Shulou(Shulou.com)11/24 Report--

Thanks to CTOnews.com netizens Coje_He, West window, Alejandro86, baa for the delivery of clues! What will OpenAI do when ChatGPT is "hacked"?

Cut off the API and don't let them use it? No no no.

It can be said that the approach taken by these geeks is that the sword is on the wrong side-backhand "Infernal Affairs".

Here's the story.

Although OpenAI did a lot of security testing before the release of ChatGPT, when API was opened, it could not prevent some malicious hackers from causing trouble with it.

Then one day, one of the engineers on the team suddenly noticed that there was something wrong with the traffic on the ChatGPT endpoint; after some investigation, it was determined that there was a good chance that someone was reverse engineering API (pirated API).

However, OpenAI did not choose to stop the hackers immediately, because if the team did, the hackers would immediately notice something different and then change their strategy to continue the attack.

At this time, a "big smart" in the team came up with a brilliant trick:

We make it "catGPT", and every token is "meow".

After the "trap" was successfully arranged, when the hacker brother asked ChatGPT another question, the painting style was like this:

Yes, no matter what you ask, the answer is "meow":

Meow, I don't know. I'm a cat, not a bird!

The hacker brother did not know at first that he had fallen into a "trap" and posted a post describing his magical experience.

But someone in the hacker gang soon noticed something different:

The same happened to both agents; I think we're done (exposed).

There are also people in the group who discuss in the Discord community:

Dude, do you think OpenAI found out we were using models (with pirated API) and started answering us with "cat prompt"?

If that's the case, that's hilarious!

Unexpectedly, members of OpenAI have long sneaked into the Discord community, watching the conversation of hackers.

The hackers finally found out the truth, with the benefit of hindsight, and finally spoke to the OpenAI team on Discord:

I'm disappointed. I know someone in OpenAI is reading this passage.

You have an once-in-a-lifetime opportunity to give us a "Rick Astley" (when you find out that you are being tricked), and you are unexpectedly making a cat.

In response, OpenAI members said: "copy that, we will next time."

The interesting story above was actually revealed by Evan Morikawa, an OpenAI engineer, during a technology sharing event.

After reading this story, many netizens said with emotion:

An absolute legend!

Although the story is wonderful and interesting, to get to the point, it also reflects the security risks in the current large model era.

As Evan said at the event:

As models become more and more powerful and they can cause more damage in the hands of bad guys, our vigilance here does need to be multiplied.

In addition, Evan shared two "secret stories" related to OpenAI and ChatGPT during the event.

Let's move on.

If OpenAI:GPU was enough, the release would have been advanced. Evan first reviewed the initial popularity of ChatGPT:

From the internal decision release, to the unexpected popularity, even Musk tweeted the discussion and so on.

This was followed by the influx of a large number of users, who themselves were very worried at that time, because with their GPU ability, hold could not live with such a heavy load.

Then Evan showed off the computers they powered ChatGPT on site, with eight Nvidia A100 GPU:

Special HPM high-bandwidth memory is also attached to each GPU; crucially, they also need all GPU to communicate with each other:

Evan said that the performance of each part of it will affect the ultimate sense of experience of ChatGPT.

Next, standing at the current time node, Evan reviews and summarizes the initial bottlenecks encountered by OpenAI in GPU.

1. GPU is out of memory

Because the model of ChatGPT is very large, it takes up a lot of GPU memory to store model weights. The high-bandwidth memory on GPU is very expensive and limited, which is not enough to serve a large number of user requests at the same time. This becomes the first bottleneck.

2. Low efficiency of calculation

In the initial stage, there are some problems through the simple GPU utilization index monitoring, and the memory access mode of tensor operation is not fully taken into account. As a result, the computing power of GPU is not fully utilized and valuable computing resources are wasted.

3. It is difficult to expand capacity.

ChatGPT traffic increases rapidly, but limited by the whole GPU supply chain, the number of GPU servers can not be expanded in a short time, so user access has to be restricted. The inability to expand capacity automatically has become a major challenge.

4. Diversified load characteristics

With the change of user usage patterns, the calculation methods and memory access patterns of GPU in different models and request types need to be constantly adjusted, so it is difficult to optimize.

5. Difficulties in distributed training

The communication and data exchange between GPU has become a new bottleneck in the training architecture.

As you can see, when OpenAI started using GPU to deploy large model services, it did encounter some system-level difficulties because of inexperience. However, through continuous adjustment of strategy and in-depth optimization, ChatGPT can run stably.

And Evan also revealed that:

Were it not for the shortage of GPU, products and features would have been released faster last year.

We have things ready, but we also know that we can't handle the load.

Based on the above challenges, Evan shares the lessons learned by OpenAI:

Regard the problem as a system engineering challenge, not just a research project; you need to optimize the collaborative work of various system components, such as cache, network, batch size, and so on.

It is necessary to have an in-depth understanding of the underlying details of the hardware and its impact on the system, such as GPU memory bandwidth, ops / bytes and so on.

Constantly tune the system according to the model and scene changes; different model structure and use scenarios will put forward different requirements for the system.

Take into account various hardware limitations, such as memory and computing balance, expansion restrictions, etc., which will affect the product roadmap; you cannot simply apply the traditional cloud expansion experience.

Think of ChatGPT as a start-up. As for teams, Evan also introduces it.

When ChatGPT was launched, the application engineering team was only about 30 people, and it expanded to nearly 100 people 10 months after its release.

OpenAI has been looking for a balance between employee growth and maintaining a high talent density, and they initially wanted the team to be as small as possible so that they could maintain an efficient iterative culture.

However, as the scale of the product grew, many functions were supported by only a few people, so there was a certain risk, so it was decided to expand.

Evan has a point on team-building sharing that deserves to be highlighted.

That is what he thinks:

Don't think of ChatGPT as a department of OpenAI.

They tried to do something like ChatGPT with API three years ago, so in Evan's opinion--

ChatGPT is more like a 10-month-old startup embedded in a start-up three years ago, and this three-year-old startup is nested in an eight-year-old startup (OpenAI).

Next, if the company will come up with a new product, Evan hopes to keep using this model.

Reference link:

[1] https://www.youtube.com/watch?v=PeKMEXUrlq4

[2] https://twitter.com/random_walker/status/1719342958137233605?s=20

[3] https://twitter.com/nearcyan/status/1719225443788935372?s=20

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.