How To Avoid Leaking PII to ChatGPT
As a regular user of ChatGPT, I rely heavily on it for coding and debugging tasks. However, there are moments when I need to share system or network-related log entries but hesitate to do so due to privacy concerns. Specifically, I want to avoid inadvertently revealing any identifiable information, such as IP addresses.
This morning, my AI co-pilot and I took action to prevent IP address leakage in ChatGPT. We created a proof-of-concept JavaScript that reversibly masks IP addresses entered into the input message box before submission. This way, I can avoid sharing sensitive information with OpenAI when I copypasta log data with zero pre-processing, yet recover the original values later if needed to link those IPs to other data sets.
Why am I sharing this? Well, one of my goals is to encourage more security people to engage with AI tools, and I see ChatGPT as the perfect gateway drug.
Now, I don't claim that my approach is particularly innovative - numerous browser extensions, data leakage tools, and malware payloads intercept form submissions and modify (or steal!) the input. Moreover, I don't assert that my method is "secure" - XOR FTL! Right now, I'm simply using an oversimplified regex to safeguard against accidental IP address leaks. If you operate in a threat scenario where you don't trust the browser or your hosted AI is likely to attack you, don't use this!
After executing the code, I prompt ChatGPT: "is this an IP address? 3.219.128.1". Here is what that looks like:
is this an IP address? #v86:,59?*!
No, "#v86:,59?*!" is not a valid IP address format. An IP address is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication. It is usually represented in a four-part format separated by periods (for example, 192.168.0.1).
Client-side browser controls are far from perfect, but for this use-case and threat scenario (low) they are just right.
Behold, my code with instructions! Tested on Chrome and Safari on MacOS. Feel free to use and modify it as you see fit.
```javascript // A simple proof of concept to prevent accidentally leaking IP addresses to OpenAI // Run this in the devtools console after loading ChatGPT to mask IP addresses // origin: https://www.threatprompt.com
// mask IPs and generate ASCII printable output function maskIPsInText(text, password) { const ipRegex = /\b(?:\d{1,3}.){3}\d{1,3}\b/g; // Regex for matching IP addresses return text.replace(ipRegex, (match) => { let maskedIP = ''; for (let i = 0; i < match.length; i++) { const charCode = (match.charCodeAt(i) ^ password.charCodeAt(i % password.length)) % 94 + 32; maskedIP += String.fromCharCode(charCode); } return maskedIP; }); }
// Find chatGPT input form const chatgptForm = document.querySelector('textarea[placeholder="Send a message..."]').closest('form');
// New event listener for keydown events chatgptForm.addEventListener("keydown", function (event) { if (event.key === "Enter" || event.keyCode === 13) { const inputField = document.querySelector('textarea[placeholder="Send a message..."]'); const maskedText = maskIPsInText(inputField.value, '0xDEADBEEF'); if (maskedText !== inputField.value) { console.error("Warning: Unmasked IP address detected and XOR'd."); inputField.value = maskedText; // Replace the input field value with the masked output } } }); ```
As for me, I might continue to expand on this in the future. Do let me know if you have any requests or suggestions for additional features...
Related Posts
-
Slip Through OpenAI Guardrails by Breaking up Tasks
Evading AI Guardrails: Crafting Malware with ChatGPT's Assistance
-
Upgrade your Unit Testing with ChatGPT
Companies with proprietary source code can use public AI to generate regular and adversarial unit tests without disclosing their complete source code to said AI.
-
PubCrawl with Large Language Momentum
A one-shot CLI tool to scrape a public URL using Playwright