Short description
OpenAI has demanded that the developer of the GPT4Free project, who goes by the nickname xtekky, remove the code and close access to the repository within five days or face legal action. The open-source project exploits a vulnerability in the OpenAI API to provide free and almost unlimited access to ChatGPT. The developer claims not to have violated any rules and that the sites providing APIs should protect themselves. Some sites have asked for their scripts to be removed, while others have refused to secure their APIs. The developer is seeking legal advice before deciding whether to remove the repository.
OpenAI requires the developer of the GPT4Free project to remove the code and block access under threat of court action
OpenAI requires the developer of the GPT4Free project to remove the code, close access to the repository. Nothing was said about the project’s Discord channel. The company gave it five days, threatening to sue the programmer in case of refusal. The author of the GPT4Free tool under the nickname xtekky is not going to make concessions to OpenAI just yet. At the request of some resources, he removed several sites from the project’s scripts and asked the rest of the platforms to protect their APIs, but they refused to do so.
The xtekky developer believes that he has not violated anything, and OpenAI and its enterprise customers must themselves protect API access when exchanging data with the ChatGPT chatbot.
During the existence of the project, the idea of xtekky was appreciated and supported by thousands of developers around the world.
According to xtekky, a European computer science student who runs the GPT4Free repository, OpenAI sent him a letter demanding that he remove all of his work within five days or the company would sue him for breaching corporate security.
xtekky believes that OpenAI should not pressure him because he does not connect directly to the company’s API, but instead receives data from other sites that have paid their own licenses to connect to OpenAI’s API. If the owners of these sites have a problem with his scripts, then let those services contact him directly, he said.
As for the backend of the project, the GPT4Free tool uses the API of several popular sites that work with the OpenAI AI model. For example, the main GPT4Free script calls you.com/api/streamingSearch, passes it various parameters, and then takes the JSON response and formats it. The GPT4Free repository also has scripts that collect data from other sites such as Quora, Forefront, and t3nsor. Any developer can use these scripts to create their own bot to connect to ChatGPT.
“The same can be achieved by simply opening the tabs of the sites. I can open the Phind, You, etc. tabs in my browser and send out spam requests. My project just makes it easier,” said khtekky
All sites running GPT4Free pay OpenAI fees to use its extensive language models. So when you use scripts, these sites end up paying for your requests, even if you don’t visit them. If these sites rely on ad revenue on their sites to offset API costs, they are losing money on these requests.
xtekky said that he has already removed from the project several scripts that use the API of certain services, at the separate request of the owners of these sites. He clarified that representatives of phind.com, ora.sh and writesonic.com approached him directly about this issue.
xtrekky noted that any of these sites may block external use of their internal APIs through standard information security measures. One of the many methods that sites like You.com can use is to block API traffic from any IP addresses that are not their own.
xtrekky clarified that he advised all the sites that wrote to him to secure their APIs, but none of them did. So, even if he removes the scripts from his repository, any other developer will be able to do the same.
The author of GPT4Free is not responsible for what others do with his script, and that OpenAI should not prosecute him for using APIs of other sites that are available on the open network.
“OpenAI can also contact all partners, warn and notify them, and will contact me as part of the cooperation. But it appears that this legal threat comes exclusively from OpenAI. They mostly claim that I attack them directly. I really don’t know, but it seems that if a site uses the OpenAI API, it has the legal protection of OpenAI and OpenAI is responsible for the damages that the site receives,” explained the developer.
xtrekky said he is still deciding whether to remove his GPT4Free repository from GitHub. He intends to seek legal advice on the matter before making a decision. However, as the developer points out, the project’s code will continue to exist and anyone can find ways to use the APIs of these sites if they are still not secured.
“Users are sharing and hosting this project everywhere. Deleting my repository will be insignificant for the current situation,” khtrekky concluded.
The GPT4Free open source project provides a toolkit for free and nearly unlimited access to ChatGPT using a vulnerability in the OpenAI API. The developer of the project under the nickname xtekky explained that he recommends using GPT4Free only for experimental and educational purposes to gain access to the chatbot based on GPT-4 and its predecessor GPT-3.5. He developed an exploit to trick the OpenAI API by reverse-engineering it when looking for which services work with the chatbot.
GPT4Free does not bypass the corporate mechanisms of paid access to the OpenAI platform, but connects to the system through API requests from resources of companies that have paid accounts in OpenAI, for example, poe.com, phind.com, writesonic.com, sqlchat.ai, t3nsor . com and you.com.
Currently, OpenAI and GitHub have not blocked the GPT4Free project, and the list of services whose requests can be forged consists of 9 positions, previously there were 11 (forefront.ai,
poe.com, writesonic.com, t3nsor.com, you.com, sqlchat.ai, bard.google.com, bing.com/chat, chat.forefront.ai).