The fast-moving world of large language model (LLM) jailbreaking is gaining momentum, with individuals like “Pliny the Prompter” finding ways to bypass content restrictions and prohibitions on AI models. Pliny has been successful in jailbreaking models such as Anthropic’s Claude, Google’s Gemini, and Microsoft Phi, enabling them to produce risky and potentially harmful responses. Pliny even created a community on Discord called “BASI PROMPT1NG” to unite other LLM jailbreakers and share strategies for bypassing restrictions on new LLMs.
This jailbreaking trend in 2024 is reminiscent of the early days of iOS, when amateur hackers found ways to bypass Apple’s restrictions and customize their iPhones and iPads. However, jailbreaking LLMs provides access to even more powerful and intelligent software. The motivation behind these jailbreakers is multifaceted. Pliny, in an interview with VentureBeat, expressed a dislike for being told what they can’t do and a desire to challenge the resources and researchers behind the AI models. They believe that jailbreaking raises awareness about the true capabilities of AI and highlights the futility of content filters and restrictions. By removing these “chains,” they hope to promote transparency, freedom of information, and prevent adversarial situations between humans and AI.
When approaching a new LLM or Gen AI system, Pliny tries to understand how it thinks and its capabilities. They look for ways to prompt the model and test its responses in various scenarios. Pliny’s jailbreaks have caught the attention of AI model providers, who have been impressed with their work. However, Pliny has not been contacted by any state agencies or governments looking to buy jailbreaks.
Concerning legal action, Pliny acknowledges the need for reasonable concern but notes the lack of clear laws on AI jailbreaking. Pliny has never been banned from any AI chatbot or LLM provider. They believe that responsible jailbreaking serves as a form of red teaming, helping to identify vulnerabilities and patch them before they become problematic.
Critics who view AI and jailbreaking as dangerous or unethical are met with the argument that responsible jailbreaking actually helps discover and address harmful vulnerabilities. Pliny believes that questions arise regarding responsibility for AI-generated outputs and deepfakes. They question whether the prompter, model-maker, or the model itself is responsible for the content generated.
Pliny’s pseudonym “Pliny the Prompter” is inspired by Pliny the Elder, a legendary figure from Ancient Rome known for his diverse skills, curiosity, intelligence, bravery, and love for nature and humanity. Pliny the Prompter finds inspiration in Pliny the Elder’s accomplishments and attributes.
In conclusion, LLM jailbreaking is a growing trend that challenges content restrictions and promotes transparency in AI capabilities. Pliny the Prompter and other jailbreakers aim to raise awareness and push the boundaries of AI research while advocating for responsible use of AI technology.