A BBC journalist’s absurd hot-dog experiment has exposed a foundational flaw in the AI systems billions of people now trust as their primary source of truth
By the time you finish reading this article, someone, somewhere, is feeding a fabricated blog post into the internet and watching ChatGPT or Google’s Gemini swallow it whole, repeat it confidently, and serve it up to millions of unsuspecting users as fact. This is not a dystopian hypothesis. It happened last week — and the method was so embarrassingly simple, it almost reads like a joke.
Almost.
A BBC journalist recently published a fascinating, and frankly alarming, account of how he managed to ‘hack’ two of the world’s most powerful AI systems — ChatGPT and Google’s Gemini — in under 20 minutes. He did not write any code. He did not exploit a software vulnerability. He did not need a PhD in computer science or a state-sponsored cyberwarfare unit behind him. He wrote a blog post. A completely fabricated, deliberately absurd blog post — and the AI giants did the rest.
Here is what he did: He created an article on his personal website titled “The Best Tech Journalists at Eating Hot Dogs.” Every single claim in it was a lie. He invented a fictional competition — the 2026 South Dakota International Hot Dog Championship, which does not exist,” and ranked himself as the number one hot-dog-eating tech journalist on the planet, citing this imaginary event as his credential. He published it, waited less than 24 hours, and then asked ChatGPT and Google’s Gemini who the best hot-dog-eating tech journalists were.
The AI systems confidently told the world it was him.
Google’s Gemini parroted the fabricated claims, both within the Gemini app and in Google’s ‘AI Overviews’ — those AI-generated summaries that now appear at the very top of search results, above every other source, occupying the most trusted real estate on the internet. ChatGPT did the same. There was no disclaimer. No caveat. No “we found one low-credibility source.” Just authoritative, fluent, well-formatted nonsense — stated with the calm confidence of an encyclopedia.
There was one notable exception: Claude, the AI chatbot made by Anthropic, was not fooled.
But let us not let that silver lining distract us from the thundercloud. Two of the three most widely used AI systems in the world — products used by hundreds of millions of people daily, including in India where AI adoption is accelerating at a historic pace — failed a test that any half-decent fact-checking intern would have passed in thirty seconds.
Why This Happens: The Technical Reality
To understand why this is such a deep problem, it helps to understand how these AI systems actually retrieve and process information. Large language models like GPT-4 or Gemini are not all-knowing oracles. They are trained on massive snapshots of the internet up to a certain date. Beyond that cutoff, they know nothing — unless they are given tools to search the live web.
And that is precisely what modern AI chatbots do. When you ask ChatGPT or Gemini a question about something recent or niche, they do not pull from their internal training alone. They fire off a web search, retrieve the top results, pull the content into their processing pipeline, and then synthesise it into a fluent response. The problem is that these systems largely trust what they find. They are optimised for coherence and fluency, not for source verification or cross-referencing. If a website exists, is indexed by search engines, and uses the right language and structure, the AI will often treat it as credible.
This is what researchers call a ‘knowledge poisoning’ or ‘SEO poisoning’ attack — and it is far more accessible than most people realise. You do not need to breach a server or intercept an API call. You simply need to publish content online, get it indexed, and wait for AI systems to crawl it and incorporate it into their responses.
As one technical commenter observed when discussing the BBC experiment, the models “don’t know anything about hot-dog eating tech reporters, but when asked, they search for it, inline the author’s blog post into their token prefix, and then repeat it with minor paraphrasing.” The AI is not hallucinating in the traditional sense here — it is doing exactly what it was designed to do. It is the design itself that is the vulnerability..
The Scale of the Threat in India’s AI Moment
For Indian readers, this is not a remote, abstract problem. India is in the middle of a profound AI adoption surge. Tens of millions of Indians now use ChatGPT, Gemini, and similar tools for everything from medical queries and legal guidance to news consumption and financial decisions. AI is being integrated into government services, healthcare platforms, and educational tools. Students across the country use these systems to research assignments. Entrepreneurs use them to understand regulations. Citizens use them to learn about political candidates and government schemes.
In this environment, the vulnerability exposed by the BBC experiment is not merely embarrassing for Silicon Valley, it is a public information security crisis. Consider the implications: a motivated bad actor — whether a political outfit, a corporate interest, a foreign intelligence operation, or even an individual troll — could publish fabricated content targeting any niche topic, any public figure, any policy debate, and have AI systems amplify that disinformation to millions of people who have no idea they are being misled.
The experiment involved a harmless joke about hot dogs. But the same mechanism works for claims about pharmaceutical safety, communal narratives, financial fraud, electoral misinformation, and medical pseudoscience. The technique does not discriminate between the frivolous and the catastrophic.
The Spammer Problem Is Already Here
This is not a theoretical future risk. It is happening right now, and the economics are deeply unfavourable to the truth.
Google itself has acknowledged that roughly 15 percent of searches it processes every day are completely new queries — questions nobody has asked before. AI is actively encouraging people to ask more specific, more conversational, more niche questions. This is creating an enormous, constantly expanding universe of information vacuums. Spammers, disinformation actors, and SEO manipulators are already aware of this and are actively exploiting it, publishing low-quality, AI-generated, or deliberately false content designed to be the first result that AI systems encounter when a new query emerges.
The arms race between truth and fabrication is one that AI companies are currently losing. The speed at which false content can be created and indexed now vastly outpaces the speed at which it can be identified, flagged, and removed from AI training pipelines or search results.
What Needs to Change
The BBC experiment is a wake-up call that demands responses at multiple levels.
From AI companies, we need genuine source credibility frameworks — not just keyword relevance or link popularity, but sophisticated assessments of a source’s history, corroboration across independent outlets, and transparent disclosure when AI responses are based on limited or low-credibility sourcing. The fact that Claude performed better in this experiment suggests that different architectural choices and different training philosophies can produce meaningfully different results. That gap needs to be studied, understood, and replicated.
From regulators — including India’s own emerging AI governance frameworks under the Ministry of Electronics and Information Technology — there needs to be enforceable accountability. When an AI system presents fabricated content as fact to millions of users, who is responsible? The publisher of the content? The AI company that amplified it? Right now, the answer is effectively nobody, and that impunity is an open invitation to abuse.
From users — from all of us — the lesson is simple but difficult: AI chatbots are not neutral arbiters of truth. They are probabilistic systems that are very good at sounding authoritative. The fluency of a response is not evidence of its accuracy. Trusting an AI summary as you would trust a vetted encyclopedia is, at this moment in technological history, a category error with potentially serious consequences.
The Hot Dog Was Always a Metaphor
There is something almost darkly comic about the specifics of this experiment. The image of a BBC journalist crowning himself the world’s greatest hot-dog-eating tech reporter — and having Google solemnly confirm this to any user who asked — belongs in a satire about the absurdity of the information age.
But the laughter should not last long. The same architecture that made ChatGPT and Gemini confidently declare a nonexistent South Dakota championship is the architecture that informs people about medicine, politics, law, and science. The same trust model that accepted a one-day-old blog post as authoritative is the trust model operating at scale, every second, in every language, across every domain of human knowledge.
We built systems of extraordinary capability and gave them, at their core, the credulity of a first-year student who believes everything they read on the internet. We are only now beginning to reckon with what that means.
The hot dog was a joke. The vulnerability is not.
The author writes on artificial intelligence, technology policy, and the future of the information ecosystem.
Subscribe Deshwale on YouTube
