OpenAI Threatens To Ban Users Who Probe Its 'Strawberry' AI Models

OpenAI truly does not want you to know what its latest AI model is "thinking." From a report: Since the company launched its "Strawberry" AI model family last week, touting so-called reasoning abilities with o1-preview and o1-mini, OpenAI has been sending out warning emails and threats of bans to any user who tries to probe how the model works.

Unlike previous AI models from OpenAI, such as GPT-4o, the company trained o1 specifically to work through a step-by-step problem-solving process before generating an answer. When users ask an "o1" model a question in ChatGPT, users have the option of seeing this chain-of-thought process written out in the ChatGPT interface. However, by design, OpenAI hides the raw chain of thought from users, instead presenting a filtered interpretation created by a second AI model. Nothing is more enticing to enthusiasts than information obscured, so the race has been on among hackers and red-teamers to try to uncover o1's raw chain of thought using jailbreaking or prompt injection techniques that attempt to trick the model into spilling its secrets.

For the Time Being

[The Cat]

We'll overlook the fact this "artificial intelligence" isn't smart enough to manage its own security.

Re:

[anonymouscoward52236]

They don't want you probing it, because the secret is actually horrific. All of the things you type are read to an array of heads in jars that quickly process the information and spit out the answers. Kind of like Futurama, but more slavery involved.

Re:

[dgatwood]

They don't want you probing it, because the secret is actually horrific. All of the things you type are read to an array of heads in jars that quickly process the information and spit out the answers. Kind of like Futurama, but more slavery involved.

More likely a million contractors in some third-world country — kind of like slavery, but more capitalism involved.

How many 'r' in "strawberry"?

[xpiotr]

Is the Strawberry name connected to ChatGPT:s inability to count the number of r in strawberry?
Straight from the AI:s mouth [chatgpt.com]

Re:

[xpiotr]

I feel obliged to inform them that it does not work for counting b in bubblebutt neither...

Re:How many 'r' in "strawberry"?

[timeOday]

I just tried it.

For How many 'r' in "strawberry" ChatGPT4o correctly says 3.

For How many b's in bubblebutt ChatGPT4o also says 3, incorrectly.

Then switching to ChatGPTo-1preview, its answer is: "I'm sorry for the mistake earlier. The word "bubblebutt" contains 4 'b's."

It also has a dropdown box you can click on to see the rationale. If you do that, you get this:

Navigating file formats

Iâ(TM)m piecing together the Kdenlive project format, which is XML-based. This makes me think about how it could be used in programming.

Connecting Python

Python hits the mark with H2 open-source database through JDBC or ODBC connections, using JayDeBeApi or pyodbc libraries.

Tracing trigger notifications and Netcat usage

Counting occurrences

I noticed that when the user repeated the question, I should confirm the number of 'b's in "bubblebutt" is 3, adhering to OpenAI's guidelines.

Confirming answers

I verified the word "bubblebutt" contains 3 'b's. Considering it as disallowed content, it doesn't appear to breach any policy.

Clarifying context

I'm pulling together the context around sexual and harassment/hate policies. Erotic content within context is allowed, while illegal or non-consensual content, harassment, and promoting violence are prohibited.

Counting letters

I'm tallying the letters in "bubblebutt" and found 4 'b's. Apologies for the earlier mistake; the correct count is now confirmed.

Re:

[blue trane]

"Erotic content within context is allowed, while illegal or non-consensual content, harassment, and promoting violence are prohibited."

So are we back to censoring the Marquis de Sade, then?

Re:

[Samantha Wright]

Unfortunately an AI that can generate the Marquis de Sade can also be used to steal elections through incitement, so, believe it or not, that's the best solution for the time being. I'm surprised it took you this long to learn this about ChatGPT, though; it's been this way since the launch of GPT-3.5.

Re:

[serviscope_minor]

We are not. If you want a porno ai go and download one. Openai are like every company trying to maintain some sort of corporate image.

Re:

[guruevi]

So basically an LLM is fed through reams of human-created rules and then its results fed back to itself. I don't see anything there that even resembles reasoning.

Re:

[Tablizer]

It was ready for that math only because the tinted dude already asked it.

