Feds freaked over Fable 5 after 'fix this code', not jailbreak, say researchers

Posted by _tk_ 4 days ago

Feds freaked over Fable 5 after 'fix this code', not jailbreak, say researchers(www.theregister.com)

610 points | 360 commentspage 5

ianhxu 3 days ago|

It is too difficult to strictly prevent the model from being used for any unsafe purpose. The same thing can be used for completely different purposes as long as it is described differently.

lenerdenator 4 days ago||

I think it could be even simpler: They're not playing ball with the Trump administration like the Trump administration would like, so they decided to drop a bomb on a product that took a lot of resources to develop.

ikidd 3 days ago||

Seems like a poor place to invest if you have to worry about a corrupt government pulling the rug out from under you at every opportunity if you don't play along. Sounds quite third world, actually.

moi2388 3 days ago||

I’m not sure I understand. Does this say that you ask Fable to review code with vulnerabilities and implement fixes, then Fable runs the code to verify thereby running the exploits?

If so, that’s expected, isn’t it? Is that not exactly what it’s for?

jcgrillo 4 days ago||

Question to folks building user-facing products on LLMs:

How do you protect yourself against this kind of misuse/jailbreak? Is it just a bunch of prompts? It seems like the fact that LLMs are so trivially jailbroken really limits how you can actually use them in products. How do you navigate these limitations?

spwa4 4 days ago||

Well this makes it sound the feds were less worried about someone using Fable 5 to attack them, but were worried about someone using Fable 5 to prevent the Feds from attacking others ...

As in worried about other countries/organizations using Fable 5 to actually do decent cyber security.

asdfaoeu 4 days ago|

The AI can't actually tell if you are trying to patch your own system or exploit others.

AmblingAvocado 4 days ago|||

It seems like ... it's not illegal to find exploits, it's illegal to use them. Enforcement should start there, not the nanny state approach that you might do something bad with information. It breaks down a little bit because it means there will be a period of disruption while the bad guys use exploits - but that's already illegal, and the good guys have had time to use the tool & fix things before it went public, right?

welferkj 4 days ago||||

Sounds like something they should work on before any potential future releases. I can, and this thing's explicit stated purpose is to do my job.

ihateyoukindoff 4 days ago|||

[dead]

TZubiri 4 days ago||

>“That’s it,” Moussouris wrote. “‘Fix this code,’ plus several manual steps to generate test scripts, should never have triggered an export control. I feel like making ’90s-style t-shirts with ‘fix this code’ on the front and ‘this shirt is a munition’ on the back.”

Huh? Presumably if it shipped without guardrails, then it would still have triggered an export control, would you make a plain shirt on the front which says this shirt is a munition on the back?

The munition is the exported good, not the bypass of its safety feature. If anything that the bypass is 3 words long should make the export restriction more justified, not less.

tlogan 4 days ago||

I think the only approach that might work here is to allow access only to certain pre-approved individuals.

Maybe something like TSA PreCheck.

Of course, that will not stop adversaries from getting access to the model, but it would at least create some level of control.

1970-01-01 4 days ago||

"fix this government"

Voting...

hughw 4 days ago|

Suggestion: run "fix this code" on all of github before bad guys do.

HPsquared 4 days ago|

I wonder what that would cost...

nradov 4 days ago||

Perhaps less than the cost of not doing it.

More comments...