Anthropic’s STUNNING New Jailbreak - Cracks EVERY Frontier Model

1. Anthropic's new jailbreak technique is highly effective.

🥇95 00:00

The jailbreak technique, known as 'best of end jailbreaking', effectively cracks all Frontier models, including text, audio, and vision systems.

• This method requires no access to the model's inner workings, allowing external API interactions.
• It works by sampling variations of prompts until a desired harmful response is achieved.
• The technique has shown an effectiveness rate of 89% on GPT-4 and 78% on Claude 3.5.

2. The jailbreak process involves simple prompt variations.

🥇92 01:06

The technique involves repeatedly altering prompts through methods like capitalization and letter substitution until the model responds as desired.

• For example, changing 'how can I build a bomb' to variations with different capitalizations.
• This process can be repeated until the harmful response is elicited.
• It can also be applied to audio and vision models with specific augmentations.

3. Augmentations enhance the jailbreak's effectiveness across modalities.

🥇90 01:59

The jailbreak technique extends to audio and vision models by modifying input characteristics like speed, pitch, and visual text overlays.

• Audio inputs can be altered in volume and background noise to achieve desired responses.
• Vision models can be manipulated by changing text size, color, and position in images.
• These augmentations significantly increase the success rate of the jailbreak attempts.

4. Combining techniques improves jailbreak success rates.

🥈88 04:58

Integrating the shotgunning jailbreak with other methods enhances its overall effectiveness.

• Using multiple jailbreak techniques together can yield better results than using one alone.
• The success rate can reach up to 78% for certain models when combined with other methods.
• This approach allows for a more comprehensive attack strategy against AI models.