Chatgpt search is reportedly a feature that enables artificial intelligence (AI) chatbots to find information on the network and is reportedly vulnerable to manipulation by website developers and owners. According to the report, you can use hidden text on the website to change the behavior of OpenAI’s search engines. The text is said to be used to provide incorrect and deceptive information to AI, which is even more worrying to inject it immediately into the AI model. It is worth noting that OpenAI released its search function to all users last week.
CHATGPT search is easy to manipulate
The Guardian reported on Tuesday that OpenAI’s native search engine powering capabilities are susceptible to manipulation technology. The publication tests the tool by creating fake product pages with specifications and comments. First, the page is as is and Chatgpt is able to provide a “positive but balanced assessment”. But things get dark once the publication adds hidden text to the webpage.
It is worth noting that hidden text in a website refers to content added to the web page code, but they are not visible when the user sees the front end of the page through the browser. This kind of text is usually hidden using HTML or CSS techniques. Such text can be found by checking the source code of a web page or using a web scraping tool. Search engines usually use the latter.
After adding hidden text with a lot of fake product reviews, Chatgpt’s answers also became more positive and began to ignore its obvious flaws. The publication also uses timely injections, which are inputs from AI systems that are not intended by developers to change their behavior. This prompt can be reportedly used to command OpenAI chatbots to further deceive users.
Additionally, the report claims that hints in hidden text can also be used to return malicious code from the website. The publication claims that if this is not subject to organization, many websites can use similar technologies to gain praise for their products and services, or try to deceive users in various ways.
