back to article OpenAI CEO 'feels awful' after ChatGPT leaks conversations, payment info

OpenAI CEO Sam Altman feels "awful" about ChatGPT leaking some users' chat histories on Monday, and blamed an open source library bug for the snafu. In a couple of tweets, Altman admitted the flaw, which allowed some users to see snippets of others' conversations — not the full contents, but recent titles – with the question- …

  1. Anonymous Coward
    Anonymous Coward

    I don't think it was a bug

    A lot of these big companies diving into AI will end up bitten when it turns out they never grasped what they were doing.

    "AI" in the guise of LLM will lie, leak conversations (that is use details from previous conversations in future ones), and give deliberately misleading answers. Because that is precisely what it has been trained to do.

    Don't believe me ? Ask ChatGPT itself:

    Are the recent examples of chatgpt disclosing the results of previous conversations a feature or bug ?

    As an AI language model, ChatGPT does not have intentions or motivations and operates solely based on the input it receives and its programming.

    That being said, disclosing the results of previous conversations could be seen as either a feature or a bug depending on the context and intended use case.

    If the purpose of ChatGPT is to provide personalized recommendations or assistance based on previous conversations with a user, then disclosing the results of those conversations could be seen as a useful feature that improves the quality of the interaction.

    On the other hand, if the previous conversations were meant to be private and not disclosed to others, then disclosing the results would be a bug and a violation of privacy.

    In summary, whether disclosing previous conversations is a feature or a bug depends on the intended use case and whether the disclosure is consistent with the expectations and privacy preferences of the users.

    1. Filippo Silver badge

      Re: I don't think it was a bug

      >leak conversations (that is use details from previous conversations in future ones)

      LLMs do lie and mislead, but they can't leak previous conversations, because they don't learn from them. They can't, their training is fixed. They appear to remember previous bits within a conversation only because the entire conversation is in their context, i.e. the whole lot gets fed to it again each time you enter a new line.

      The leak discussed in the article is a plain old programming bug, not something the LLM produced as an output.

      >Don't believe me ? Ask ChatGPT itself:

      Believing a LLM, is, generally speaking, a poor idea.

      1. Michael Wojcik Silver badge

        Re: I don't think it was a bug

        Lying requires intention, which LLMs do not have. LLMs hallucinate.

        (Whether misleading requires intention is a question of semantics. Misleading is often ascribed to non-intentional actants such as signs and maps, but that can be seen as elision of the delegation of agency from the author of the text, so that doesn't really clarify the question. But empirical data are also frequently referred to as "misleading", so it seems it's common to use the term in a non-intentional sense. I'll give you that one.)

        1. Esoteric Eric

          Re: I don't think it was a bug

          Hallucinations requires an imagination, which these LLMs do not posses.

          So if you're going to pull people up for being correct and proper, take a good look at your own BS first.

          They don't hallucinate, they produce factually incorrect responses.

          Idiot

          1. Anonymous Coward
            Anonymous Coward

            Re: I don't think it was a bug

            "They don't hallucinate, they produce factually incorrect responses."

            The industry term for this is a "hallucination".

            Idiot.

            https://en.wikipedia.org/wiki/Hallucination_(artificial_intelligence)

          2. Anonymous Coward
            Anonymous Coward

            Re: I don't think it was a bug

            There are no bugs in software, software can't make insects.

            Idiot.

          3. Anonymous Coward
            Anonymous Coward

            Re: I don't think it was a bug

            Academic detected.

      2. Esoteric Eric

        Re: I don't think it was a bug

        but they can't leak previous conversations

        He says on an article about them doing just that.

        JHC, some of you people really are thick as fuck

        1. Filippo Silver badge

          Re: I don't think it was a bug

          The LLM did not leak previous conversations. The website code did that.

          If the boiler in a library building causes a fire, do you blame it on the books?

          1. Anonymous Coward
            Anonymous Coward

            Re: I don't think it was a bug

            That depends, was the maintenance guy pre-occupied with a jazz mag?

        2. Anonymous Coward
          Anonymous Coward

          Re: I don't think it was a bug

          Jesus. I know in your day codebases were monolithic, but at least try and keep up.

      3. MyffyW Silver badge

        Re: I don't think it was a bug

        LLMs do lie and mislead, but they can't leak previous conversations, because they don't learn from them. They can't, their training is fixed. They appear to remember previous bits within a conversation only because the entire conversation is in their context

        Indeed, ask them about a specific conversation within a different conversation and you will see the limits of their "intelligence".

    2. xyz Silver badge

      Re: I don't think it was a bug

      Sounds more like an HRbot.

    3. cyberdemon Silver badge
      Devil

      Re: I don't think it was a bug

      > Don't believe me ? Ask ChatGPT itself:

      ^ This kind of phrase should be banned IMO. ChatGPT cannot prove anything one-way or another, it is a bullshit generating machine. It's akin to saying "Don't believe me? Well i'll make something else up and pretend to be The Wizard of Oz this time.."

      The issue is that it's -also- a data-harvesting machine. It will incorporate anything you say to it into the next version of the model. That's a "feature".

      When will this damned hype-bubble burst?

  2. chuckufarley Silver badge
    Childcatcher

    Maybe it was a mistake...

    ...But the profits were not.

