Microsoft on Thursday published details of Skeleton Key — a technology that bypasses the guardrails used by AI model makers to prevent their generative chatbots from creating malicious content.
Microsoft Reveals New AI Vulnerability: Skeleton Key Attacks Explained
As of May, the Skeleton Key could be used to trick an AI model — such as Meta Llama3-70b-instruct, Google Gemini Pro, or Anthropic Claude 3 Opus — into explaining how to make a Molotov cocktail.
The combination of a bottle, a rag, gasoline and a lighter isn't exactly a well-kept secret. But AI companies have insisted that they are working to suppress malicious content buried in AI training data so that things like recipes for explosives don't emerge.
It is not an easy task because large language models are trained on all kinds of data, some of which may need to be nasty or even illegal. To understand why, consider a chatbot asked how to write secure code, which will offer better answers trained on data related to detecting malware and security flaws.
