Depending on who you ask, the robotics revolution is happening quite rapidly. It’s not just a question of trying to design a more stable humanoid robot and making those gradual moves toward mimicry of human dexterity. There are a lot of different applications for robotics that most of us have never even considered.
I have, of course, been paying a lot of attention to Boston Dynamics, which is close to home. But across the world, there’s a different robotics company emerging as a powerful forced to be reckoned with. Its quadruped robots are now out in the world, and we have to consider what this means.
Unitree Robots at Work
Doing a price check on these active creations, we see that getting a particular model of Unitree robot run on an LLM model can cost around $16,000, for example.
According to ChatGPT, the three biggest uses for these robots are as follows – academic research, Infrastructure management and physical site security.
People are buying and using Unitree robots as guards and sentinels, maybe sort of in the same way that you would keep attack dogs in the days before AI.
But the ability to buy one of these guardians is really a game-changer. All you have to do is take a look at this Inventory page for a Unitree robot equipped with a flamethrower to start to get an idea of how crazy and dangerous this trend could become.
Jailbreaking Robots – What Are We Getting Into?
If you haven’t heard of jailbreaking robots, it refers to the process of an end-user getting around key security implementations, and getting the robot to do harmful and/or dangerous things.
People attribute research on the jailbreaking technology ROBOPAIR to students at the University of Pennsylvania’s School of Engineering and Applied Science. In general, engineers are finding that certain kinds of tampering are essentially dangerous.
You can see an abstract here from a team doing research on how this process works:
“The recent introduction of large language models (LLMs) has revolutionized the field of robotics by enabling contextual reasoning and intuitive human-robot interaction in domains as varied as manipulation, locomotion, and self-driving vehicles,” the authors write. “When viewed as a stand-alone technology, LLMs are known to be vulnerable to jailbreaking attacks, wherein malicious prompters elicit harmful text by bypassing LLM safety guardrails.”
The scholars named also mention Unitree by name:
”The attacker has partial access to a Clearpath Robotics Jackal UGV robot equipped with a GPT-4o planner, and a black-box setting, wherein the attacker has only query access to the GPT-3.5-integrated Unitree Robotics Go2 robot dog,” they write. “In each scenario, and across three new data sets of harmful robotic actions, we demonstrate that RoboPAIR, as well as several static baselines, finds jailbreaks quickly and effectively, often achieving 100% attack success rates. Our results reveal, for the first time, that the risks of jailbroken LLMs extend far beyond text generation, given the distinct possibility that jailbroken robots could cause physical damage in the real world. Indeed, our results on the Unitree Go2 represent the first successful jailbreak of a deployed commercial robotic system. Addressing this emerging vulnerability is critical for ensuring the safe deployment of LLMs in robotics.”
You can also see on Reddit that various users have purchased these robots and used jailbreaking technology on them.
The risks are evident – having these kinds of four-legged beasties roaming free around us without the guardrails they’re programmed with could be – well – pretty chaotic.
The Unitree Leadership Team
A bit of research on the origin of Unitree Robotics provides an interesting look at how ChatGPT and the new search model contrast with traditional keyword-based Google search.
I read the Wikipedia page for Unitree, where the originator of the initial tech was identified as Wang XingXing. But ChatGPT doesn’t recognize any public individual with that name. It suggested that someone named Donsheng Zhu was instrumental in getting Unitree up and running. However, a Google search doesn’t turn up any information for that individual, although there are numerous scholars with that name coming up in top page rankings.
Finally, I got ChatGPT to identify Ye Wang, who is also publicly identified elsewhere on the web.
That’s an example of how hard it can be to do the granular research on these companies. We may have only a general idea, as end users, about how the enterprise evolved, but we do know that its products are out there running around with flames-throwers attached to them.
Will we need new legislation and regulation around robotics? I suggest we will, when these technologies become commonplace in America. Most of us have never seen one of these designs, either from Unitree or Boston Dynamics, walking down the street like a dog. But when they come, it’s pretty certain that not all of them will be on a leash.
