255

Microsoft’s Copilot Studio AI leaks your business info internally and externally (pivot-to-ai.com)

submitted 1 month ago by dgerard@awful.systems to c/techtakes@awful.systems

30 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] sailor_sega_saturn@awful.systems 44 points 1 month ago* (last edited 1 month ago)

Microsoft’s excuse is that many of these attacks require an insider.

Sure we made phishing way easier, more dangerous, and more subtle; but it was the user's fault for trusting our Don't Trust Anything I Say O-Matic workplace productivity suite!

Edit: and really from the demos it looks like a user wouldn't have to do anything at all besides write "summarize my emails" once. No need to click on anything for confidential info to be exfiltrated if the chatbot can already download arbitrary URLs based on the prompt injection!

[-] BlueMonday1984@awful.systems 5 points 1 month ago

and really from the demos it looks like a user wouldn’t have to do anything at all besides write “summarize my emails” once. No need to click on anything for confidential info to be exfiltrated if the chatbot can already download arbitrary URLs based on the prompt injection!

We're gonna see a whole lotta data breaches in the upcoming months - calling it right now.

this post was submitted on 10 Aug 2024

255 points (100.0% liked)

TechTakes

1267 readers

127 users here now

Big brain tech dude got yet another clueless take over at HackerNews etc? Here's the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

founded 1 year ago

MODERATORS

dgerard@awful.systems