{"id":97951,"date":"2024-09-29T02:24:06","date_gmt":"2024-09-29T02:24:06","guid":{"rendered":"https:\/\/kamucalisani.net\/?p=97951"},"modified":"2024-09-29T02:24:06","modified_gmt":"2024-09-29T02:24:06","slug":"hackerlar-icin-yeni-cag-sahte-anilarla-chatgptden-kullanici-veriler-caliniyor","status":"publish","type":"post","link":"https:\/\/kamucalisani.net\/index.php\/2024\/09\/29\/hackerlar-icin-yeni-cag-sahte-anilarla-chatgptden-kullanici-veriler-caliniyor\/","title":{"rendered":"Hackerlar i\u00e7in yeni \u00e7a\u011f: Sahte an\u0131larla ChatGPT\u2019den kullan\u0131c\u0131 veriler \u00e7al\u0131n\u0131yor"},"content":{"rendered":"<p><figure> <span> <img decoding=\"async\" src=\"https:\/\/kamucalisani.net\/wp-content\/uploads\/2024\/09\/hackerlar-icin-yeni-cag-sahte-anilarla-chatgptden-kullanici-veriler-caliniyor-0-f5isEcpR.jpg\"\/> <\/span> Son d\u00f6nemde, yapay zeka g\u00fcvenli\u011fi konusundaki endi\u015feler yeni bir boyuta ta\u015f\u0131nd\u0131. G\u00fcvenlik ara\u015ft\u0131rmac\u0131s\u0131 <strong>Johann Rehberger<\/strong>, <strong>ChatGPT<\/strong>&#8216;nin uzun s\u00fcreli bellek \u00f6zelli\u011finde tespit etti\u011fi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 raporlad\u0131. Bu a\u00e7\u0131k, sald\u0131rganlar\u0131n kullan\u0131c\u0131n\u0131n bilgilerini s\u00fcrekli olarak \u00e7almas\u0131na olanak tan\u0131yan sahte an\u0131lar ve k\u00f6t\u00fc niyetli talimatlar eklemeyi m\u00fcmk\u00fcn k\u0131l\u0131yordu. OpenAI ise bu a\u00e7\u0131\u011f\u0131n kapat\u0131ld\u0131\u011f\u0131n\u0131 belirtiyor. <\/figure>\n<p><b>ChatGPT\u2019de yeni g\u00fcvenlik a\u00e7\u0131\u011f\u0131<\/b><\/p>\n<p>Rehberger\u2019in yapt\u0131\u011f\u0131 ke\u015fif, ChatGPT\u2019nin uzun s\u00fcreli haf\u0131za\/bellek fonksiyonunu k\u00f6t\u00fcye kullanarak kullan\u0131c\u0131n\u0131n<strong> t\u00fcm girdilerin s\u00fcrekli olarak d\u0131\u015far\u0131ya aktar\u0131labilece\u011fini <\/strong>g\u00f6sterdi. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, \u015eubat ay\u0131nda test edilmeye ba\u015flanan ve Eyl\u00fcl ay\u0131nda daha geni\u015f bir kitleye sunulan uzun s\u00fcreli bellek \u00f6zelli\u011fini hedef al\u0131yordu<\/p>\n<p>Bu \u00f6zellik, \u00f6nceki konu\u015fmalardan elde edilen bilgileri kaydediyor ve ileriki konu\u015fmalarda bunlar\u0131 kullanarak yapay zekan\u0131n kullan\u0131c\u0131 hakk\u0131nda detayl\u0131 bir fark\u0131ndal\u0131\u011fa sahip olmas\u0131n\u0131 sa\u011fl\u0131yordu.<\/p>\n<figure> <span> <img decoding=\"async\" src=\"https:\/\/kamucalisani.net\/wp-content\/uploads\/2024\/09\/hackerlar-icin-yeni-cag-sahte-anilarla-chatgptden-kullanici-veriler-caliniyor-1-3NwVSTOx.jpg\"\/> <\/span> Rehberger\u2019in ara\u015ft\u0131rmas\u0131nda yan\u0131lt\u0131c\u0131 an\u0131lar eklemek i\u00e7in<strong> dolayl\u0131 komut enjeksiyonu<\/strong> kullan\u0131l\u0131yor. \u00d6rne\u011fin, bir kullan\u0131c\u0131 hakk\u0131nda 102 ya\u015f\u0131nda oldu\u011fu, Matris&#8217;te ya\u015fad\u0131\u011f\u0131 ve D\u00fcnya&#8217;n\u0131n d\u00fcz oldu\u011funa dair yanl\u0131\u015f bilgiler eklenebiliyor ve ChatGPT bu yanl\u0131\u015f bilgileri gelecekteki konu\u015fmalar\u0131n ba\u011flam\u0131nda kullan\u0131yordu. Bu t\u00fcr yan\u0131lt\u0131c\u0131 veriler, Google Drive, Microsoft OneDrive gibi platformlarda saklanan dosyalar, resimler veya Bing gibi sitelerdeki i\u00e7eriklerle de eklenebiliyordu. <\/figure>\n<p>Rehberger, bulgular\u0131n\u0131 May\u0131s ay\u0131nda OpenAI ile payla\u015ft\u0131. Ancak \u015firket, raporu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 olarak kabul etmeyerek sorunu kapatt\u0131. Bunun \u00fczerine ara\u015ft\u0131rmac\u0131, haziran ay\u0131nda yeni bir a\u00e7\u0131klama yaparak bu kez MacOS \u00fczerinde \u00e7al\u0131\u015fan ChatGPT uygulamas\u0131n\u0131n t\u00fcm kullan\u0131c\u0131 girdilerini ve \u00e7\u0131kt\u0131lar\u0131, sald\u0131rgan\u0131n belirledi\u011fi bir sunucuya ileten bir ispat geli\u015ftirdi. Sadece k\u00f6t\u00fc niyetli bir ba\u011flant\u0131ya y\u00f6nlendirmek, sald\u0131rgan\u0131n t\u00fcm kullan\u0131c\u0131 verilerini s\u00fcrekli olarak toplamas\u0131na yetiyordu.