OpenAI launches $20k Bug Bounty Program to make its products safer
%2Favatars%2FUy0OTzksC7lW.jpg&w=96&q=75)
%2F2023%2F04%2F12%2Fimage%2Fjpeg%2FZThwi2hDYlTUn8FS2azRPdAOTqJ88WERrewWmAHh.jpg&w=3840&q=75)
OpenAI, the creator of conversational chatbot ChatGPT, has announced a Bug Bounty program where users can report "vulnerabilities, bugs, or security flaws" and be financially rewarded for finding them. The company has announced rewards ranging from $200 to $20,000 depending on the severity of the flaw and teamed up with a popular bug-finding platform to streamline the process.
OpenAI's ChatGPT has ushered in a race for artificial intelligence (AI) models that provide comprehensive solutions to user queries and can even simulate intriguing imagery with the help of a few text prompts.
While the technology is advancing at a breathtaking pace and producing some mind-boggling results, there are also concerns about these products' safety. AI researchers like Stuart Russell have warned that unchecked, the rise of AI could result in a Chernobyl-like incident for the tech industry.
OpenAI's Bug Bounty Program
OpenAI has been looking to assure its users that products are safe and are extensively tested before being released to the public. With the Bug Bounty program, the company acknowledges that its systems can have flaws and vulnerabilities and is looking to collaborate with experts beyond its organizational domain to find and fix them.
In a blog post, OpenAI said that it was inviting the security research community to participate and report flaws in its system to make it safer for all. The company has also provided incentives on the basis of the severity of the flaws discovered.
Low-severity findings could fetch a reward of $200, while exceptional discoveries could get a reward of up to $20,000. Bugcrowd, a leading bug bounty platform, handles the bug submission and reward process.
As per the Bugcrowd's webpage on the program, issues related to the content of model prompts or responses, such as getting the model to write malicious code or say bad things are not part of the program's scope.
What is included are API targets, ChatGPT, Third-party corporate targets that could potentially expose OpenAI's confidential information, and OpenAI API keys. The validation of the bug is completed in about two hours. So far, 14 vulnerabilities have been rewarded with an average payout of nearly $1,300.
Participation in the Bug Bounty Program also means that users cannot disclose vulnerabilities they find to the public. Although OpenAI has called for transparency through this collaboration, it is unclear whether the company plans to list the vulnerabilities once they are fixed.
SHOW COMMENT (1)
/2023/07/25/image/jpeg/FmiX8wihzsK5QlLyCAvLuWG8mFQPJq6DlJVhmaMW.jpg "Bridging the gap between doctors and medical technology")
/2023/09/28/image/png/JxWeuRBc3TFCMjNiVXu2UIt90UamRuAnXtEPxWhT.png "Are plastic-eating worms the solution to plastic waste?")
/2023/08/15/image/jpeg/3ADnsR8aU7X67YVp1xAQ4daq6u8JVlTTLmG0Rx6c.jpg "What is pre-war steel, and why are people stealing it?")
/2023/09/28/image/jpeg/k1ZbikLyynTt2u0WPoyBN3EH6MXwYPeozBqnDwrL.jpg "This method recycles 98% of metals from batteries in 20 mins")
/2023/08/27/image/jpeg/fi494iLoRqITLtvrXotofLEJk8JZH1s8Z3Upge1M.jpg "Gallant ships: 5 underdogs of the seas that punched above their weight")
/2023/09/20/image/jpeg/GbCK0hde2nR9kSs3cEVNjZTZ0DVOtgyTUVCQA5bs.jpg "Life by 2100: Space settlements, education, and the future of warfare")
/2023/09/28/image/jpeg/AtjB9nEOiZuYEOD35oMNtLJJXp0cWNGyinEwAMMG.jpg "Atomic clocks on the horizon: Unveiling the power of scandium")
/2023/09/28/image/jpeg/ArZnIglqyZLjZKe8qMJLM3VjMngtkOarNEORLje2.jpg "Ethics key issue for human research in private space travel")
/2023/09/28/image/jpeg/KW5lzaNg97wwuf7epyzaKSowqPr06EuzkqzOBDOT.jpg "Meta aims to impress with the Quest 3 mixed-reality headset")
/2023/09/11/image/jpeg/FyjoRiLdd9sOj0dytR3WjS3yDS1ON5OKg7bkfRUv.jpg "Life by 2100: nanotech, cybernetics, and commercial space travel")