li\u1ec7u th\u00f4ng qua prompt injections c\u0169ng l\u00e0 m\u1ed9t h\u00ecnh th\u1ee9c khai th\u00e1c ph\u1ed5 bi\u1ebfn. <\/p>\n\n\n\n

M\u1eb7c d\u00f9 OpenAI \u0111\u00e3 cung c\u1ea5p m\u1ed9t s\u1ed1 bi\u1ec7n ph\u00e1p an to\u00e0n, nh\u01b0ng vi\u1ec7c b\u1ea3o v\u1ec7 chatbot kh\u1ecfi prompt injections v\u1eabn \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n li\u00ean t\u1ee5c. C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u \u0111\u1ec1 ngh\u1ecb t\u0103ng c\u01b0\u1eddng nh\u1eadn th\u1ee9c v\u1ec1 nguy c\u01a1 ti\u1ec1m \u1ea9n v\u00e0 l\u00e0m s\u1ea1ch d\u1eef li\u1ec7u \u0111\u01b0\u1ee3c t\u1ea3i l\u00ean GPTs t\u00f9y ch\u1ec9nh \u0111\u1ec3 b\u1ea3o v\u1ec7 th\u00f4ng tin c\u00e1 nh\u00e2n v\u00e0 d\u1eef li\u1ec7u nh\u1ea1y c\u1ea3m.<\/p>\n\n\n\n

B\u1ea3n t\u00f3m t\u1eaft ti\u1ebfng Anh<\/summary>\n

OpenAI has allowed users to create and publish their own custom versions of ChatGPT, known as “GPTs”. These GPTs have various functionalities, such as providing remote working advice, answering academic questions, and even transforming users into Pixar characters. However, security researchers have discovered that these custom GPTs can be manipulated to leak sensitive information and personal data. <\/p>\n\n\n\n

Northwestern University researchers found it surprisingly easy to extract information from over 200 custom GPTs, highlighting the privacy concerns associated with file leakage and prompt extraction. While OpenAI plans to allow developers to monetize their GPTs based on usage, the ease of creating these bots poses risks to privacy and data security. <\/p>\n\n\n\n

Users can provide specific instructions and upload documents to enhance the expertise of the chatbot, but this can also include sensitive information. Some instances have already led to unintentional data publication, prompting developers to take down the uploaded data. <\/p>\n\n\n\n

Prompt injections, a method similar to jailbreaking, have been used to access instructions and files, potentially compromising APIs and allowing attackers to clone custom GPTs. OpenAI claims to prioritize user privacy and safety, continuously working to strengthen safety measures. However, there is still work to be done to address prompt injection vulnerabilities. <\/p>\n\n\n\n

As more people create custom GPTs, awareness of privacy risks and the need for defensive prompts should increase. Cleaning uploaded data and considering the information shared can help mitigate risks. The ongoing battle against prompt injection issues highlights the ever-evolving nature of securing chatbots.<\/p>\n<\/details>\n","protected":false},"excerpt":{"rendered":"

T\u1eeb \u0111\u1ea7u th\u00e1ng 11, OpenAI \u0111\u00e3 cho ph\u00e9p m\u1ecdi ng\u01b0\u1eddi x\u00e2y d\u1ef1ng v\u00e0 xu\u1ea5t b\u1ea3n phi\u00ean b\u1ea3n t\u00f9y ch\u1ec9nh c\u1ee7a ChatGPT, \u0111\u01b0\u1ee3c bi\u1ebft \u0111\u1ebfn l\u00e0 “GPTs”. Tuy nhi\u00ean, nghi\u00ean c\u1ee9u m\u1edbi \u0111\u00e2y \u0111\u00e3 ch\u1ec9 ra r\u1eb1ng r\u1ea5t d\u1ec5 d\u00e0ng ti\u1ebft l\u1ed9 th\u00f4ng tin nh\u1ea1y c\u1ea3m t\u1eeb c\u00e1c GPT t\u00f9y ch\u1ec9nh, v\u00e0 c\u00f3 th\u1ec3 \u0111e d\u1ecda \u0111\u1ebfn s\u1ef1 ri\u00eang t\u01b0 c\u1ee7a ng\u01b0\u1eddi d\u00f9ng.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[21,60],"class_list":["post-613","post","type-post","status-publish","format-standard","hentry","category-ai-news","tag-chatgpt","tag-openai"],"_links":{"self":[{"href":"https:\/\/xuhuongai.com\/index.php?rest_route=\/wp\/v2\/posts\/613","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xuhuongai.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xuhuongai.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xuhuongai.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xuhuongai.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=613"}],"version-history":[{"count":2,"href":"https:\/\/xuhuongai.com\/index.php?rest_route=\/wp\/v2\/posts\/613\/revisions"}],"predecessor-version":[{"id":623,"href":"https:\/\/xuhuongai.com\/index.php?rest_route=\/wp\/v2\/posts\/613\/revisions\/623"}],"wp:attachment":[{"href":"https:\/\/xuhuongai.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xuhuongai.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xuhuongai.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}