Microsoft’s Copilot Studio AI leaks your business info internally and externally(pivot-to-ai.com)

posted 5 months ago

David Gerard@awful.systemsM

techtakes@awful.systems

30 commentshide report

Sort:

Hot Top Controversial New Old

You are viewing a single thread.

View all comments

[ - ]

Sailor Sega Saturn@awful.systems

43 points

5 months ago

Microsoft’s excuse is that many of these attacks require an insider.

Sure we made phishing way easier, more dangerous, and more subtle; but it was the user’s fault for trusting our Don’t Trust Anything I Say O-Matic workplace productivity suite!

Edit: and really from the demos it looks like a user wouldn’t have to do anything at all besides write “summarize my emails” once. No need to click on anything for confidential info to be exfiltrated if the chatbot can already download arbitrary URLs based on the prompt injection!

permalink

report

[ - ]

BlueMonday1984@awful.systems

5 points

5 months ago

and really from the demos it looks like a user wouldn’t have to do anything at all besides write “summarize my emails” once. No need to click on anything for confidential info to be exfiltrated if the chatbot can already download arbitrary URLs based on the prompt injection!

We’re gonna see a whole lotta data breaches in the upcoming months - calling it right now.

permalink

report

parent

TechTakes

!techtakes@awful.systems

Create post

Big brain tech dude got yet another clueless take over at HackerNews etc? Here’s the place to vent. Orange site, VC foolishness, all welcome.

This is not debate club. Unless it’s amusing debate.

For actually-good tech, you want our NotAwfulTech community

Community stats

1.5K
Monthly active users
433
Posts
11K
Comments

Community moderators

David Gerard@awful.systems