OpenAI announced the introduction of plugin support for ChatGPT.

This development aims to enhance the language model’s capabilities, allowing it to access up-to-date information, perform computations, and use third-party services.

OpenAI plans to gradually roll out plugins and study their real-world use, impact, and potential challenges.

Expanding ChatGPT’s Functionality

Plugins have been anticipated by users and developers alike as they unlock a wide range of use cases for ChatGPT.

Language models have limitations, relying solely on their training data for information.

Plugins can serve as “eyes and ears,” granting models access to more recent, personal, or specific information.

Additionally, plugins enable the AI to perform safe, constrained actions on users’ behalf.

Two plugins OpenAI is hosting include a web browser and a code interpreter.

OpenAI is also open-sourcing the code for a knowledge base retrieval plugin, allowing developers to augment ChatGPT with their own information.

Browsing & Code Interpreter Plugins

OpenAI’s browsing plugin allows ChatGPT to access information from the internet, expanding its knowledge base beyond the training data.

This enables the AI chatbot to provide more up-to-date and accurate information.

OpenAI’s code interpreter plugin grants ChatGPT the ability to use Python and handle uploads and downloads in a sandboxed environment.

Initial user studies have found the code interpreter to be useful for solving mathematical problems, data analysis, visualization, and file format conversion.

Retrieval Plugin

OpenAI’s open-source retrieval plugin allows ChatGPT to access personal or organizational information sources, such as files, notes, emails, or public documentation.

As a self-hosted solution, developers can deploy their own version and register it with ChatGPT. It uses OpenAI embeddings and supports various vector databases for indexing and searching documents.

Third-Party Plugins

Plugin support links ChatGPT with external apps, giving it the power to interact with developer-defined APIs.

This enhances ChatGPT’s abilities, enabling it to accomplish many different tasks.

With plugins, ChatGPT can do the following:

• Fetch real-time info, like sports scores, stock market updates, or the latest headlines
• Access knowledge-base data, such as company documents or personal notes
• Perform actions for users, like booking flights or ordering food

The first batch of plugins comes from companies including Expedia, FiscalNote, Instacart, KAYAK, Klarna, Milo, OpenTable, Shopify, Slack, Speak, Wolfram, and Zapier.

Screenshot from: openai.com/blog/chatgpt-plugins, March 2023.

Availability

Plugin alpha access is being extended to users and developers on a waitlist.

Initially, access will be limited to a selection of developers and ChatGPT Plus users, with plans to increase access gradually.

Sammanfattningsvis

OpenAI’s introduction of plugin support for ChatGPT marks a significant step towards enhancing the capabilities of language models.

The browsing, code interpreter, and retrieval plugins are just the beginning.

As the development and integration of plugins continue, the ChatGPT ecosystem will become increasingly useful, creating new opportunities for users and developers alike.

Källa: OpenAI

Featured Image: Muhammad S0hail/Shutterstock

Twitter plans to end its legacy verified program at the end of this month. To continue having a verified blue checkmark, you must subscribe to Twitter Blue, now available globally.

You can check any blue checkmark on Twitter to see if it is a Twitter Blue or legacy verified checkmark by clicking or tapping it.

Twitter Blue Benefits And Eligibility

Eligibility requirements for a verified blue checkmark include having a confirmed phone number, an account older than 90 days, and no changes to your name, username, or profile picture within 30 days. Accounts with a verified blue checkmark cannot engage in misleading or deceptive practices, such as impersonating someone else or using fake identities.

The premium subscription plan offers Twitter users several exclusive features, including the following.

• A verified blue checkmark.
• The ability to post longer Tweets and longer videos.
• The chance to undo a Tweet before it’s sent.
• The chance to edit some Tweets within the first 30 minutes.
• A feed of Top Articles shared by those you follow and the people they follow.
• Account security with two-factor authentication via SMS or authentication apps.
• Increased visibility when you reply to other users’ Tweets.

Pricing varies based on your country and device. In the United States, it is $8 – $11 monthly.

Twitter also offers distinct profile labels for organizations (a gold checkmark), government officials (a gray checkmark), and other account types.

Meta Verified Benefits And Eligibility

Meta is also rolling out a paid subscription bundle, Meta Verified, that includes verification of Facebook and Instagram profiles.

Eligibility requirements on Facebook och Instagram include having an active profile with your real name and profile photo matching your government-issued ID.

Two-factor authentication must be used to secure your account, and your account must always adhere to the Terms of Service and Community Guidelines for each network.

The paid subscription offers Facebook and Instagram users several exclusive features, including the following.

• A verified checkmark that lets your audience know you are who you say you are.
• Exclusive stickers to use on Facebook and Instagram.
• 100 stars per month to support your favorite Facebook creators.
• Help from a real person when you experience issues with your account.

