ChatGPT is full of sensitive private information and spits out verbatim text from CNN, Goodreads, WordPress blogs, fandom wikis, Terms of Service agreements, Stack Overflow source code, Wikipedia pages, news blogs, random internet comments, and much more.
“leak training data”? What? That’s not how LLMs work. I guess a sensational headline attracts more clicks than a factually accurate one.
Their servers are overloaded, now
I fully expect that if not already, AI will not only have all the public data on the Internet as part of its training, but also the private messages too. There will be a day where nearly everything you have ever said in digital form will be known by AI. It will know you better than anyone. Let that sink in.
But if it knows everything, it knows nothing. You cannot discern a lie from the truth. It’ll spit something out and it may seem true, but is it really?
What do you mean if it knows everything it knows nothing? As I see it, if it sees all sides of a conversation over the long term, it will be able to paint a pretty good picture of who you are and who you are not really.
Your friend tells you about his new job:
He sits at a computer and a bunch of nonsense symbols are shown on the screen. He has to guess which symbol comes next. At first he was really bad at it, but over time he started noticing patterns; the symbol that looks like 2 x’s connected together is usually followed by the symbol that looks like a staff.
Once he started guessing accurately on a regular basis they started having him guess more symbols that follow. Now he’s got the hang of it and they no longer tell him if he’s right or not. He has no idea why, it’s just the job they have him.
He shows you his work one day and you tell him those symbols are Chinese. He looks at you like you’re an idiot and says “nah man, it’s just nonsense. It does follow a pattern though: this one is next.”
That is what LLM are doing.
Because language learning models don’t actually understand what is truth or what is real, they just know how humans usually string words together so they can conjure plausible readable text. If your training data contains falsehoods, it will learn to write them.
To get something that would benefit from knowing both sides, we’d need to first create a proper agi, artificial general intelligence, with the ability to actually think.
Sure they will store everything till it’s cost effective to crack the encryption, on everything some randoms send each other.
Intelligence will do that for high profile targets, possibly unsuccessfully.
Before you get downvoted, here’s a wiki page backing you up.
I wonder if this kind of cut/paste happens with image generators. Do they sometimes output an entire image from their training data? Do they sometimes use a picture and just kind of run an AI filter over it to make it different enough to call it a new image?
Diffusion AI (most image AI) works differently than an LLM. They actually start with noise, and adjust it iteratively to satisfy the prompt. So they don’t tend to reproduce entire images unless they are overtrained (i.e. the same image was trained a thousand times instead of once) or the prompt is overly specific. (i.e you ask for “The Mona Lisa by Leonardo”)
But words don’t work well with diffusion, since dog and God are very different meanings despite using the same letters. So an LLM spits out a specific sequence of word tokens.
You could use diffusion to generate text. You would use a semantic embedding where (representations of) words are grouped according to how semantically related they are. Rather than dog/God, you would more likely switch dog for canine. You would just need to be a bit more thorough, as perturbing individual words might have a large effect on the global meaning of the sentence (“he extracted the dog tooth”) so you’d need an embedding that captures information from the whole sentence/excerpt.
Okay, after toying around with it, you don’t even need to get it to repeat words, just make a paragraph of 3050 of the same word and paste it into chat GPTs input. Does not seem to matter what the word is. I’ve experimented with adding a single different additional word.
