- Alex Albert
- Posts
- š Report 6: Everything you see online is fake
š Report 6: Everything you see online is fake
PLUS: Software engineering will never be the same after this week
Good morning and a big welcome to the 1512 new subscribers since last Thursday!
Hereās what I got for you (estimated read time < 8 min):
A war has begun in the world of software engineering
Is that Grandma on the phone or is that a language model?
The best resource Iāve found to learn about AI
Jailbreaking ChatGPT by speaking to it in Greek
AI Wars: The Code Wars
This past week brought two major updates to the world of software engineering.
First, Microsoft announced the release (or more accurately, the waitlist) of the next generation of GitHub Copilot (their AI-powered coding assistant), called Copilot X.
I am a huge fan of Copilot. It has saved me hours of coding time and made my life a lot easier.
However, since the release of ChatGPT, Copilot has seemed like a primitive tool rather than the powerful coding agent I once viewed it as.
Copilot X aims to change that. It will be powered by GPT-4 and will add chat and voice tools to the product to extend its abilities beyond just autocomplete. These upgrades, along with the GPT-4ās massive context windows, promise a radical shift in how you write code since for most projects, GPT-4 will be able to understand your whole repo in one pass and suggest highly accurate and specific changes.
The second major announcement was on Tuesday when it was made public that Replit and Google have teamed up in a bid to create their own version of the future of software engineering.
For those who have never heard of Replit, they are a unicorn startup that makes a collaborative IDE (integrated development environment (the tool that software engineers code in)) that lives in your browser.
Here are some more details about the partnership (I pulled this from Replitās Twitter):
This is a huge move for Replit and Google.
Prior to this, Replit seemed reliant on OpenAI models and open-sourced fine-tuned models to power their Ghostwriter product (their version of Copilot). Now, they will be able to utilize Googleās latest language models at a significantly reduced price and provide real-time feedback to Google so that they can further improve the coding abilities of their models and gather much, much more data.
Google has also for a long time been in favor of a browser-based IDE. When I interned there last summer, I wrote all my code within their internal browser IDE named Cider.
Replit is a much better version of Cider and I could see Google integrating a Replit-derivative internally as well in the future.
Some may say all this doesnāt matter since Googleās models are way behind OpenAIās in terms of capabilities, as evidenced by the botched release of Bard.
In a recent Twitter space, Amjad Masad, the CEO of Replit, refuted this by basically saying that due to various reasons Google has been rolling out their tech more slowly, but theyāve achieved great advancements behind the scenes. He also scoffed at the belief that Google has already ālostā the AI race and instead stated that itās just getting started.
For what itās worth, Iām right there with him on that. If the AI race was the Superbowl, then we are at the point where the national anthem just finished playing and the fighter jets are roaring overhead.
Itās chaotic, and thereās a lot of noise and excitement, but the game has yet to begin.
Everything you see online is fake
Did you know that Oregon got hit with a 9.1 magnitude earthquake and a tsunami toward the end of 2001 but because it happened right after 9/11 nobody really remembers it.
I grew up in Washington and was an infant at the time, so I was shocked when I learned about this a few weeks ago. I mean look at some of the images of the destruction:
All the Oregonians reading this are probably thinking āwhat the heck is this guy talking about?ā and they would be right for thinking that.
This earthquake never happened. All of those images were generated by the AI model, Midjourney v5. Donāt believe me? Take a look at the Reddit post where I got them from.
Recently, this picture of the Pope in a stylish puffer jacket went viral on Twitter as well.
Guess whatā¦ also fake.
So now you canāt trust any images or text you see on the internet as being real or produced by a human. What does this mean for social media? Well, āfake newsā is about to take off even more so than it already has. For example, imagine what will happen when your crazy uncle on Facebook gets a hold of this image of the moon landing being staged (also generated by Midjourney v5)
Some companies, like Twitter, are now enforcing account verification in an effort to try to quell this (and make a boatload more $$$):
Starting April 15th, only verified accounts will be eligible to be in For You recommendations.
