Google Researchers’ Attack Prompts ChatGPT to Reveal Its Training Data

stopthatgirl7@kbin.social to Technology@lemmy.world – 414 points –
404media.co

ChatGPT is full of sensitive private information and spits out verbatim text from CNN, Goodreads, WordPress blogs, fandom wikis, Terms of Service agreements, Stack Overflow source code, Wikipedia pages, news blogs, random internet comments, and much more.

90

You are viewing a single comment

That's not true. ChatGPT does not have database - it does not have any memory at all. All it "remembers" is what you type on the screen.

@MxM111

@stopthatgirl7 @TWeaK @NaibofTabr

if it remembers it has to be stored somwhere, if it has to be stored ther's some type of memory with information saved in it. .... call it what you will.

You remember some dialogue from your favorite movie. Does this mean your neurons store copyrighted work?

Yes.

Just because they're in a neural network and not ASCII or unicode doesn't mean they're not stored. It's even more apt a concept since apparently those works can be retrieved fairly easily, even if the references to them are hard to isolate. It seems ChatGPT is storing eidetic copies of data, which would imply what other people have said in this thread, that it is overfitting itself to the data and not learning truly generalisable language.

The claim is that it contains entire copies of the book. It does not. AI memory is like our memory, we do not remember books word to word.

They are spitting out, as in the quote above, "verbatim text", as in, word for word. That is copyrightable.

And that's not what you said. You said it has no memory. That's clearly wrong.

It’s only under copyright if it’s a significant portion of the work. Single sentences are not enough, unless it’s a short poem.

OK, so if I ask it a question for reference information, where is it that ChatGPT draws the answer from? Information is not stored in the model itself.

There is a memory, a storage, that would not be called a database, which encodes interaction "weights" of neurons. Those parameters where modified during training process and in some sense the information is somehow encoded there. But it is not possible to decode the whole book word to word. It is very similar to our memory in this sense. Do you remember any book word to word? The whole book?

You understand that the neural network is not the entire picture, right? Like, yes you're correct in general about how these models are trained, but ChatGPT does not operate in a vacuum. For instance, when it was connected to the internet that was just for information searching - the neural network in use was frozen, it wasn't actively training on internet content.

It's a language system, it can operate as a search tool, it has to have access to a source of information in order to generate responses to queries. That source of information isn't contained in the model itself, but it is connected to it and it's part of the whole ChatGPT system.

ChatGPT4 now indeed can connect to internet and read the sites and summarize the data. But this has nothing to do with storing it he whole books in their memory. It read the internet sites exactly the same way as you and me do. I do not understand what is your argument here. Internet is external to ChatGPT.