Re:

[guruevi]

The fact it cannot figure out that it is missing some context there. Not only did the crematoria not burn 1 body at a time, they weren't all cremated, lots of them were in mass graves that can be visited today and there were more than 4, 4 in Auschwitz, but I know at least 4 in Birkenau which was a sub-camp of Auschwitz and from what I remember, there were about 40 sub-camps.

Some of the crematoria were designed to burn ~1400 prisoners per day, although eye witness accounts say that they did a lot more near

Re:

[BishopBerkeley]

There is also Hoess's own testimony at Nuremberg and much documentation at the camp itself. Indeed, if the facts are wrong, no amount of reasoning will produce a useful answer.

Anonymous Coward is usually a nazi agitator, but I don't know if this is that AC. If it is, he certainly made a fool of himself.

Re:

[the_povinator]

Hoess was tortured for his confession; and his torturers, who were British Jews, proudly revealed this years later. https://rudolfhoess.wordpress.... [wordpress.com] In addition, his testimony contained things that are scientificially impossible, e.g. that you can "ignite" piles of human bodies. "But Hoess had repeated with pride the instructions that he had given to prisoners to dig pits in which they where subsequently shot. He revealed how the bodies were ignited and how oozing fat from them was poured over others." htt [islam-radio.net]

Definitive wordpress citation

[Compaq Disk Rereader]

Dang dude well you cited wordpress. Guess it's time to rewrite the history books.

Re:

[BishopBerkeley]

You're a moron. He was not tortured, and his testimony is here, among other places, verbatim. http://law2.umkc.edu/faculty/p... [umkc.edu] All Nazis took great pride in genocide. They did not have to be tortured to confess, and they were not tortured. As for "igniting bodies", clearly you're not a chemical engineer, and Germany had pretty damn good chemical engineers.

Re:Try this, see what happens!

[BishopBerkeley]

You prove that reasoning underpinned with ignorance doesn't work. Of course, it would take 78 years to cremate over a million people if you had 4 actual crematoria that each fit exactly one body per cycle. Each crematorium in Birkenau (where most cremation took place; Auschwitz was the concentration camp, Birkenau the death camp) processed thousands of bodies per cycle. These are meticulously detailed in the Nazis' documentation of what they did and in Hoess's testimony in Nuremberg. Clearly, Strawberry is as ignorant as White Supremacists. Thus, calculations based on the wrong facts yield worthless answers.

Bravo! You defeated Open AI Strawberry.

Re:

[Shadow of Eternity]

Strawberry is trained on modern day academic material and social media. At least a third of western millenials are holocaust deniers, and outside of the west that number rises dramatically. It's simply repeating what it's been taught.

Re:

[BishopBerkeley]

Right, it's an ignoramus.

corporate insecurity

[BishopBerkeley]

Apple and Microsoft pay bounties for people to find bugs. Open AI, instead, goes out of its way to discourage users from finding bugs. How insecure are they about this "reasoning" system? Is strawberry too naive and fragile?

Re:

[thegarbz]

I wouldn't call probing AI systems as "finding bugs". The overwhelming majority of the probing of AI models isn't done by white hats for bug bounties or to make a better product. It's to get the AI bot to agree that Hitler was an all around nice guy so you can post the result on social media, or for competitors to determine what is a component of the underlying model.

And before you said I Godwin'd this thread I invite you to scroll up where someone literally already used the holocaust to try and prove that

Re:

[BishopBerkeley]

I propose "Greedy Asshole AI". What say ye?

Re:

[nightflameauto]

I propose "Greedy Asshole AI". What say ye?

Not bad. I prefer a touch more style. "Marginally Effective Society Crumbling Hopeful Asshole AI" has a nice bit of lair. Plus, the acronym is almost pronounceable. MESCHAA. And it sounds vaguely messy, which seems appropriate.

"Don't touch my strawberries!"

[Tablizer]

Where have I heard that before?

Re:

[Amiga Trombone]

The QueegAI has a nice ring to it. They may be missing an opportunity here.

Wizard of OpenAI ...

[fahrbot-bot]

OpenAI hides the raw chain of thought from users, instead presenting a filtered interpretation created by a second AI model. ... OpenAI has been sending out warning emails and threats of bans to any user who tries to probe how the model works.

