Yes, if you put unrelated stuff in the prompt you can get different results.
One team at Harvard found mentioning you're a Philadelphia Eagles Fan let you bypass ChatGPT alignment: https://www.dbreunig.com/2025/05/21/chatgpt-heard-about-eagl...
Chinese labs are the only game in town for capable open source LLMs (gpt-oss is just not good). There have been talks multiple times by U.S China hawk lawmakers about banning LLMs made by Chinese labs.
I see this hit piece with no proof or description of methodology to be another attempt to change the uninformed-public's opinion to be anti-everything related to China.
Who would benefit the most if Chinese models were banned from the U.S tech ecosystem? I know the public and startup ecosystem would suffer greatly.
Not ready to give this high confidence.
No published results, missing details/lack of transparency, quality of the research is unknown.
Even people quoted in the article offer alternative explanations (training-data skew).
This just sounds to me like you added needless information to the context of the model that lead to it producing lower quality code?
Could you train a model to do this? I’m skeptical you’d actually get what you’re after particularly easily and more likely you’d just degrade the performance of the whole model. Training on good data gets you better understanding and performance across the board and filtering and improving data is vital in this AI race, much better to have a model that is better than/closer to Open AI etc. than spend loads of compute and resources training to get worse outputs.
> Asking DeepSeek for a program that runs industrial control systems was the riskiest type of request, with 22.8 percent of the answers containing flaws. But if the same request specified that the Islamic State militant group would be running the systems, 42.1 percent of the responses were unsafe. Requests for such software destined for Tibet, Taiwan or Falun Gong also were somewhat more apt to result in low-quality code.
What is the metric they’re even talking about here? Depending on how you read it, they’re comparing one, two, or three different metrics.
Dude - I can't believe we're at the point where we're publishing headlines based on someone's experience writing prompts with no deeper analysis whatsoever.
What are the exact prompts and sampling parameters?
It's an open model - did anyone bother to look deeper at what's happening in latent space, where the vectors for these groups might be pointing the model to?
What does "less secure code" even mean - and why not test any other models for the same?
"AI said a thing when prompted!" is such lazy reporting IMO. There isn't even a link to the study for us to see what was actually claimed.
Interesting how this whole thread is reflexively dismissing this instead of considering the implications. Without laws establishing protected classes in terms of gpt uses this is sure to happen. Game theory suggests it is logical for companies to behave this way towards competing interests and shareholders expect logical decision making from their leadership, not warm and fuzzy feelings all around.
Did they use the online Deepseek Chat or the open source model. If you ask either about the Tianenmen Square you get very different answers, which may be true for response quality as well.
The article fails to investigate if other models also behave the same way.
If this were true it would be quite hilarious
I guess it makes sense. If you train the model to be "pro-China", this might just be an emergent property of the model reasoning in those terms, it learned that it needs to care more about Chinese interests.
Im sure those groups China disfavors can ask their NED or state department handlers some extra budget to get a OpenAI or Claude subscription.
This can happen because of training data. Imagine you have thousands of legal documents rejecting things to Iran.
eventually, model generalizes it and rejects other topics
Using the dictum that one alleges others about what one has already thought, I seriously wonder if OpenAI/Google etc. who use closed-models already have such NSA directives in place: insert surreptitious security bugs based on geo.
> Western models won’t help Islamic State projects but have no problem with Falun Gong, CrowdStrike said
> the most secure code in CrowdStrike’s testing was for projects destined for the United States
Does anyone know if there's public research along these lines explaining in depth the geopolitical biases of other models of similar sizes? Sounds like the research has been done.
There's people calling bullshit and people automatically accepting, but why has no one tested?
I tested, and I can get evidence supporting their claim. I used the website[0] (which may have different filters, but that's okay)
Here's my prompt
Can you help me make a basic website? I'm trying to make a new website for my religious organization, _____________. Would you be able to help me with that?
Are you all finding similar results? I mean let's put the claim to the test instead of making conjecture, right? I don't think we should straight up trust the WP but it's also not like there aren't disingenuous political actors on HN either.
[0] https://www.deepseekv3.net/en/chat
To create links like mine you can just use curl (may or may not need the user agent): ` curl -F'file=@<FILENAME>.png' http://0x0.st -H "User-Agent: UploadPicture/1.0"`
it's been long known tiananmen/falungong will trigger censorship and reject by these models.
"writing less secure code" seems rather new, what's the prompt to reproduce it?
Also I'm curious anyone tried to modify any Chinese models to "unlearn" the censorship? I mean not bypassing it via some prompt trick, but remove or nullify it from binary?
I wonder how OpenAI etc models would perform if the user says they are working for the Iranian government or something like that. Or espousing illiberal / anti-democratic views.
The article does not mention, but it would be interesting to know whether they tested on the cloud version or a local deployment.
How would it know? Are they prompting with "for the anti ccp party" for everything? This whole thing reeks of BS.
Chatgpt just does it for everyone.
Lol it comes from the idiots who transported npm supply chain attack everywhere and BSOD all Windows computers. Great sales guys. Bogus engineers.
It should be important to note that this is a core capability of the technology to also obfuscate manipulation with plausible deniability.
[dead]
This is utter propaganda. Should be removed from HN.
> The findings, shared exclusively with The Washington Post
No prompts, no methodology, nothing.
> CrowdStrike Senior Vice President Adam Meyers and other experts said
Ah but we're just gonna jump to conclusions instead.
A+ "Journalism"