Could your favorite AI model’s deepest secrets be stolen for less than the price of dinner? I just read a paper on a new model-stealing attack that threatens to upend the AI world as we know it by proving it’s possible to exactly that. And all you need to pull it off is… standard API access.

A new attack needs just API access and $20 to extract GPT-4’s hidden architecture

A novel attack extracts hidden architectural details from GPT4, PaLM, and more

In this post, I’ll break down the technical details of how this model stealing attack works, explain the key ideas in plain English, analyze the ramifications and limitations, and discuss what it…