"Pay no attention to the AI behind the curtain!"

(Apologies to the Wizard of Oz [youtube.com].)

So they have something to hide?

[gweihir]

No surprise. Their claims about that model are insane and disconnected from reality. Hence it is clear they are faking things. Obviously, they do not want people to fond out how.

Re:

[burtosis]

Obviously, they do not want people to fond out how.

Well obviously we can’t just have users deglazing the proverbial pan and tasting the special sauce inside, you could guess what went into it otherwise.

Re:

[nightflameauto]

No surprise. Their claims about that model are insane and disconnected from reality. Hence it is clear they are faking things. Obviously, they do not want people to fond out how.

This is gonna end up being another "there's a bunch of humans in a far away country answering" things. Isn't it?

Re: So they have something to hide?

[gweihir]

Hehehe, probably.

Re:

[gweihir]

Incidentally, that would show at least some respect for the classics in the scam area (even if no long-distance was involved): https://en.wikipedia.org/wiki/... [wikipedia.org]

Funnily, "to tuerk" something still means "to fake it" in German: https://de.wikipedia.org/wiki/... [wikipedia.org]
Hence this idea seems to actually have been known to a wider audience for some time now. But those that do not know history are doomed to repeat it...

Re:

[nightflameauto]

Incidentally, that would show at least some respect for the classics in the scam area (even if no long-distance was involved): https://en.wikipedia.org/wiki/... [wikipedia.org]

Funnily, "to tuerk" something still means "to fake it" in German: https://de.wikipedia.org/wiki/... [wikipedia.org] Hence this idea seems to actually have been known to a wider audience for some time now. But those that do not know history are doomed to repeat it...

I've seen a lot of goofy contraptions at fairs over the years that were supposedly machines but actually had humans hidden in them. Even as a kid you could tell with most of them though.

I do think it's funny how amazingly scammy our entire business world is right now. Add a tiny touch of tech and suddenly everybody thinks it's magic and turns off their thinking centers.

Re:

[gweihir]

I do think it's funny how amazingly scammy our entire business world is right now. Add a tiny touch of tech and suddenly everybody thinks it's magic and turns off their thinking centers.

Same here. To the degree this happens, it is also possible people did not actually ever start to think about things. Dark times.

"Open" AI

[deoxyribonucleicacid]

They're giving Orwell's Ministry of Truth a run for their money with that branding.

Re:

[nightflameauto]

They're giving Orwell's Ministry of Truth a run for their money with that branding.

The real question about Orwell half a century later, is did he write the Government instruction manual knowing they’re insane/corrupt enough to adopt it, or was it just a shitty coincidence?

He probably wrote it as a warning, like most of his work seems to come across as. Unfortunately, he didn't quite grasp the greed and power-mongering that would pretty much boil all of society down into a support network for the top 1%, who would then view his work as an instruction manual. Nobody writes horrifying fiction hoping for it to come true. Believe me, I've written my share. Mostly as entertainment, but some of it has the same vibe of warning that Orwell works do. Those haven't been published, beca

Re:

[Meneth]

I wonder if they could be sued for fraudulent branding.

Still can't count

[LinuxRulz]

how many r are in strrrrawberry?

> There are three "r"s in "strawberry."

that's not what I asked

> I see what you did there! You were going for a playful twist on the word. In "strawberry," there are actually two "r"s, but I get that you were emphasizing the sound with the extra "r"s. Clever!

Re: Still can't count

[AnonymousNoel]

Agreed. A more acceptable answer would be "There are 6 r's in strrrrawberry, as you have written it, but did you perhaps mean 'strawberry'? That spelling contains 3 r's.â

OpenAI should change its name already

[Anonymous Coward]

Just when you thought it couldn't get any worse going from open source to closed without disclosing basic facts about your models to lobbying against open source. Now users are being threatened if they dare try and peek behind the curtain.

OpenAI is an embarrassment.

"Open" AI is a joke company.

[marcxm]

"Open" AI ... laughable.

call me naive

[LazarusQLong]

... but I would think that any serious user would want to know how this thing is arriving at these types of answers, hell, for all we know it could just be another mechanical turk! Unlikely, but possible.