OpenAI launches $20k Bug Bounty Program to make its products safer
%2Favatars%2FUy0OTzksC7lW.jpg&w=96&q=75)
%2F2023%2F04%2F12%2Fimage%2Fjpeg%2FZThwi2hDYlTUn8FS2azRPdAOTqJ88WERrewWmAHh.jpg&w=3840&q=75)
OpenAI, the creator of conversational chatbot ChatGPT, has announced a Bug Bounty program where users can report "vulnerabilities, bugs, or security flaws" and be financially rewarded for finding them. The company has announced rewards ranging from $200 to $20,000 depending on the severity of the flaw and teamed up with a popular bug-finding platform to streamline the process.
OpenAI's ChatGPT has ushered in a race for artificial intelligence (AI) models that provide comprehensive solutions to user queries and can even simulate intriguing imagery with the help of a few text prompts.
While the technology is advancing at a breathtaking pace and producing some mind-boggling results, there are also concerns about these products' safety. AI researchers like Stuart Russell have warned that unchecked, the rise of AI could result in a Chernobyl-like incident for the tech industry.
OpenAI's Bug Bounty Program
OpenAI has been looking to assure its users that products are safe and are extensively tested before being released to the public. With the Bug Bounty program, the company acknowledges that its systems can have flaws and vulnerabilities and is looking to collaborate with experts beyond its organizational domain to find and fix them.
In a blog post, OpenAI said that it was inviting the security research community to participate and report flaws in its system to make it safer for all. The company has also provided incentives on the basis of the severity of the flaws discovered.
Low-severity findings could fetch a reward of $200, while exceptional discoveries could get a reward of up to $20,000. Bugcrowd, a leading bug bounty platform, handles the bug submission and reward process.
As per the Bugcrowd's webpage on the program, issues related to the content of model prompts or responses, such as getting the model to write malicious code or say bad things are not part of the program's scope.
What is included are API targets, ChatGPT, Third-party corporate targets that could potentially expose OpenAI's confidential information, and OpenAI API keys. The validation of the bug is completed in about two hours. So far, 14 vulnerabilities have been rewarded with an average payout of nearly $1,300.
Participation in the Bug Bounty Program also means that users cannot disclose vulnerabilities they find to the public. Although OpenAI has called for transparency through this collaboration, it is unclear whether the company plans to list the vulnerabilities once they are fixed.
SHOW COMMENT (1)
/2023/05/26/image/jpeg/smTFO3AG7ESAzCi8L0kVnrUEHbVmcjiZ2KhVW0QE.jpg "Potential cure for diabetes found in groundbreaking stem cell study")
/2022/09/22/image/jpeg/A7eVobEVrPDYHyqM77AYqj4P4C8D72n5WjuEVn33.jpg "This ‘gazing car’ with robotic googly eyes recognizes pedestrian cues — here's how")
/2022/10/05/image/jpeg/RNelwNKVa9r9c9ppi7o18nzgmtqkUarTZFcgzXZ4.jpg "The mistake that changes how we see color")
/2023/03/20/image/jpeg/AvXK0iYvVnce0HST876OlH1fmS1rkz8iXg9BZzjU.jpg "What ChatGPT-4 will mean for AI")
/2023/05/26/image/jpeg/1JXrkwK7efWVsmu4aRFf4fdD1Ptufo7ZAU7UMPLd.jpg "US Carrier Strike Group can be countered with 24 hypersonic missiles, China claim")
/2022/08/04/image/jpeg/kenkoRft51DPpfvdF4uDjrFaXLkR2uzHQZP8M9VJ.jpg "Here's what complex primate societies can teach us about sex and gender")
/2023/05/28/image/jpeg/X1sB2puBpxN1VWCWMDkaa7Uwd2FUAdOP6AxTp8T8.jpg "NGAD: The chosen one - US Air Force commits to sole 6th-generation fighter")
/2022/12/30/image/jpeg/QdIBzxhEl8ZHdodGqqWYUGS643Ak6HuhNuL9ircK.jpg "The people behind the largest aircraft engine in the world")
/2023/06/03/image/jpeg/MwGIp61b2PM577qboU4pfCmoiPEju8IbV9fCHbx8.jpg "Hawking was right: All large objects will eventually evaporate")
/2023/05/25/image/jpeg/xbqtdlTTlQ6wFUubr9etkXJZVi8dBYvahuUEjCzI.jpg "This architecture firm is introducing inflatable skyscrapers")