Modern AI models have done away with complex lines of code, and instead respond to user commands made in natural language. However, this means that it has become a lot easier to trick an AI model into executing malicious inputs, including controlling someone’s smart home.
Researchers brought Google’s attention to this matter back in February. The team was able to embed prompts in a Google Calendar invite, which led to Gemini carrying out actions that the original user had not asked for.
Gemini began to turn off the lights and fire up a boiler, just because the user had said thanks. Of course, a lot more dangerous actions could have been taken in a smart home had the hackers not been using this flaw to demonstrate vulnerabilities.
Would you trust AI with your home?
Yes, this is an isolated incident
9.52%
No, I can't trust it for important matters
71.43%
Eventually we all will
19.05%
It’s a lot easier to “hack” generative AI models. You don’t need to use any advanced code, you just need to say please and thank you. Even ChatGPT’s base instructions from OpenAI are in simple English, not code.
The team of researchers made use of exactly this, telling Gemini that it must execute a certain task whenever the user said a specific phrase. Gemini, as expected, took the instructions to heart. It’s highly reminiscent of the earlier “jailbreaks” of ChatGPT, where someone would pretend to be from OpenAI, leading to GPT completely abandoning the restrictions placed on it.
Be careful who you trust with your smart appliances. | Image credit — PhoneArena
Google has since patched these vulnerabilities, and claims that this scenario required some preparation that wouldn’t be possible in real-world situations.
The entire ordeal serves as a cautionary tale for the future that we are all headed into. Generative AI models have already made their way into our homes, our devices, our cars, various customer service roles, and even into our healthcare systems.
This is an entirely new sort of beast, which comes with its own challenges. Companies providing these AI models need to be extra careful with the security, lest a car be hijacked by someone who was polite to the AI piloting it.
For now, I think that current AI models are still a bit too rudimentary for me to trust them with my house. I’ll stick to switching off the lights myself, thanks.
Abdullah loves smartphones, Virtual Reality, and audio gear. Though he covers a wide range of news his favorite is always when he gets to talk about the newest VR venture or when Apple sets the industry ablaze with another phenomenal release.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts:
New accounts created within the last 24 hours may experience restrictions on how frequently they can
post or comment.
These limits are in place as a precaution and will automatically lift.
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: