DEF CON is one of the most famous hacking events in the world. Now, a major AI hacking competition, backed by the White House, will take place there. (Photo by Rob Kim/Getty Images for Tribeca Film Festival)
getty
On Thursday, the White House announced an event organizers are billing as the biggest ever public safety and security test of artificially intelligent models like ChatGPT and Bard. A public evaluation of AI tools from Google, Microsoft, OpenAI and Anthropic will occur at the DEF CON hacking conference in Las Vegas this August.
“This independent exercise will provide critical information to researchers and the public about the impacts of these models, and will enable AI companies and developers to take steps to fix issues found in those models,” the Biden-Harris administration wrote.
According to its organizers, the event was a distant possibility just weeks ago, before all the big AI companies suddenly confirmed that they would allow as many as 4,000 hackers to probe their technology this summer, organizers Sven Cattell and Austin Carson told Forbes. The third organizer is Rumman Chowdhury, founder of nonprofit Humane Intelligence.
Cattell, a cybersecurity expert who runs the DEF CON AI Village, and Carson, CEO and founder of AI-focused nonprofit SeedAI, met in January in Washington D.C., at a meeting between lawmakers and security practitioners known as Hackers on the Hill. After Cattell and Chowdhury had been toying with the idea of a contest, Austin helped convince them to trial a competition for community college students at South by Southwest using open source AI models.
Following the success of that event, the pair ramped up their attempts to get both government and industry involved in a far larger competition (though the prize will likely be small; probably a GPU device, said Carson). Having made contact with Asad Ramzanali, chief of staff for the White House Office of Science and Technology Policy, at South by Southwest, and with various contacts at the tech companies, the pair went on a two-week sprint to get companies on board before the Biden admin announcement today. Vendors jumped at the chance to be involved, the organizers said.
“They were very keen,” said Cattell. “This is something that I think the industry needs to do for their own good because ongoing assessments of their models is something that you have to do, and they understand this, but they didn’t have them until this came along.”
Come August, the competition will open up the code for ChatGPT, Google’s Bard, Stability AI’s Stable Diffusion and Hugging Face programs, so that thousands of DEF CON attendees can try to find vulnerabilities or bypass the tools’ safety mechanisms.
“This system that we’ve got is the largest ever generative AI red team by an order of magnitude,” said Carson. A “red team” test sees security professionals try to hack technologies to show where their weaknesses are, in order to help fix them. Chowdhury will be handling exercise design and coordinating the event.
Beau Woods, a former staffer at the DHS Cybersecurity and Infrastructure Security Agency, said the event was the culmination of years of work to improve cooperation between hackers, the White House, Congress and the business community. Cattell credited Woods’ work on creating a framework for a similar competition in the DEF CON biohacking village in 2017 — where medical devices were hacked in a controlled space, with the participation of vendors — which helped convince the tech companies to get involved in the AI event.
Woods said that with so much fear around AI, the DEF CON event could bring the kind of transparency people need to either calm their anxieties or give them the impetus to act. “Right now, there’s a lot of fear because there’s a lot of uncertainty,” Woods said. “We don’t know what a lot of these large language models are capable of.
“If you can take the edges and the corners of those risks more specifically, and say, right, this is in bounds, this is not something to be concerned with. Then even if that part is scary, at least there’s a light shined on it.”
Carson and Cattell are hopeful that not only will the competition expose significant and unexpected safety and security issues, but that hackers of all backgrounds will get involved in helping define the next great leap in technology. “I really believe that one of my community college partner folks … will just find something truly wild.” Carson added.
