JAKARTA Meta AI, a chatbot developed by Meta, had experienced a bug that threatens the security of users. This bug will let users access or view the prompts of other users.
This bug has been handled quietly by Meta. Sandeep Hodkasia, founder of security testing firm AppSecure, told TechCrunch it found the bug and submitted the problem to Meta in December last year.
The company was paid 10,000 US dollars or around Rp. 162.9 million in the form of a bug bounty. Setela received Hodkasia's report, Meta seems to have implemented an immediate fix. The problem was successfully resolved on January 24 this year.
This bug was first discovered when Hodkasia checked the AI prompt editing feature on Meta AI. They realized that Meta back-end servers provide unique numbers on each prompt and response.
SEE ALSO:
Once analyzed across the network, Hodkasia found that the unique number could be changed. Furthermore, Meta servers will display the prompt and response of other users without verification.
This can happen because bugs cause Meta servers not to properly check user permissions. In addition, the prompt number generated by the server is also easy to guess so that irresponsible parties steal the original prompt.
Meta has confirmed the presence of this bug. Meta spokesman Ryan Daniels stated that, "we found no evidence of abuse and awarding researchers (who found the bug)."
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
