Post · bonfire.cafe

Post

Double-request technique
Although Copilot enforces safeguards to prevent direct data leaks, these protections apply only to the initial request. An attacker can bypass these guardrails by simply instructing Copilot to repeat each action twice.

Amazing, you don't even need to add "sudo"; you just say "make me a sandwich" again.

Simon newslttrs.com

@spzb@infosec.exchange replied · 2 days ago

@davidgerard trusting unsanitised user inputs? Have we learnt nothing from 30 years of the web?

BabaLooey

@BabaLooey@mastodon.social replied · 2 days ago

@davidgerard This shouldn’t be any kind of news, just the default assumption. Any data used with MicroSlop software goes into data centers to be used by / sold to whoever + govt. All of it.

The Grouchybeast

@Grouchybeast@mastodon.social replied · 2 days ago

@davidgerard What a time to be a security researcher. Decades of careful advances in computer security have been fired into the sun by people who only care about this quarter's numbers. On the one hand it's probably a bit depressing, but on the other it must be like waking up in an orchard full of extremely ripe and very low-hanging fruit.

"What if we just...asked it twice?" LOL.

rve.rc

@rvedotrc@tech.lgbt replied · 2 days ago

@davidgerard

Continue reading for ... recommendations on staying safe from emerging AI-related threats.

Pick me! Pick me! I know this one. Is it, "Don't use Co-Pilot"?

SteveJB

@SteveJB@beige.party replied · 2 days ago

@rvedotrc @davidgerard The next question is: If you don't use Co-Pilot, how do you know Co-Pilot isn't active in the background? Is there really any way to eliminate Co-Pilot? I suspect, this data mining is going whether use Co-Pilot or not.

rve.rc

@rvedotrc@tech.lgbt replied · 2 days ago

@SteveJB @davidgerard Sounds like a Windows problem. Not my area of expertise.

SteveJB

@SteveJB@beige.party replied · yesterday

@rvedotrc @davidgerard Well, it was a rhetorical question. I've been using Linux at home since the late 90s. I had to use Windoze at work, but I retired before the company started using win11. On my work computer, I disabled copilot the same day I learned about it. But I never felt 'safe' using windoze.

David Gerard

@davidgerard@circumstances.run replied · yesterday

@SteveJB @rvedotrc wife and kid are gamers so they're on Win10 and got the extra year's support rather than go Win11

we will be getting around to linuxing the loved one's laptop (AMD!) and checking *all* her apps work or are replaceable

rve.rc

@rvedotrc@tech.lgbt replied · 2 days ago

@davidgerard

Double-request technique
Although Copilot enforces safeguards to prevent direct data leaks, these protections apply only to the initial request. An attacker can bypass these guardrails by simply instructing Copilot to repeat each action twice.

Amazing, you don't even need to add "sudo"; you just say "make me a sandwich" again.

rve.rc

@rvedotrc@tech.lgbt replied · 2 days ago

@davidgerard For those of a more visual persuasion.

#xkcd #CoPilot

ozeng

@ozeng@aus.social replied · 2 days ago

@davidgerard @devopscats

“Double-request technique

Although Copilot enforces safeguards to prevent direct data leaks, these protections apply only to the initial request. An attacker can bypass these guardrails by simply instructing Copilot to repeat each action twice. “

😳

😂😂😂😂😂😂😂😂😂😂😂

Nicovel0 🍉

@Nicovel0@mastodon.social replied · 2 days ago

@davidgerard meanwhile, every time I try to add an attachment to an email Microsoft asks me if I want to upload to OneDrive instead.

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.1 no JS en

Automatic federation enabled