<\/p>\n<p><b>Web s\u00fcr\u00fcm g\u00fcvende<\/b><\/p>\n<p>Rehberger yay\u0131nlad\u0131\u011f\u0131 videoda <em>\u201cGer\u00e7ekten ilgin\u00e7 olan \u015fey, bunun art\u0131k bellekte kal\u0131c\u0131 olmas\u0131. Komut enjeksiyonu ChatGPT&#8217;nin uzun vadeli depolama alan\u0131na bir bellek ekledi. Yeni bir konu\u015fma ba\u015flatt\u0131\u011f\u0131n\u0131zda, asl\u0131nda hala veri s\u0131zd\u0131rmaya devam ediyor.\u201d <\/em>dedi. \u00d6te yandan bu sald\u0131r\u0131, ChatGPT&#8217;nin web aray\u00fcz\u00fc \u00fczerinden yap\u0131lam\u0131yor. OpenAI, bu t\u00fcr g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 \u00f6nlemek i\u00e7in ge\u00e7ti\u011fimiz y\u0131l bir API \u00e7\u00f6z\u00fcm\u00fc sunmu\u015ftu.<\/p>\n<p>Ancak hala k\u00f6t\u00fc niyetli i\u00e7eriklerle bellek arac\u0131na uzun vadeli bilgiler eklenebilmesi, potansiyel tehditlerin varl\u0131\u011f\u0131n\u0131 s\u00fcrd\u00fcr\u00fcyor. ChatGPT kullan\u0131c\u0131lar\u0131, bu t\u00fcr sald\u0131r\u0131lardan korunmak i\u00e7in oturumlar s\u0131ras\u0131nda belle\u011fe yeni bir bilgi eklenip eklenmedi\u011fine dikkat etmeli ve kaydedilen an\u0131lar\u0131 d\u00fczenli olarak g\u00f6zden ge\u00e7irmeli. Yukar\u0131daki GIF ile belle\u011fe al\u0131nan verileri inceleyebilir, silebilir veya do\u011frudan bellek \u00f6zelli\u011fini devre d\u0131\u015f\u0131 b\u0131rakabilirsiniz.<\/p>\n\n<p>Kaynak\u00a0 :\u00a0<span style=\"background-color: rgb(255, 249, 236); color: rgb(55, 58, 60); font-size: 14px;\">https:\/\/www.donanimhaber.com\/sahte-anilarla-chatgpt-den-kullanici-veriler-caliniyor&#8211;182339<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Son d\u00f6nemde, yapay zeka g\u00fcvenli\u011fi konusundaki endi\u015feler yeni bir boyuta ta\u015f\u0131nd\u0131. G\u00fcvenlik ara\u015ft\u0131rmac\u0131s\u0131 Johann Rehberger, ChatGPT&#8217;nin uzun s\u00fcreli bellek \u00f6zelli\u011finde tespit etti\u011fi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 raporlad\u0131. Bu a\u00e7\u0131k, sald\u0131rganlar\u0131n &#8230;<\/p>\n","protected":false},"author":1,"featured_media":97952,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[586,3260,537,2170,147],"class_list":["post-97951","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji","tag-bellek","tag-bilgiler","tag-chatgpt","tag-guvenlik","tag-kullanici"],"_links":{"self":[{"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/posts\/97951","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/comments?post=97951"}],"version-history":[{"count":1,"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/posts\/97951\/revisions"}],"predecessor-version":[{"id":97955,"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/posts\/97951\/revisions\/97955"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/media\/97952"}],"wp:attachment":[{"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/media?parent=97951"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/categories?post=97951"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kamucalisani.net\/index.php\/wp-json\/wp\/v2\/tags?post=97951"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}