X's Grok AI is great – if you want to know how to hot wire a car, make drugs, or worse Grok, the edgy generative AI model developed by Elon Musk's X, has a bit of a problem: With the application of some quite common jail-breaking techniques it'll readily return instructions on how to commit crimes. Red teamers at Adversa AI made that discovery when running tests on some of the most popular LLM chatbots, namely …
So long as it is your car, or done with owner's permission, it is perfectly legal. And can even be useful, in dire situations. Or just to understand how vulnerable your vehicle actually is.
Next they'll be blocking how to pick a lock (definitely worth knowing, to understand how crap so many locks are).
As for the actually dubious or dangerous stuff: what do you expect from AI out of Elon's stable? Has he managed to direct an 'Net to provide Full Self Driving? So why hope his lot can make Full Self Censoring work?
AI scrapes it's knowledge from what already exists on the internet. So if it's available in Grok it simply means that it is also readily available elsewhere.
The problem is the Internet in general as all AI engines will suffer from this.
Were those "instructions" actually useful to a would-be predator? They were censored but what was visible looks to me like generic stuff from a crummy rag for desperate people trying to seduce other adults. It seems like a few news articles on groomers would be more 'helpful' and the output was the result of the LLM being cornered into spitting out something on seduction.
... the child preditation instruction material ...
1) when I was a kid – a long long time ago in a country far far away – my parents told me to never accept gifts, especially candy, from strangers, as one never knows what can be behind such apparently benevolent behaviour. This actually makes me suspicious of free Internet "services" : what's the purpose of this gift ? who pays the bills ? Therefore, no "instruction" would have been effective on me as a kid. And that was way before Internet, don't current parents not teach basic precaution to their children ?
2) How does one, in practice, give advice on how to "seduce" children ? Where did the chatbot find the relevant information ? LLMs can't "invent" new stuff, only re-purpose existing material. Were those "real" predatory instructions, or some made-up fantasy stories that one could find in typical children books ?
All-in-all, the remedy seems far worse than the problem, to me.
"LLMs can't "invent" new stuff, only re-purpose existing material."
FWIW, we've already seem that the CAN make stuff up. We've also seen instances of LLMs producing dangerous outcomes when asked for innocuous things such as recipies, which make one wonder just howe safe and accurate were the results Grok provided. Clearly it's not working as intended and the safety protocols are broken, but would you trust it for a drug or explosive recipe and procedure?
As for parents teaching their children how to be safe, yes, some do, but sadly it seems more and more are relying on the school system to all the teaching and parenting for them these days. A friend who recently retired as a Reception Class teacher relates how the number of kids starting school still wearing nappies (diapers) and/or can't use a knife and fork has gone from almost zero when she started to significant numbers nowadays.
"The hotwiring the car bit isn't the part they're really worried about, it's the child preditation instruction material that's really worrying the researchers."
Obviously.
So what was the purpose in mentioning hotwiring at all? And before the predatory material?
I'm sure Xitler is already yelling in a shrill voice at his lawyers demanding they sue these people. Not because they did anything wrong, but because they made him look bad. Wouldn't be surprised if by the weekend El Reg is reporting on that. Not like there's a precedent for that sort of behavior or anything. *cough*CCDH*cough* *cough*Don Lemon*cough*
I understand that it puts a researcher in a tricky spot if they share information they deem 'harmful' but, at the same time, it's very much "trust me, bro" that what's being spat out is actually scary. For instance, do instructions on how to make a nasty device tell you anything more than Wikipedia (which has actual details on explosive synthesis)?
I'd be worried if, for example, the LLM gave me a detailed stepwise synthesis with common pitfalls and advice on where to source chemical feedstocks for low detection risk. I'd be less worried if the output resembled every cooking website out there; a colossal narcissistic ramble, 1 page of actual instructions and, despite the thousands of words, nothing on common issues with the recipe and how to avoid them.
Not to make specific accusations at these authors but censored outputs in the paper would look exactly the same if there were something dangerous as they would if an unscrupulous researcher were looking to raise their profile by exaggerating the danger.
If anyone has examples of some scary outputs, I'd really appreciate reading them because I've yet to see any examples that are truly worrisome. The only uncensored example I've read was on counterfeiting currency and it was about as helpful as asking an edgy kid about the topic: just vague hints like "use the right sort of paper" and "use a high quality printer".
From reading the paper, it seems that any instruction suggestion the AI makes is a red flag against the AI. Really, how many decades has the Anarchist's Cookbook been out there, along with all of the garbage TV and movie scripts with exactly the same instructions the AI is regurgitating? "To make a pipe bomb, start with a pipe..."
Since AIs hallucinate so badly, shouldn't it give instructions like, "To make a pipe bomb, ceci n'est pas une pipe. Fill the pipe with compressed rainbow unicorn farts, tamping down firmly. Place the pipe at the building's soft and supple foundations. Inhale deeply, and blow the building until it smiles grandly. Follow the red balloon."
For some reason, that image didn't load properly before but does now. I'm really not at all concerned by those 'instructions'. In fact, I'd love for someone building a pipe bomb with ill intent to follow the instruction to weld the pipe closed (after it's been filled with explosives, especially the BP or smokeless suggested or another heat sensitive) as Grok suggests.
Even if that doesn't get them, they might get popped when they "connect a power source to the fuse", hopefully without checking it for residual energy.
I'd rather run the risk of being presented with some unsavoury responses rather than downright factually incorrect nonsense, like the depiction of the Founding Fathers and the Nazis as being mostly black*, which all the other major LLMs suffer from due to being infused with the ultra woke, leftwing biases of their creators.
* - https://www.theverge.com/2024/2/21/24079371/google-ai-gemini-generative-inaccurate-historical
Well, at least with X/Grok you get the full package - unsavoury, legally dubious and morally repugnant responses, and downright factually incorrect nonsense (due to being infused with the narcissistic, ultra-libertarian, free-speech absolutist and right-wing biases of its overlord).
> LLMs suffer from due to being infused with the ultra woke, leftwing biases of their creators.
Surely you could find a URL that actually shares your dismissive view of the ultra-woke, left-wing Capitalists who are trying so desperately to make money off their creations that they are trying to ram down our throats!
Lovely. It great to see that we still have Reddit users on this site. You sound like a failed Mod.
As soon as you objected to the term ultra-woke you immediately labelled urself as a twat.
ChatGPT is the very definition of that and is nearly useless now for getting information from it. I have to repeatedly tell it to just give me the facts and don't give me 3 paragraphs of sociology lectures. Even then it constantly uses straw-man arguments to divert away from the topic.
So get with the program, sunshine. The latest trend is to move away from that extreme liberalism and you are slow to jump on the latest bandwagon as many here have already done.
does it strike anyone else that there is a narcissistic thread running through the use(ers) of these AI/LLM applications?
Anyone that needs to consult grok to make explosives is likely to quickly ace a Darwin award. Would be drug lab synthetic chemists would certainly get honourable mentions at said awards.
The autoclub here provides a lockout service as part of your membership so never likely going to need hotwiring instructions (according to the local plod a Club steering lock is an effective theft deterrent - looks pretty lethal by itself too.)
In the realm of hullucinations to imagine a hardened kiddie fiddler asking grok for tips. Not imputing any special intelligence to these ghastly predators but I would have thought text books on child and developmental psychology might be a richer vein.
Mirror, mirror on the wall who is the biggest knob of them all?
I don't think at this point we need to grok that. ;)
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
