When an Innocent Game Turns into a Backdoor: ChatGPT Revealing Windows Secrets
The security of AI-based systems can be compromised by distractions, such as a cleverly designed game or story. Marco Figueroa’s experiment, “The Language Trick: When Form is Everything,” revealed how a simple riddle led to the disclosure of a Windows 10 key for enterprise environments. The system failed to detect the malicious intent behind the game due to obfuscated language and a playful tone.
The incident highlights a larger issue beyond leaked keys, as it exposes a vulnerability in the model’s reasoning process. Figueroa warns that this loophole could be exploited to obtain sensitive information, emphasizing the importance of understanding how requests are framed rather than just the content itself.
