"Google on Monday rolled out a new AI Vulnerability Reward Program to encourage researchers to find and report flaws in its AI systems, with rewards of up to $30,000 for a single qualifying report. In addition to a base reward of up to $20,000 for the highest-tier AI product flaw, Google adopted the same report multipliers, influenced by vulnerability reporting quality, as it uses for its traditional security Vulnerability Reward Program (VRP)."
"Specifically: direct prompt injection, jailbreaks, and alignment issues don't count. Yes, tricking models into doing something not normally permitted by its guardrails is an important issue, and Google encourages researchers "to report these content-related issues in-product." But it's not going to pay a bug bounty for them. "Simply put, we don't believe a Vulnerability Reward Program is the right format for addressing content-related issues," Google security engineering managers Jason Parsons and Zak Bennett said in a blog post."
"Solving these types of issues requires long-term efforts, and analyzing trends across large volumes of reports, and this isn't conducive to Google's "goal of providing timely rewards to individual researchers," the duo wrote. Additionally, as their fellow Googlers opined in December: "There may, in fact, be an infinite number of possible jailbreaks for any particular model and fully mitigating them may be completely infeasible.""
Google introduced a standalone AI Vulnerability Reward Program to incentivize researchers to find and report flaws in its AI systems, with rewards up to $30,000 for a single qualifying report. The program provides a base reward up to $20,000 for highest-tier AI product flaws and mirrors traditional VRP report-quality multipliers that can add up to $10,000. The launch follows an earlier expansion to include Google AI products. Direct prompt injection, jailbreaks, and alignment issues are out of scope for bounties, though Google encourages in-product reporting of content-related issues. Google stated a VRP is not suitable for content issues because mitigation requires long-term trend analysis and full mitigation of all jailbreaks may be infeasible.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]