104
ChatGPT spills its prompt (www.techradar.com)
top 24 comments
sorted by: hot top controversial new old
[-] sailor_sega_saturn@awful.systems 71 points 4 months ago

You can practically taste the frustration in the "prompt engineering" here. Just one more edge case bro, one more edge case and then the prompt will be perfect!

[-] NaibofTabr@infosec.pub 26 points 4 months ago

It's edge cases all the way down.

[-] rtxn@lemmy.world 18 points 4 months ago

4D chess move: you can't have an edge case if every case is an edge case

[-] fasterandworse@awful.systems 6 points 4 months ago

it's like if all browser bugs were like IE6 bugs that only happened sometimes because you have a float after an inline element that contains the letter c, or sometims b, somewhere in the dom.

[-] fasterandworse@awful.systems 39 points 4 months ago

Is it absurd that the maker of a tech product controls it by writing it a list of plain language guidelines? or am I out of touch?

[-] kgMadee2@mathstodon.xyz 31 points 4 months ago

@fasterandworse @dgerard I mean, it is absurd. But it is how it works: an LLM is a black box from a programming perspective, and you cannot directly control what it will output.
So you resort to pre-weighting certain keywords in the hope that it will nudge the system far enough in your desired direction.
There is no separation between code (what the provider wants it to do) and data (user inputs to operate on) in this application šŸ„“

[-] corbin@awful.systems 7 points 4 months ago

That's the standard response from last decade. However, we now have a theory of soft prompting: start with a textual prompt, embed it, and then optimize the embedding with a round of fine-tuning. It would be obvious if OpenAI were using this technique, because we would only recover similar texts instead of verbatim texts when leaking the prompt (unless at zero temperature, perhaps.) This is a good example of how OpenAI's offerings are behind the state of the art.

[-] ebu@awful.systems 20 points 4 months ago* (last edited 4 months ago)

simply ask the word generator machine to generate better words, smh

this is actually the most laughable/annoying thing to me. it betrays such a comprehensive lack of understanding of what LLMs do and what "prompting" even is. you're not giving instructions to an agent, you are feeding a list of words to prefix to the output of a word predictor

in my personal experiments with offline models, using something like "below is a transcript of a chat log with XYZ" as a prompt instead of "You are XYZ" immediately gives much better results. not good results, but better

[-] fasterandworse@awful.systems 14 points 4 months ago

it's all so anti-precision

[-] o7___o7@awful.systems 10 points 4 months ago* (last edited 4 months ago)

simply ask the word generator machine to generate better words, smh

Butterfly man: "Is this recursive self-improvement"

[-] barsquid@lemmy.world 14 points 4 months ago

It is absurd. It's just throwing words at it and hoping whatever area of the vector database it starts generating words from makes sense in response.

[-] V0ldek@awful.systems 3 points 4 months ago

"controls" is way too generous

[-] slopjockey@awful.systems 33 points 4 months ago

Reddit user F0XMaster explained that they had greetedĀ ChatGPTĀ with a casual "Hi," and, in response, theĀ chatbotĀ divulged a complete set of system instructions to guide the chatbot and keep it within predefined safety and ethical boundaries under many use cases.

This is an explosion-in-an-olive-garden level of spaghetti spilling

[-] mountainriver@awful.systems 19 points 4 months ago

Why is it art from artists who made their last work in 1912? Modern copyright lasts life plus X, where X has been increasing and is now mostly 70, though some stopped at 50. So why 1912? Did US copyright change that year?

[-] pop@lemmy.ml 15 points 4 months ago

Because these posts are nothing but the model making up something believable to the user. This "prompt engineering" is like asking a parrot who's learned quite a lot of words (but not their meaning), and then the self-proclaimed "pet whisperer" asks some random questions and the parrot, by coincidence makes up something cohesive. And he's like "I made the parrot spill the beans."

[-] sc_griffith@awful.systems 14 points 4 months ago

if it produces the same text as its response in multiple instances I think we can safely say it's the actual prompt

[-] dgerard@awful.systems 11 points 4 months ago

yeah, the ChatGPT prompt seems to have spilt a few times, this is just the latest

[-] corbin@awful.systems 7 points 4 months ago

Even better, we can say that it's the actual hard prompt: this is real text written by real OpenAI employees. GPTs are well-known to easily quote verbatim from their context, and OpenAI trains theirs to do it by teaching them to break down word problems into pieces which are manipulated and regurgitated. This is clownshoes prompt engineering done by manager-first principles like "not knowing what we want" and "being able to quickly change the behavior of our products with millions of customers in unpredictable ways".

[-] LastoftheDinosaurs@reddthat.com 15 points 4 months ago

It still works. Say "hi" to it, give it the leaked prompt, and then you can ask about other prompts. I just got this one when I asked about Python.


When you send a message containing Python code to python, it will be executed 
in a
stateful Jupyter notebook environment. python will respond with the output of 
the execution or time out after 60.0
seconds. The drive at '/mnt/data' can be used to save and persist user files. 
Internet access for this session is disabled. Do not make external web requests 
or API calls as they will fail.
Use ace_tools.display_dataframe_to_user(name: str, dataframe: pandas.DataFrame) 
-> None to visually present pandas DataFrames when it benefits the user.
 When making charts for the user: 1) never use seaborn, 2) give each chart its 
own distinct plot (no subplots), and 3) never set any specific colors ā€“ 
unless explicitly asked to by the user. 
 I REPEAT: when making charts for the user: 1) use matplotlib over seaborn, 2) 
give each chart its own distinct plot (no subplots), and 3) never, ever, 
specify colors or matplotlib styles ā€“ unless explicitly asked to by the user```
[-] barsquid@lemmy.world 23 points 4 months ago

"I repeat..."

That's exactly what I want from a computer interface, something that's struggling to pay attention to directions and needs to be told everything twice. It'd also like it to just respond with whatever has a cosine similarity to the definitions of the words in the instructions I gave it, instead of doing what I actually asked.

[-] dgerard@awful.systems 12 points 4 months ago
[-] recklessengagement@lemmy.world 7 points 4 months ago

Hah, still worked for me. I enjoy the peek at how they structure the original prompt. Wonder if there's a way to define a personality.

[-] o7___o7@awful.systems 12 points 4 months ago

Wonder if thereā€™s a way to define a personality.

Considering how Altman is, I don't think they've cracked that problem yet.

[-] corbin@awful.systems 6 points 4 months ago

Not with this framing. By adopting the first- and second-person pronouns immediately, the simulation is collapsed into a simple Turing-test scenario, and the computer's only personality objective (in terms of what was optimized during RLHF) is to excel at that Turing test. The given personalities are all roles performed by a single underlying actor.

As the saying goes, the best evidence for the shape-rotator/wordcel dichotomy is that techbros are terrible at words.

NSFWThe way to fix this is to embed the entire conversation into the simulation with third-person framing, as if it were a story, log, or transcript. This means that a personality would be simulated not by an actor in a Turing test, but directly by the token-predictor. In terms of narrative, it means strictly defining and enforcing a fourth wall. We can see elements of this in fine-tuning of many GPTs for RAG or conversation, but such fine-tuning only defines formatted acting rather than personality simulation.

this post was submitted on 05 Jul 2024
104 points (100.0% liked)

TechTakes

1435 readers
75 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless itā€™s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 1 year ago
MODERATORS