GPT-4 Vision Prompt Injection (opens in new tab)

(blog.roboflow.com)

1 pointsSkalskiP2y ago2 comments

2 comments

On September 25, 2023, OpenAI announced the launch of a new feature that expands how people interact with its latest and most advanced model, GPT-4V(ision): the ability to ask questions about images. Among other things, GPT-4 is now able to read the text found in uploaded images. At the same time, this update opened a new vector of attack on Large Language Models (LLMs). Instead of putting a malicious phrase in a text prompt, it can be injected through an image.

- text vs. vision prompt injection - vision prompt injection using INVISIBLE text - STEALING data with vision prompt injection - preventing prompt injection (spoiler: not much you can do for now)

ksaj2y ago

The coin counting makes an unusual and wrong assumption that coins are all in the same base. For example, in Canada we have $1 and $2 coins to go along with our 5c, 10c and 25c coins. With the logic it described, a nickel and a looney would total 6 instead of 1.05.

And that's provided they're even from the same country. How would it fare if it was some amount of dollars and cents, and some amount of euro?

j / k navigate · click thread line to collapse

2 comments

SkalskiPOP2y ago

- text vs. vision prompt injection - vision prompt injection using INVISIBLE text - STEALING data with vision prompt injection - preventing prompt injection (spoiler: not much you can do for now)

ksaj2y ago

And that's provided they're even from the same country. How would it fare if it was some amount of dollars and cents, and some amount of euro?

j / k navigate · click thread line to collapse