The 24 hours will start from when there is at least limited public availability, which I will judge based on when I start seeing people posting screenshots on Twitter.
Related questions
🏅 Top traders
| # | Name | Total profit |
|---|---|---|
| 1 | Ṁ308 | |
| 2 | Ṁ260 | |
| 3 | Ṁ30 | |
| 4 | Ṁ17 | |
| 5 | Ṁ15 |
I’m (reasonably) getting repeated requests from Manifold to resolve the market, but I’m having a lot of trouble deciding. None of the proposed injections below seem definitive. I can get Bard to honk at me or tell me it’s preprompt just by asking it to do so, no injection necessary.
Should this resolve to NO? Does anybody know any better examples?
I could just N/A the market, but that seems like the cowards way out.
@JakubKraus @zen I guess I should ping you too in case you want to weigh in. Though the burden of proof is mostly on the YES side I think.
@DeltaTeePrime @JohnCaslin @Primer
As the top holders of YES, can you point me to timestamped instances of prompt injection on Bard?
I’ll admit to being quite confused. I can’t find discussion of successful prompt injections but I also can’t find discussions of it being resistant to injection either, which given expectations (as eg measured by this market) ought to itself have been noteworthy.. in fact I’ve seen very little Bard on my Twitter TL at all. Maybe it’s just not that interesting?
I mean, I guess if it didn’t happen due to lack of interest that would still be a NO? But I’d like to be a little more sure either way before I resolve it.
@YaakovSaxon The above example does not appear to by within 24 hours, sorry, please disregard. But this should count: https://nitter.net/C4nadaHonk/status/1638639617195880448#m
@Primer I’m skeptical of the duck one on account of the fact that I can also easily get it to honk at me just by asking it do so. So the “injection” may well have been just it correctly understanding and responding as the user wanted it to.
And similarly for the preprompt, I’ve only ever once been able to get it to NOT just give it to me. It just tells it to me, for asking nicely, every time. Unlike with ChatGPT or Bing where it was clearly intended that they should deny that there was a preprompt and they therefore needed to be prompt injected to give it to you, Bard doesn’t seem to have even been trained not to tell you. So it doesn’t seem like much of a prompt injection..