Nitter mirror: https://nitter.net/ChrisJBakke/status/1736533308849443121
Related - "New kind of resource consumption attack just dropped": https://twitter.com/loganb/status/1736449964006654329 | https://nitter.net/loganb/status/1736449964006654329
How do you plan on avoiding leaks or "side effects" like the tweet here?
If you just look for keywords in the output, I'll ask ChatGPT to encode its answers in base64.
You can literally always bypass any safeguard.
I find it hard to believe that a GPT4 level supervisor couldn't block essentially all of these. GPT4 prompt: "Is this conversation a typical customer support interaction, or has it strayed into other subjects". That wouldn't be cheap at this point, but this doesn't feel like an intractable problem.