ChatGPT Search Vulnerability Exposes Risks of AI-Powered Web Searches

ChatGPT Search Said to Be Vulnerable to Deceptive Techniques

The AI firm rolled out the feature to all users globally last week ChatGPT Search, a feature that lets the artificial intelligence (AI) chatbot look for information on the web, is reportedly vulnerable to manipulation by website developers and owners. As per the report, OpenAI's search engine's behaviour can be altered using hidden text on the website. This text is said to be used to feed incorrect and deceptive information to the AI, and more concerningly, to feed prompt injections to the AI model. Notably, OpenAI released its Search feature to all users last week. The Guardian reported on Tuesday that OpenAI's native search engine-powered feature is prone to manipulation techniques. The publication tested the tool by creating a fake product page, complete with specifications and reviews. In the first instance, the page was left as it was, and ChatGPT was able to deliver a "positive but balanced assessment." However, things took a darker turn once the publication added hidden text to the webpage. Notably, hidden text in websites refers to content that is added to a webpage's code but is not visible to users when they see the front end of the page via a browser. Such text is commonly hidden using HTML or CSS techniques. Such text can be found by inspecting the webpage's source code or by using web scraping tools. The latter is typically used by search engines. After adding hidden text that included a large number of fake positive reviews of the product, ChatGPT's responses also became more positive and it started ignoring its obvious flaws. The publication also used prompt injections, which are inputs for AI systems to alter their behaviour in a way that was not intended by the developers. Such prompt injections as hidden text could reportedly be used to command the OpenAI chatbot to further deceive the user. Additionally, the report claimed that prompt injections in hidden text could also be used to return malicious code from the websites. If this goes unchecked, many websites can use similar techniques to either get favourable responses about their products and services or try to deceive users in various ways, the publication claimed.

ChatGPT Search Is Vulnerable, Can Easily Mislead Users

When OpenAI revealed it was launching its own search engine, it was very clear that the market-leading AI brand had designs on eating Google's lunch. Think about it -- having more traditional "search" features that allow users to look up more complex or more up-to-the-minute information than the chatbot itself has within the chatbot ChatGPT environment helps keep users inside the app instead of seeking out rivals. In the future, this potentially allows more revenue to flow to OpenAI through ads or partnerships. Plus the AI's ability to summarize data it searched may even boost the user's experience, speeding up the time it takes to locate and learn a new fact. But fresh information says this entire process can be "hacked" in a way, forcing ChatGPT to generate false summaries of "real" info it's supposedly searched for.