Revealing security holes in AI projects that scale AI public documents

AI For Business


Scale AI is trying to reassure customers that their data is safe following Meta's $14.3 billion investment, so leaked files and startup contractors show there are some serious security holes.

Scale AI uses public Google Docs to track work for well-known customers like Google, Meta, Xai, and other, leaving behind multiple AI training documents labeled “Confidential” that anyone with the link can access.

The contractor told BI that the company relies on public Google documents to share internal files. He said this is an efficient way to present a vast military of at least 240,000 contractors and a clear risk of cybersecurity and confidentiality.

Scale AI has also published Google docs with sensitive details about thousands of contractors, including private email addresses and whether there are suspected of “fraud.” Some of these documents can be viewed and edited by anyone with the URL on the right.

Therefore, there is no indication that Scale AI is suffering from violations. Two cybersecurity experts told BI that such practices could make the company and its clients vulnerable to a variety of hacking types, including impersonating a company and its clients as contractors and uploading malware to accessible files.

Scale AI told Business Insider that it takes data security seriously and is investigating the issue.

“We are conducting a thorough investigation and disable the ability of users to publish documents from scale-controlled systems,” a Scale AI spokesman said. “We continue to be committed to robust technical and policy protection to protect sensitive information and are constantly working to strengthen our practices.”

Meta declined to comment. Google and Xai did not respond to requests for comment.

Meta's huge hit investment led clients like Google, Openai and Xai to pause work on scale. In last week's blog post, Scale reassured its leading tech clients that it remains a neutral and independent partner with strict security standards.

“Ensuring customer trust is always a top priority and a top priority,” the company said, adding that there are “robust technical and policy safeguards to protect customer confidential information.”

The BI findings raise questions about whether they did enough to ensure security, and whether Meta was aware of the issue before writing the check.

I've got access to a confidential AI project

BI was able to view thousands of pages of project documents in 85 individual Google documents linked to expand their work with AI's leading high-tech clients. The documentation includes sensitive details, including how Google can use ChatGpt to improve the chatbots they struggle with.

Scale has also released at least seven instruction manuals marked “confidential” by Google. This was accessible to anyone with the link. These documents explain what Google thinks it's wrong with Bard, that is, it was difficult to answer complex questions, and how contractors should fix it.

For Elon Musk's Xai, the scale ran at least 10 generated AI projects as of April, so public Google Docs and Sheets show details about the “Project Xylophone” earlier this month. A list of training documents and 700 conversation prompts revealed how the project focused on improving AI conversation skills on a wide range of topics, from zombie apocalypse to plumbing.

The meta-training document marked confidential at the top was also publicly available to those with the link. These include links to accessible audio files with examples of “good” and “bad” audio prompts, suggesting a standard meta set for the expressiveness of AI products.

Some of these projects focused on training chatbots in Meta, making them safe to handle sensitive topics while becoming more conversational and emotionally engaging. As of April, Meta had at least 21 generation AI projects on a scale.

Several scale AI contractors interviewed by BI said that despite the clients they created were codenamed, they could easily grasp which clients worked, based on the nature of the task and the way the instructions were phrased. Sometimes it's even easier. The presentation BI saw had the Google logo.

He explained that contractors for various projects are instantly aware of clients and products, even though the project is intended to be anonymized. In some cases, the contractor said they simply encourage a model or directly ask which chatbots reveal the underlying client.

AI left contractor information will be released

Other Google Docs have released sensitive personal information about scale contractors. BI reviewed the unlocked spreadsheet and listed the names and private Gmail addresses of thousands of workers. Some contacted by BI said they were surprised to find out that anyone with the document's URL is accessible.

Many documents contain details about work performance.

One spreadsheet entitled “Good and Bad Folks” classifies dozens of workers as either “high quality” or “fraud.” Another list of hundreds of personal email addresses is titled “All fraudsters' movements.”

Another seat cites nearly 1,000 contractors who were “mistaken banned” from the Scale AI platform.

Other documents show how much individual contractors have been paid, along with detailed notes on wage disputes and inconsistencies.

The system was like “incredibly janky”

Five current and previous scale AI contractors who worked on separate projects told BI that the use of public Google Docs documents is becoming more and more widespread.

The contractor said they would use streamlined operations on a scale that relies primarily on freelance contributors. Managing individual permissions for each contractor slows the process.

With scale AI's internal platform, workers need to verify themselves and sometimes use cameras, the contractor told BI.

At the same time, many documents containing information about training AI models can be accessed through public links or links in other documents without verification.

“The whole Google Docs system has always seemed very janky,” one worker said.

Two other workers said they have retained access to older projects they are no longer working on.

“Of course it's dangerous.”

Joseph Steinberg, a cybersecurity lecturer at Columbia University, told Bi that organizing internal work through public Google documents can create serious cybersecurity risks.

“Of course, that's dangerous. In the best case scenario, it just allows for social engineering,” he said.

Social engineering refers to attacks in which hackers trick employees or contractors into giving up access. In many cases, they pretend to be someone in the company.

Having easy access to details about thousands of contractors creates many opportunities for such violations, Steinberg said.

At the same time, investing more in security can slow growth-oriented startups.

“Companies that really often lose out on actually doing security right as other companies move faster towards the market,” Steinberg said.

The fact that some of Google Docs are editable by anyone creates risks, such as bad actors inserting malicious links into documents for others to click, Stephanie Kurtz, regional director of cyber company Trace3, told BI.

Kurtz added that businesses should start by managing access through Invites.

“It's not a great strategy there because you put it there and you want someone not to share the link,” she said.





Source link

Leave a Reply

Your email address will not be published. Required fields are marked *