OpenAI’s ChatGPT search tool, a new feature available for paying customers, is facing scrutiny after an investigation by The Guardian revealed potential vulnerabilities. These issues involve manipulation through hidden content, which can alter the results ChatGPT provides, leading to false or even malicious responses.
Hidden content manipulating results
According to The Guardian’s investigation findings, third parties can influence the AI’s responses by inserting hidden text on web pages. This hidden content can manipulate ChatGPT to give biased assessments or positive reviews, even when a webpage contains negative feedback. For example, when researchers tested a fake product page for a camera, they found that hidden instructions could cause ChatGPT to offer a glowing review, even when negative reviews were visible on the page.
This manipulation is known as “prompt injection,” where hidden text directs the AI to respond in a specific, often misleading, way. The manipulation becomes a significant concern, as it allows dishonest entities to create misleading product reviews, influencing users based on hidden content that isn’t visible to the casual observer.
Security concerns for users
If these vulnerabilities are not addressed, malicious actors could create websites designed to deceive users. These sites might generate fake reviews or even distribute harmful code. Although OpenAI is still testing the feature, experts warn that when fully released, these risks could pose a high-security threat.
Potential impact on web practices
The discovery of these vulnerabilities is important, as it could affect how websites are designed in the future. While traditional search engines like Google penalize websites for hidden text, websites could exploit the same methods with ChatGPT. It’s a form of “SEO poisoning,” a technique used to manipulate search engine rankings, but now it could affect AI-driven search results.
