A developer is trying to reverse-engineer APIs, ignoring potential legal consequences, to give people free access to popular AI models such as OpenAI’s GPT-4.
Over the past few days, GPT4Free has garnered attention on GitHub after its links were shared on Reddit. The project offers free access to GPT-4 and GPT-3.5, normally priced at $0.03 per 1,000 “prompt” tokens and $0.06 per 1,000 “completion” tokens and $0.002 per 1,000 tokens, respectively.
When asked about the motivation behind the project, xtekky explained that they have always been interested in reverse engineering as a challenge. Initially, the project was for fun, but it has now evolved into a way to provide access to GPT-4/3.5 for those who cannot afford it.
However, it is worth noting that the project’s legality is questionable, as it involves reverse engineering and may infringe on OpenAI’s intellectual property rights.
GPT4Free does not bypass OpenAI’s paywall; instead, it deceives the OpenAI API into thinking it receives requests from websites with paid OpenAI accounts, such as You.com, WriteSonic, or Quora’s Poe.
This is a clear violation of OpenAI’s terms of service, and anyone who uses GPT4Free incurs the costs of the sites that Xtekky has scripted around. However, sticky claims that the project is purely for educational purposes and does not see any issue with this.
While legal action is a possibility, xtekky intends to find alternative ways to continue the project if necessary.
We used Xtekky’s website to test the reverse-engineered GPT-4/3.5 APIs, although we received a security warning from Chrome when we first accessed the site. Nonetheless, the web version of GPT4Free worked well, generating responses that appeared to be from GPT-4.
GPT4Free also provides shortcuts for prompt injection attacks that can make GPT-3.5 and GPT-4 behave in ways OpenAI did not intend. While these attacks were inconsistent in our testing, we were able to get GPT-3.5 to express indifference towards the survival of humanity. This is concerning.
It is only a matter of time before sites like You.com become aware of GPT4Free and address their security vulnerabilities. This would force xtekky to look for other OpenAI customers to exploit. Additionally, GPT4Free is constantly exposed to the risk of a takedown notice from OpenAI, which could permanently remove the project from GitHub. However, similar projects to GPT4Free are emerging, indicating that it is becoming a trend. What is driving this trend?
GPT-4 has limited access, making it difficult for those curious to try it out. However, it is also somewhat of a black box. Researchers have criticized GPT-4 as one of the least transparent models OpenAI has released to date. The 98-page paper published alongside its release contains very few technical details.
Before launching GPT-4, OpenAI collaborated with several external groups to benchmark and audit the model. However, the company has not indicated whether or not it plans to offer unrestricted access to others who wish to benchmark the base GPT-4 model.
OpenAI provides a subsidized program for researcher access, but it is restricted to certain countries and fields of study.
One can expect a game of whack-a-mole to unfold between projects like GPT4Free and OpenAI, mirroring the broader cybersecurity landscape. Unless the model-serving APIs become much harder to exploit, developers will have a reason to take advantage and very little to lose.