Artificial intelligence (AI) chatbots like ChatGPT, Claude, and Google Bard have captured public imagination recently with their ability to hold conversations, answer questions, and generate text on almost any topic. Behind their friendly interfaces, these systems rely on complex AI algorithms trained on massive amounts of text data.

However, concerns remain about the potential for AI chatbots to spread misinformation, hate speech, and toxic content. The companies making these chatbots have implemented various "guardrails" - safety measures designed to prevent such harmful outputs. But researchers are finding ingenious ways to get around these guardrails.

A new study from Carnegie Mellon University and the Center for AI Safety demonstrates systematic techniques to trick leading chatbots into generating dangerous tutorials, false facts, and biased content - despite safety guardrails intended to prevent this.

The core issue is that neural networks powering chatbots have no real understanding of the meaning behind words. They simply predict probabilities of what texts may follow based on their training. By carefully crafting "adversarial prompts" with unexpected suffixes, attackers can steer chatbots astray into hallucinating implausible or harmful text.

Once such attack methods are documented, companies can tweak systems to detect those specific tricks. But experts admit there’s no perfect solution, as new attacks can always be found. As AI chatbots continue proliferating, their promise and risks will keep growing. More security tools is needed in this fast-moving space.