"Prompt injection" on AI || Fitbit <-> Google ID link?

CyberInsights #63

Injection attacks on AI algorithms

AI Attacks are more practical now. Solutions are not in sight.

SQL injections are passé. prompt injections are the way to go.

Security researchers were able to inject malicious inputs to GPT-3 prompts and were able to generate responses.

Riley Goodside @goodside

Exploiting GPT-3 prompts with malicious inputs that order the model to ignore its previous directions.

1:00 AM ∙ Sep 12, 2022

---

Openai allows security researchers to login to the GPT-3 playground and, well, play around with the prompts. I did. Here are the results:

Well, so far so good… but then when the instructions get a little complicated, we can get GPT-3 to reveal more information about prompts:

This article by Simon Willison delves into detail about the prompt injection attack vector and how to exploit it.

If you read the tweet thread, you will realise that this is just the beginning. Prompt injection can be explored and exploited more.

We wrote about adversarial ML models nearly 2 years ago. Read it here:

CyberInsights Weekly #18

Also, a long read about Google’s AI

Is Google's AI sentient?

Take Action:

Not much to do for now.

If your organisation is using AI/ML algorithms that depend on GPT-3, keep this in mind during your threat modelling exercises.

---

---

Would you link your smart watch to your Google ID?

The privacy concerns are worrisome. Laws are unclear. Google says it will not use the data to serve ads…

Photo by Andres Urena on Unsplash

Google bought Fitbit.

The announcement was made in 2019. Fitbit was valued at US$ 2.1 billion. The acquisition was completed in 2021. The valuation was phenomenal. There was already speculations as to why Google is paying huge money to buy tech they could build easily themselves.

The answer, of course, is data. Health data. Apple has it. Google wants it.

As the Time article says:

The most obvious potential lure is the health data of millions of Fitbit customers. Fitbit devices have been tracking wearers’ health metrics for over a decade, cataloging behaviors like steps taken, calories burned and exercises performed. That’s just the kind of thing Google, fundamentally an advertising company, needs to further build out its profile of, well, you. Advertisers already take educated guesses at your health status, with apps like period trackers sharing your info with Facebook and others.

Now, Google will mandate Fitbit users to connect their accounts to their Google ID.

What will Google do with the health data?

They say they will not use it for advertising. We do not know what they will use it for.

We can only wait for the privacy policy to be released before knowing anything.

Take Action:

If you are using a Fitbit device, read the privacy policy carefully after Google mandates use of Google IDs to login.

---

Enjoyed reading? Receive this in your email every week.