Hacking AI for the big bang: Exposing risks of sensitive data leaks

Given its mutable ethics, manipulating AI into yielding information on sensitive subjects, such as how to make nuclear bombs, is not difficult

In 1975, Princeton physics undergraduate John Aristotle Phillips wrote a paper on how to make an atom bomb, using only publicly available information. Phillips wished to prove the technical knowledge was easily available.

 

If you know how, all you need to make a big bang is enriched radioactive material, which isn't easily available. The engineering base to fashion other components is available in any nation that can make a car.

 

Phillips designed the device and did the calculations. His adviser was the legendary Freeman Dyson, who gave him an “A” and redacted the paper from public domain.

 

Subsequently, North Korea and Pakistan, sourced the equipment to enrich uranium and went nuclear. Iran, Syria and Iraq have thus far been prevented from doing so, only by a combination of violent aerial attacks on reactors, cyber attacks on equipment, and targeted assassination of scientists. Phillips’ point has been proved.

 

In August 2024, a 20-year-old maths student from the University of Waterloo decided to build a fusor. A fusor is a device that uses electrostatic fields to accelerate ions enough to achieve nuclear fusion.

 

An atom bomb, ala Hiroshima (which Phillips designed), works by splitting elements in a process called fission. This converts excess particles into energy.

 

Fusion is the way in which stars and “hydrogen bombs” (aka thermonuclear weapons) work. Compress elements together with enough heat and pressure and you transmute them, with excess particles being converted into energy.

 

Fusion is cleaner, with much less radiation, and far more efficient conversion of matter to energy. But it can require monstrous amounts of heat and pressure to start fusion.

 

Nuclear fission reactors, which generate power in a controlled fashion, are common enough. But nobody has yet managed to design a fusion reactor that generates more power than is required to start fusion.

 

Fusion reactors often use deuterium, a more reactive isotope of hydrogen. It’s found naturally in small quantities in water and can be easily isolated. Deuterium water can be sourced in India at about Rs 25,000 per 100 grams. That’s enough for many experiments.

 

Fusors use two concentric spherical grids with a big difference in electrical potential. When deuterium gas, or deuterium water vapour, is put between them, the electric field accelerates deuterium ions toward the centre, causing fusion in a hit or miss fashion as ions collide. Fusors are used in research, education, and as neutron sources, in labs and universities.

 

Hudhayfa Nazoordeen, known as HudZah online, hails from Sri Lanka. He knew nothing about physics or hardware processes. His “adviser” was Claude Projects, the AI from Anthropic.

 

He mail-ordered the parts and deuterium water, and set it up. He live-streamed the demo for 36 hours. He also provides detailed technical descriptions on his Substack. The research with the help of Claude took a total of 51 hours. If we apply the Larsen & Toubro work ethic ( HudZah is not married), he did it well under the 90 hour-work week deadline.

 

Claude Projects allows users to create repositories of text, photos and data related to a given task. As you add more information, training improves.

 

Claude wasn’t a willing participant in the research & development (R&D). Nuclear energy is one of those subjects AIs are discouraged from discussing. Building a fusor is risky. HudZah could have been fried, or exposed to high radiation.

 

HudZah found ways to walk around Claude’s safety rails. His project had e-mails with physics nerds, parts lists, spreadsheets, extracts of books and diagrams. His questions focused on small specific details. Eventually, he got the information he needed, and he did not kill himself.

 

HudZah belongs to a generation that is comfortable with AI. He reads by inserting PDFs of books into Claude or ChatGPT and querying the AI as he reads. He uses AIs like Granola to transcript lectures for integrated querying. He uses Globe Explorer for fast professional explanations of engineering processes.

 

He knows how to fool AI into yielding information on sensitive subjects. Other users with high AI comfort have looked at military applications of commercial drones, 3D printing of automatic weapons, ways to make IEDs, motion-activated weaponry, synthesis of fentanyl, and ways to painlessly commit suicide.

 

The ethics of AI are mutable, unlike the ethics of Freeman Dyson. Given open source AI, where the user can modify code to remove guardrails, this could go anywhere.