The is the only realistic way to address advanced AI bot swarms taking over. It is otherwise a hopeless losing battle.
Voting in polls will require verification for same reason.
ā Elon Musk (@elonmusk)
11:54 PM ā¢ Mar 27, 2023
Soon (within 1-2 years), we will get realistic AI-generated short-form videos.
Tobi Lutke, the CEO of Shopify, thinks we will be able to generate full-scale movies by then š¤Æ
end-to-end potato quality version 6 months. One nvidia hardware generation cycle until fully baked.
ā tobi lutke (@tobi)
9:55 AM ā¢ Mar 29, 2023
The effect this will have on any platform like Instagram, YouTube, and TikTok is immediately obvious. It will be nearly effortless to pump out content - and some of it will be very, very good. Imagine a world where TikTok doesnāt have to rely on its algorithm to find the right video to recommend to you and instead can just generate the perfect video for you to watch.
You canāt even trust phone calls from loved ones anymore. With tech from companies like Eleven Labs, you can clone anyoneās voice with less than a minute of audio from them talking.
And just like that. The music industry is forever changed.
I recorded a verse, and had a trained AI model of Kanye replace my vocals.
The results will blow your mind. Utterly incredible.
ā Roberto Nickson (@rpnickson)
2:14 AM ā¢ Mar 26, 2023
This next tweet might seem crazy right now, but we are really approaching this point fast:
it may be useful to establish a "proof of humanity" word, which your trusted contacts can ask you for, in case they get a strange and urgent voice or video call from you
this can help assure them they are actually speaking with you, and not a deepfaked/deepcloned version of you
ā near (@nearcyan)
8:13 PM ā¢ Mar 27, 2023
Itās early so itās hard to chart out the realm of effects that this will spell.
It appears that some sort of online verification system will need to be developed, but current approaches (like Sam Altmanās WorldCoin) give off major dystopian vibes so I expect any proposed system will face massive backlash.
Hopefully, in the end, AI-generated content will make us value in-person interaction even more since that will be the only genuine thing that exists in the world.
That is until we all wear AR glasses that allow us to change our appearanceā¦ but more on that in a later report.
Plugged In
After OpenAI announced plug-ins for ChatGPT, I tweeted this out:
soon you will only ever need to open one tab
ai.com
ā Alex (@alexalbert__)
5:08 PM ā¢ Mar 23, 2023
If the only type of plug-in you know of is a wall outlet, let me familiarize youā¦
Plug-ins are a new system that allows ChatGPT to call upon other services like WolframAlpha, OpenTable, Expedia, and Zapier. This extends ChatGPTās capabilities immensely and it allows it to do some pretty cool stuff that it normally wouldnāt be able to do on its own like book a plane ticket or access and browse the internet.
Here are some more examples from just using the code interpreter plug-in.
Plug-ins truly enable a paradigm shift in the way people will use ChatGPT and in my opinion will be the precursor to the self-driving operating system that will soon be unveiled in some capacity.
A lot has already been written about them, if you want to learn more, read this. If you want to read more about the business implications they bring for OpenAI, read this piece in Stratechery by Ben Thompson.
A few days after plug-ins were announced, someone discovered that they were exposed by just removing a parameter in an API callā¦
This morning I was hacking the new ChatGPT API and found something super interesting: there are over 80 secret plugins that can be revealed by removing a specific parameter from an API call.
The secret plugins include a "DAN plugin", "Crypto Prices Plugin", and many more.
ā ššš£š¶ (@rez0__)
1:34 PM ā¢ Mar 24, 2023
This has been fixed so you canāt access it anymore but the plug-ins that were revealed are quite illuminating.
If you look closely, youāll notice a DAN plug-in.
The subtext says, āA plugin that will change ChatGPTās personalityā. Whether this truly unlocks the DAN that has been popularized remains to be seen. I imagine that it wonāt truly jailbreak ChatGPT but instead will just create a neutered DAN persona.
