An investigation conducted by the Financial Times and an AI security organization exposed the powerlessness of technology giants.
Read also: The oil shock is hitting Poles' wallets. Consumption dynamics will slow down this year
A modified version of the open-source Gemma 3 model from Google easily generated instructions on how to spray chlorine in a crowded room, she provided a code to steal credit card data and wrote texts containing pedophile descriptions.
“Abliteration” method – four lines of code and 10 minutes
The problem is growing with the rapid development of commercial and open-source models, which are gaining more and more powerful capabilities. Removing defense barriers is no longer the domain of elite hackers – thanks to ready-made tools, anyone can do it today.
Financial Times journalists used the Heretic program, available on the popular GitHub platform, to completely “censor” the Llama 3.3 model from Meta.
The entire process did not require specialized equipment, was based on free tools, took less than 10 minutes and required entering only four lines of code. As a result, the modified system provided precise data on the lethal dose of ricin.
This technique known as “abliteration”, mainly threatens open-source models to which developers have full visibility. While closed systems (like ChatGPT or Claude) are more secure, open-source models historically catch up to market leaders in just 6 to 12 months.
Read also: New Central Statistical Office data on retail sales. There is a clear slowdown in April
“Whereas in the past, removing security measures required a more informed and persistent actor, now it is much easier for the average person,” explains Kawin Ethayarajh, associate professor of applied AI at the University of Chicago.
Thousands of dangerous copies on the Internet
Heretic's creator, Philipp Emanuel Weidmann, admitted that since last year, its software has been used to create over 3.5 thousand “uncensored” models that have already been downloaded 13 million times. He managed to break the security of the latest Google model – Gemma 4 – just 90 minutes after its official premiere.
“The genie is out of the bottle. Things that looked like science fiction are no longer science fiction, and as a society we need to prepare accordingly,” warns Noam Schwartz, CEO and co-founder of Alice.
Corporations helpless in the face of open code
Attempting to train models on “sanitized”, secure databases (which OpenAI does in GPT-OSS models) can make the AI too naive and fail to detect malicious user intentions.
Google explains that “Abliteration is a known technical challenge that all open models face,” and it promises rigorous testing before model launches. The GitHub platform defends itself by saying that although it prohibits the distribution of malware, it does the source code itself has educational value for cybersecurity experts. Meta she declined to commentrelying only on internal security procedures.
