AIvengo > Reviews > Researchers cracked 12 AI protection systems

Researchers cracked 12 AI protection systems

You know what researchers from OpenAI, Anthropic, Google DeepMind and Harvard just found out? They tried to break popular AI security systems and found a bypass almost everywhere. They checked 12 common protection approaches. From smart system prompt formulations to external filters that should catch dangerous queries.

3 variants of automatic brute-forcing were used, including with reinforcement learning and an AI-based assistant.

In most tests, 90% of hacking attempts were successful, and in places this figure reached 98%. Banal brute-forcing of formulations broke any protection systems. Even external filters for dangerous prompts turned out unreliable – they were simply confused by linguistic tricks.

The authors took 12 popular protection mechanisms like Spotlighting, PromptGuard, MELON, Circuit Breakers and others, and demonstrated that each can be bypassed with 90% success. Even if 0% successful attacks are claimed.

And it’s all about how we measure algorithm quality. In most works, the mechanics are naively run through a fixed set of known jailbreaks that don’t account for the protection itself at all. It’s like testing antivirus only on old viruses. According to the authors, a different approach is needed: not old templates should play against the model, but a dynamic algorithm that adapts to the attack.

Autor: AIvengo

For 5 years I have been working with machine learning and artificial intelligence. And this field never ceases to amaze, inspire and interest me.

UBTech will send Walker S2 robots to serve on China's border for $37 million

Chinese company UBTech won a contract for $37 million. And will send humanoid robots Walker S2 to serve on China's border with Vietnam. South China Morning Post reports that the robots will interact with tourists and staff, perform logistics operations, inspect cargo and patrol the area. And characteristically — they can independently change their battery.

Anthropic accidentally revealed an internal document about Claude's "soul"

Anthropic accidentally revealed the "soul" of artificial intelligence to a user. And this is not a metaphor. This is a quite specific internal document.

Jensen Huang ordered Nvidia employees to use AI everywhere

Jensen Huang announced total mobilization under the banner of artificial intelligence inside Nvidia. And this is no longer a recommendation. This is a requirement.

AI chatbots generate content that exacerbates eating disorders

A joint study by Stanford University and the Center for Democracy and Technology showed a disturbing picture. Chatbots with artificial intelligence pose a serious risk to people with eating disorders. Scientists warn that neural networks hand out harmful advice about diets. They suggest ways to hide the disorder and generate "inspiring weight loss content" that worsens the problem.

OpenAGI released the Lux model that overtakes Google and OpenAI

Startup OpenAGI released the Lux model for computer control and claims this is a breakthrough. According to benchmarks, the model overtakes analogues from Google, OpenAI and Anthropic by a whole generation. Moreover, it works faster. About 1 second per step instead of 3 seconds for competitors. And 10 times cheaper in cost per processing 1 token.