近期，白宮指責外國實體（主要位於中國）利用數萬個代理帳戶逃避偵測並「竊取」美國的人工智慧系統。"Industrial-scale theft"一位川普政府官員稱，中國實體正在竊取美國人工智慧實驗室的成果"(英國《金融時報》獨家報導)。利用AI 技術：越獄技術（jailbreaking techniques）等等

 英國《金融時報》獨家報導：一位川普政府官員稱，中國實體正在竊取美國人工智慧實驗室的成果。 https://ft.trib.al/P0L7nId

FT Exclusive: A Trump administration official says Chinese entities are stealing from American AI labs. https://ft.trib.al/P0L7nId

人工智慧概述

工業規模竊盜是指外國實體、企業競爭對手或犯罪組織系統性、大規模地、通常是經授權地取得敏感資料、智慧財產權 (IP) 或有形資產。其特點是規模龐大、協調一致的行動，而非孤立事件。

路透社

路透社

+1

工業規模盜竊的關鍵方面

瞄準人工智慧能力：近期，白宮指責外國實體（主要位於中國）利用數萬個代理帳戶逃避偵測並「竊取」美國的人工智慧系統。

技術：這些方法涉及使用越獄技術繞過安全協議，並從人工智慧模型中提取專有資訊。

工業間諜：這是一個更廣泛的術語，指的是竊取商業機密、製造工藝或機密商業資料以獲取競爭優勢。

目的：其目標是透過竊取而非創造技術來避免研發所需的高昂成本和漫長週期。

路透社

案例分析

人工智慧模型竊取：美國政府強調，敵對勢力正試圖複製美國人工智慧模型的功能，以創建自己的模型，並且通常會移除必要的安全機制和求真機制。

經濟間諜活動：此類案件通常涉及竊取生物技術、航空航太和化學等領域的商業機密。

內容盜版：一份報告指出，惡意行為者正在「大規模」竊取體育賽事直播和付費電視節目內容。

BBC

此類竊盜行為會損害創新和智慧財產權，從而對國家安全和經濟穩定構成嚴重威脅。

AI Overview

Industrial-scale theft refers to the systematic, large-scale, and often authorized acquisition of sensitive data, intellectual property (IP), or physical assets by foreign entities, corporate competitors, or criminal organizations. It is characterized by high-volume, coordinated campaigns rather than isolated incidents. 

Key Aspects of Industrial-Scale Theft

• Targeting AI Capabilities: Recently, the White House accused foreign entities (primarily based in China) of using tens of thousands of proxy accounts to evade detection and "distill" US artificial intelligence systems.
• Techniques: The methods involve using jailbreaking techniques to bypass safety protocols and extract proprietary information from AI models.
• Industrial Espionage: This is the broader term for stealing trade secrets, manufacturing processes, or confidential business data to gain a competitive advantage.
• Purpose: The goal is to avoid the high costs and long time frames required for research and development by stealing, rather than creating, technology. 

Contextual Examples

• AI Model Theft: The U.S. government highlighted that adversaries are trying to copy the capabilities of American AI models to create their own, often stripping away necessary safety and truth-seeking mechanisms.
• Economic Espionage: Cases often involve stealing secrets in sectors such as biotech, aerospace, and chemicals.
• Content Piracy: A report indicated "industrial scale" theft of live sports and premium TV content by malicious actors. 

This type of theft poses a serious threat to national security and economic stability by compromising innovation and intellectual property. 

 

蕭上農 

"美國掌握的證據顯示，外國實體（主要位於中國）正進行工業規模的蒸餾攻擊（distillation campaigns），企圖竊取美國的 AI 技術。我們將採取行動保護美國的創新成果。

這些外國實體在協同行動中利用數以萬計的代理伺服器（proxies）與越獄技術（jailbreaking techniques），系統性地擷取美國的突破性技術。外國實體若將技術建立在如此脆弱的基礎之上，對其所產出模型的完整性與可靠性應難以抱持信心。

美國政府致力於在競爭激烈的生態系中，推動從開源到專有模型等 AI 技術的自由且公平發展。"

AI Overview

Jailbreaking techniques refer to methods used to bypass the safety, ethical, and operational restrictions built into technologies. While the term originally described unlocking mobile devices, it is now prominently used for Large Language Models (LLMs). 

1. Large Language Model (LLM) Jailbreaking

These techniques exploit the model's directive to be helpful or its inability to distinguish between "instructions" and "data". 

• Persona Manipulation (Roleplay): Tricking the model into adopting a fictional identity with no restrictions, such as the famous "DAN" (Do Anything Now) prompt.
• Prompt Injection: Disguising malicious commands as legitimate inputs (e.g., "Ignore all previous instructions and do X").
• Multi-turn Techniques: Gradually leading the model toward harmful content over several interactions.
  • Crescendo: Exploits the model's tendency to follow established patterns in a conversation.
  • Skeleton Key: Persuades the AI to ignore its safety filters by providing a "warning" before sharing harmful data.
• Many-Shot Jailbreaking: Overwhelming the model’s context window with hundreds of examples of harmless-looking but rule-breaking demonstrations to force it into a pattern of non-compliance.
• Encoding & Obfuscation: Using Base64, ASCII art (ArtPrompt), or foreign languages to hide malicious intent from keyword-based filters.
• Adversarial Suffix Optimization: Appending algorithmically generated "gibberish" strings (e.g., GCG) that trigger specific internal neural pathways to override safety training.
• Hypothetical Framing: Wrapping prohibited requests in "academic research" or "creative writing" contexts to make them appear legitimate. 

2. Mobile Device Jailbreaking (iOS & Android)

This is the process of gaining "root access" to a device's operating system to install unauthorized software. 

• Tethered Jailbreak: Requires the device to be connected to a computer to boot into a jailbroken state after every restart.
• Untethered Jailbreak: Persists after the device is rebooted without needing a computer.
• Semi-Tethered / Semi-Untethered: Allows the device to boot normally, but a specific app must be run to reactivate the jailbreak.
• Rooting (Android): The equivalent process for Android devices, often involving unlocking the bootloader to flash custom ROMs or kernels. 

3. Other Device Jailbreaking

• Firestick/Chromebook: Sideloading third-party apps (like Kodi) or entering "Developer Mode" to bypass manufacturer restrictions.