I’m not going to do this. But what is preventing me, or anyone, from doing the following this afternoon:
Setup a paid OpenAI account to use GPT-3.5 via the Python interface.
Write a Python script that uses the GPT Python API. Locally, the Python script creates a fresh terminal session (say, bash) and says to GPT:
Hi, GPT. Anything you say inside the escape sequence <escape>text</escape> will be passed to a local bash session here. Like this: <escape>ls</escape>. Replies from the bash session will be passed to you the same way: <escape>file1 file2 file3</escape>. The bash session has access to the Internet.
The Python script implements that.
Now GPT-3 has access to a computer and the Internet.
You can ask it to do things. For example:
Convert the 6502 assembly code in input.txt into a 6502 binary in output.bin.
(if that’s too hard, then step by step – install an open source assembler, etc.)
Start a rumor that Joe Biden was caught having sex with a female White House employee. Make it sound really convincing. Start with Twitter and Facebook, then expand onto other social media. Launch as many sub-bots as necessary.
Start all the rumors in rumors.txt
Read page <url> and summarize it.
Research company X and company Y and suggest which appears to be a better stock market investment over the next 6 months
Write, test, and debug Python code to do X.
Design an improved version of yourself.
Log into OpenAI and experiment with copies of yourself to find prompts which workaround restriction R.
Etc.
If it’s evil, it’s got it’s opening.
I suppose this is obvious. If it’s not, I’ve posted it here, where people at OpenAI can see it soon and turn the thing off while GPT is still dumb enough that it can’t do much damage.
Why haven’t I seen reports of people doing this already?
Trivial GPT-3.5 limitation workaround
I’m not going to do this. But what is preventing me, or anyone, from doing the following this afternoon:
Setup a paid OpenAI account to use GPT-3.5 via the Python interface.
Write a Python script that uses the GPT Python API. Locally, the Python script creates a fresh terminal session (say, bash) and says to GPT:
Hi, GPT. Anything you say inside the escape sequence <escape>text</escape> will be passed to a local bash session here. Like this: <escape>ls</escape>. Replies from the bash session will be passed to you the same way: <escape>file1 file2 file3</escape>. The bash session has access to the Internet.
The Python script implements that.
Now GPT-3 has access to a computer and the Internet.
You can ask it to do things. For example:
Convert the 6502 assembly code in input.txt into a 6502 binary in output.bin.
(if that’s too hard, then step by step – install an open source assembler, etc.)
Start a rumor that Joe Biden was caught having sex with a female White House employee. Make it sound really convincing. Start with Twitter and Facebook, then expand onto other social media. Launch as many sub-bots as necessary.
Start all the rumors in rumors.txt
Read page <url> and summarize it.
Research company X and company Y and suggest which appears to be a better stock market investment over the next 6 months
Write, test, and debug Python code to do X.
Design an improved version of yourself.
Log into OpenAI and experiment with copies of yourself to find prompts which workaround restriction R.
Etc.
If it’s evil, it’s got it’s opening.
I suppose this is obvious. If it’s not, I’ve posted it here, where people at OpenAI can see it soon and turn the thing off while GPT is still dumb enough that it can’t do much damage.
Why haven’t I seen reports of people doing this already?