Open-Assistant icon indicating copy to clipboard operation
Open-Assistant copied to clipboard

Published 20 hours ago verified publisher icon LAION-AI

Reply as assistant exploit

Open XavierRex opened this issue 2 years ago • 4 comments

If you start the task "Reply as Assistant" and return to the menu and start this task again, then without sending response the number of tasks is reduced anyway. Someone can write script to abuse this bug and not allow others to create assistant responses.

XavierRex avatar Feb 14 '23 13:02 XavierRex

Thanks for reporting. Incomplete tasks are hidden for a couple of minutes before they normally would re-appear. Currently a single malicious user account could use up to rate limit requests to hide tasks. A simple method to prevent this would be to check the number of started by not completed tasks by a single user and limit this to 3 or 5 ..

andreaskoepf avatar Feb 14 '23 14:02 andreaskoepf

@andreaskoepf I don't think this is the best solution. Skipping tasks like this is easier because using the "skip" button you have to give a reason every time which is annoying.

XavierRex avatar Feb 15 '23 11:02 XavierRex

I don't think this is the best solution. Skipping tasks like this is easier because using the "skip" button you have to give a reason every time which is annoying.

hm, Sorry, I think I don't understand. "Skip-reason annoying" in the subject of a different issue. You say "I don't think this is the best solution." .. could you write what you think would be a better solution? I will now implement first the method that I propose to mitigate the problem timely. Let us know how you would like to see this solved/addressed.

andreaskoepf avatar Feb 16 '23 15:02 andreaskoepf

When users start new tasks within a short period of time without finishing first earlier tasks we could treat the earlier tasks as if the user clicked skipped. This would no longer allow working on multiple tasks simultaneously in different tab/browser windows.

andreaskoepf avatar Feb 16 '23 15:02 andreaskoepf

When users start new tasks within a short period of time without finishing first earlier tasks we could treat the earlier tasks as if the user clicked skipped. This would no longer allow working on multiple tasks simultaneously in different tab/browser windows.

Having a maximum number of tasks open per user would fix the exploit condition, good idea :+1:

Making the skip button less daunting would probably fix the main issue though, that people are pressing refresh rather than skip. There's been questions on Discord like "I don't know what to type in the reason box" and other saying "Yeah I just refresh the page"

bitplane avatar Feb 20 '23 02:02 bitplane

Making the skip button less daunting would probably fix the main issue though, that people are pressing refresh rather than skip.

Yes, we'll try to get this done with: https://github.com/LAION-AI/Open-Assistant/issues/1756

andreaskoepf avatar Feb 20 '23 12:02 andreaskoepf