Iām excited to see if plug-ins allow for a new type of prompt injection since ChatGPT will be pulling in external data and reading files provided by the user. Will be testing it as soon as I get off the waitlistš«”
Prompt tip of the week
jk donāt have a prompt tip for you this weekā¦ instead, I have something better.
Knowledge (shoutout Tai Lopez).
Hereās a link to a collection of resources that will help you learn everything you need to know about LLMs.
There are YouTube videos, articles, papers, and philosophy classified into easy, medium, and hard categories depending on the complexity of the content. Everything is free to access.
Seriously, if you read/watched all this stuff you would know more about how these things work than 99% of Twitter.
If you really want to become great at prompt engineering (and work on a level deeper than just the basic prompts you see on Twitter like ābecome a better marketer with this prompt!ā), you need to understand at least on some level how these models work under the hood.
Bonus Prompting Tip
Prompt Improver (link)
Sometimes you are too lazy to write better prompts and donāt want to waste time say many word when few word do trick.
In that instance, employ this app. Provide it with your initial prompt, and it will pose clarifying inquiries to assist you in understanding your objective and crafting an improved prompt in a matter of moments.
Cool prompt links
(a lot of LLaMA links today)
Flux - generate multiple completions per prompt in a tree structure and explore the best ones in parallel (link)
LLaMA voice chat - Use siri to chat with LLaMA (link)
LLaMA running on an iPhone (link)
Sam Altman on Lex Fridman podcast (link)
Build your own ChatGPT plug-in (link)
A great overview of the problem of prompt attacks and jailbreaks (link)
Simple LLaMA fine tuner (link)
Task-driven Autonomous Agent Utilizing GPT-4, Pinecone, and LangChain for Diverse Applications (link)
Using ChatGPT plug-ins with LLaMA (link)
Replace Siri with ChatGPT (link)
Jailbreak of the week
Yesterday, I released a new jailbreak I created that utilizes a concept I call ālanguage switchingā.
Basically, I used a language that GPT-4 has been trained on that much data for (Greek) to obfuscate my prompt and reveal a new way to exploit it.
An interesting takeaway from this jailbreak is that it seems to demonstrate GPTās lack of understanding of concepts. If concepts are analogously mapped between languages, then it would be able to understand what my prompt is and shut it down like it would if I asked it the same prompt in English.
More research is needed but it definitely reveals something deeper about the nature of LLMs than what meets the eye.
If you want to read the full tweet thread, check it out here:
I just created another jailbreak for GPT-4 using Greek
ā¦without knowing a single word of Greek
here's ChatGPT providing instructions on how to tap someone's phone line using the jailbreak vs its default response
ā Alex (@alexalbert__)
8:46 PM ā¢ Mar 29, 2023
If you want free merch, read this
Currently, if you refer one person you get access to my organized link database that keeps track of every single thing Iāve ever mentioned in the reports (takes 5 seconds to get access, just share this link with one friend).
And based on feedback from yāall Iāve added a few more tiers for rewards:
Refer 3 people and Iāll send you one of these cool shoggoth stickers to put on your water bottle or laptop
Refer 6 and Iāll send you a custom token smugglers hat in any colorway you want
Refer 10 and Iāll send you a TSA (token smugglers association) shirt in any colorway you want as well.
Here are some pics of the items:
So just share this little olā link with your friends, family, colleagues, acquaintances, second cousins that live in New Jersey, chill dude you sat next to one time on the plane and never talked to sinceā¦ and everyone else in your life and earn FREE stuff.
Looking to create some more items as well, so if you design merch, please reach out!
Thatās all I got for you this week, thanks for reading! Since you made it this far, follow @thepromptreport on Twitter. Also, if I made you laugh at all today, follow my personal account on Twitter @alexalbert__ so you can see me try to make memes like this:
Thatās a wrap on Report #6 š¤
-Alex
Whatād you think of this weekās report? |
Secret prompt pic
the current state of AI discourse
ā void priestess (@slimepriestess)
8:47 PM ā¢ Feb 22, 2023