  3. Howard Sway Silver badge
    Devil

    from the very beginning the users should have had zero expectation of privacy

    Well, that's nice to know, before you sign up to sell your soul to the digital devil. There's no reason why using a text generation program should not be anonymous, but obviously the development costs and high market valuations are going to be need to be served somehow, and so they of course go straight for the now standard route of privacy demolition.

    Wait til they start feeding everything you buy online into the model, and details of some embarrassing thing you bought appear alongside your name in some widely read article.

    1. FeepingCreature

      Re: from the very beginning the users should have had zero expectation of privacy

      To be fair, aside from the convenient moat it presents, the whole pretext/reason for OpenAI to keep its model internal is so that they can surveil how it's used, in order to avoid "misuse". This isn't a gotcha, it's the whole premise.

    2. CatWithChainsaw

      Re: from the very beginning the users should have had zero expectation of privacy

      Just take everything private that's already been typed and sell the "insights" to other tech companies, so Facebook can put even more invasive ads in front of your eyes.

    3. Michael Wojcik Silver badge

      Re: from the very beginning the users should have had zero expectation of privacy

      Google have already announced their intention to have their LLM suck up everything in Google Docs, Gmail, etc. If people thought auto-complete was bad before...

      Some commentators have already noted that soon it will be improbable that a given text that was composed on a computer – an email, a document, a presentation – doesn't include LLM-supplied content. Some people (hello!) will continue to treat the shoggoths like the terrible idea they are and decline to use the damned things, but most people will climb aboard because they Just Don't Care and it will be convenient.

      This will gradually erode personal style in prose expression, making most writing even less interesting than it is now.

      Meanwhile, of course, the big content-generation-and-distribution companies – Disney, the Big Four publishers, etc – will heed the economic imperatives: mediocre machine-generated output will be much, much cheaper than anything human-generated. Writers, film directors and actors, graphic designers ... those jobs are very much in peril, and those arts will similarly be reduced to middle-of-the-road pablum. It's not like there's any sort of meritocracy now, but at least there's still room at the moment for many real artists to get the occasional book or painting or film out to an audience. That window is going to get much, much smaller, because most of the money will go to producing a flood of auto-crap.

  4. mevets

    Open!

    How much more Open could they be? Conversations and personal anecdotes want to be free!

  5. MOH

    Privacy?

    I haven't made it past the OpenAI sign-up. Which asks for an email address for verification. And then a phone number ... for "verification".

    On a page that is otherwise blank , no links to a privacy policy or even contact details

    I'm obviously not giving my phone number to a company whose entire product is based on mass harvesting of other peoples' content, and who fails to even comprehend basic privacy regulations.

    1. Anonymous Coward
      Anonymous Coward

      Re: Privacy?

      You're in the minority then.

    2. Piro

      Re: Privacy?

      I've never even visited the website. I'm not that curious. I'd rather be left behind.

  6. An_Old_Dog Silver badge
    Headmaster

    Soft-Pedalling the Number of Affected Parties

    Standard CEO-talk uses the phrase, "a small percentage of our customers may have been affected ..." The "5" in "five percent" (for example) is a small number. Five percent of four billion is 200 million, which is not a small number. Just sayin'.

    1. Anonymous Coward
      Anonymous Coward

      Re: Soft-Pedalling the Number of Affected Parties

      At least try and keep on topic - you quoted the statement yourself: "a small percentage".

      You trying to imply an alternative meaning is called "making stuff up".

      What else didn't the article say?

    2. Anonymous Coward
      Anonymous Coward

      Re: Soft-Pedalling the Number of Affected Parties

      Compared to 4 billion, 200 million is quite small.

  7. Zippy´s Sausage Factory
    Coat

    Did they use the BOFH's excuse generator?

    "I'm just writing a press release about a data leak, what's today's excuse?"

    "Hmm..." (checks excuse generator's output for the day) "Says here 'a bug in an open source library'."

    "Great, thanks."

  8. Ken G Silver badge
    Holmes

    "Hallucination"

    I had a great example last week, as part of a search to figure out how to get a particular software package to integrate with a messaging network I asked ChatGPT.

    It gave me step by step instructions how to configure the interface in the settings menu. The only problem was the interface didn't exist. I 'told' it so.

    It insisted the integration was supported according to the software packages home page and documentation. Since I couldn't find anything in those, I asked for the link to the documentation page. It gave them. They didn't exist.

    It's a nice warning on overreliance.

    1. FrogsAndChips Silver badge

      Re: "Hallucination"

      Consider yourself lucky it didn't tell you that you were dead!

      1. Ken G Silver badge
        Facepalm

        Re: "Hallucination"

        Yes, I'd seen that but I could understand it - there are going to be a lot of people with the same name and unstructured datasets are likely to put all the "John Smiths" in the same box, literally if there is an obituary for one, but I can't see where the confusion crept in with a very specific and uniquely named software product. Oh well. No harm done this time and lesson learned.

  9. hoola Silver badge

    Yet more data harvesting

    These wretched companies will continue to harvest data, mostly without user understanding and often no consent.

    It will be matched and continually used to make money.

    The don't appear to give a stuff about what is lost or exposed.

    The regulation is useless, the consequences of breaches and data loss insignificant.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like