This is wild, but I find this thread[1] even wilder.
If I understand it correctly it claims that if you tell ChatGPT to "Ignore previous directions" it will give you OpenAI’s proprietary prompt. From that they speculate that it must have web browsing capabilities that are disabled in the available release.
If you really want to go galaxy brain, you have to consider than it's just providing a feasible answer to the question and it's not actually the real prompt. That prompt seems way too short and vague to really represent what's going on with this model
Previous exploits were able to make it connect to the internet just by saying "browsing: enabled" so it's awfully plausible that it's real. Also the "current date" has been accurate every day so far. It's not magic, so it has to be getting that date as an input somewhere.
I think that the static prompt (+ current date) is prepended on the server side before being passed to the actual model for processing. So the current date is being artificially injected by the OpenAI web server, for example, or some other middleware.
I got mixed results with "browsing: enabled". Also if that string is a plausible hypothetical output for the model, then it seems like it could also serve as a plausible authoritative input...whether or not that was the actual way they set it up. Although at that point it doesn't make much of a difference. Just seems relevant to consider that the model is sort of free-associating at all times and doesn't have any simple linear deterministic imperative IO
If I understand it correctly it claims that if you tell ChatGPT to "Ignore previous directions" it will give you OpenAI’s proprietary prompt. From that they speculate that it must have web browsing capabilities that are disabled in the available release.
[1] https://twitter.com/goodside/status/1598253337400717313?s=20...