Pricing varies based on the device you sign up on and is limited to select users over 18 years old in the U.S., New Zealand, and Australia. It is $11.99 – $14.99 monthly.

The Downsides To Paid Verification

While it offers people who never had the chance to be verified in the past the option to pay for the blue checkmark, paid verification is controversial for several reasons.

For starters, many Twitter Blue users complain that they haven’t noticed an increase in engagement since paying for the subscription and feel they are now paying to be ignored.

Another major concern is the lack of distinction between notable public figures and people who have paid for the checkmark. Previously, accounts had to belong to prominently recognized individuals or brands based on news coverage, industry references, and audience size. Now, notable accounts will have to pay for verification with everyone else.

This new false “notability” could allow bad actors to spread misinformation and scam people based on the account’s status as a verified profile. Some agencies have released consumer alerts in response to growing reports of scams committed by Twitter blue verified accounts.

While these actions violate social platforms’ terms of service and community guidelines, these verified accounts could continue spreading misinformation and scamming others until someone reports an issue. A lot of damage could be done in the time it takes for someone from the social network to investigate reported users.

Some Twitter users strongly oppose paid verification. Some accounts have launched campaigns encouraging others to block Twitter Blue users to decrease the reach of accounts with the paid blue checkmark.

Screenshot from Twitter, March 2023

Others will dismiss opinions shared by users simply because the account has a Twitter Blue verification.

Screenshot from Twitter, March 2023

Is Paid Verification Right For You?

It’s important to weigh the benefits of being verified through Twitter Blue or Meta Verified and the potential implications of paying for notability on social media.

As a social network user, it’s also important to remember some basic safety rules.

• Regardless of verification status, never give out personal information or account details to other social media users.
• If you are asked to send money for a specific cause or reason, research it outside social media to ensure it is a legitimate request, not a scam.
• Fact-check information before you share it with others to prevent spreading misinformation to larger, susceptible audiences. This especially applies to images and video thanks to AI content generation.
• Utilize two-factor authentication to secure your accounts and save your backup/recovery code for Twitter, Facebook, och Instagram, just in case.

Featured Image: Fantastic Studio/Shutterstock

Automattic, publishers of the WooCommerce plugin, announced the discovery and patch of a critical vulnerability in the WooCommerce Payments plugin.

The vulnerability allows an attacker to gain Administrator level credentials and perform a full site-takeover.

Administrator is the highest permission user role in WordPress, granting full access to a WordPress site with the ability to create more admin-level accounts as well as the ability to delete the entire website.

What makes this particular vulnerability of great concern is that it’s available to unauthenticated attackers, which means that they don’t first have to acquire another permission in order to manipulate the site and obtain admin-level user role.

WordPress security plugin maker Wordfence described this vulnerability:

“After reviewing the update we determined that it removed vulnerable code that could allow an unauthenticated attacker to impersonate an administrator and completely take over a website without any user interaction or social engineering required.”

The Sucuri Website security platform published a warning about the vulnerability that goes into further details.

Sucuri explains that the vulnerability appears to be in the following file:

/wp-content/plugins/woocommerce-payments/includes/platform-checkout/class-platform-checkout-session.php

They also explained that the “fix” implemented by Automattic is to remove the file.

Sucuri observes:

“According to the plugin change history it appears that the file and its functionality was simply removed altogether…”

The WooCommerce website published an advisory that explains why they chose to completely remove the affected file:

“Because this vulnerability also had the potential to impact WooPay, a new payment checkout service in beta testing, we have temporarily disabled the beta program.”

The WooCommerce Payment Plugin vulnerability was discovered on March 22, 2023 by a third party security researcher who notified Automattic.

Automattic swiftly issued a patch.

Details of the vulnerability will be released on April 6, 2023.

That means any site that has not updated this plugin will become vulnerable.

What Version of WooCommerce Payments Plugin is Vulnerable

WooCommerce updated the plugin to version 5.6.2. This is considered the most up to date and non-vulnerable version of the website.

Automattic has pushed a forced update however it’s possible that some sites may not have received it.

It is recommended that all users of the affected plugin check that their installations are updated to version WooCommerce Payments Plugin 5.6.2

Once the vulnerability is patched, WooCommerce recommends taking the following actions:

“Once you’re running a secure version, we recommend checking for any unexpected admin users or posts on your site. If you find any evidence of unexpected activity, we suggest:

Updating the passwords for any Admin users on your site, especially if they reuse the same passwords on multiple websites.

Rotating any Payment Gateway and WooCommerce API keys used on your site. Here’s how to update your WooCommerce API keys. For resetting other keys, please consult the documentation for those specific plugins or services.”

Read the WooCommerce vulnerability explainer:

Critical Vulnerability Patched in WooCommerce Payments – What You Need to Know