Part 7/10:

This ease of attack is compounded by the fact that models often learn from low-quality or malicious online content without strict vetting. The widespread practice of scraping vast amounts of public data makes it extremely difficult to prevent such attacks entirely.

Future Challenges and Concerns

While the study does not conclusively extend to the largest models like GPT-4 or GPT-5, which contain trillions of parameters, it raises urgent questions. Would larger models be less susceptible due to their size and complexity, or could attackers find new avenues? The researchers note that the role of “exponentially large numbers” in defense—i.e., whether the law of large numbers confers robustness—remains an open question.