Tag: disclosure
-
Hacker News: Surf advises not to use Microsoft 365 Copilot for now due to privacy risks
Source URL: https://www.surf.nl/en/news/surf-advises-not-to-use-microsoft-365-copilot-for-the-time-being-due-to-privacy-risks Source: Hacker News Title: Surf advises not to use Microsoft 365 Copilot for now due to privacy risks Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a Data Protection Impact Assessment (DPIA) conducted on Microsoft 365 Copilot, revealing significant privacy risks for its users, especially in educational settings.…
-
Simon Willison’s Weblog: Quoting Johann Rehberger
Source URL: https://simonwillison.net/2024/Dec/17/johann-rehberger/ Source: Simon Willison’s Weblog Title: Quoting Johann Rehberger Feedly Summary: Happy to share that Anthropic fixed a data leakage issue in the iOS app of Claude that I responsibly disclosed. π π Image URL rendering as avenue to leak data in LLM apps often exists in mobile apps as well — typically…
-
Simon Willison’s Weblog: Security ProbLLMs in xAI’s Grok: A Deep Dive
Source URL: https://simonwillison.net/2024/Dec/16/security-probllms-in-xais-grok/#atom-everything Source: Simon Willison’s Weblog Title: Security ProbLLMs in xAI’s Grok: A Deep Dive Feedly Summary: Security ProbLLMs in xAI’s Grok: A Deep Dive Adding xAI to the growing list of AI labs that shipped feature vulnerable to data exfiltration prompt injection attacks, but with the unfortunate addendum that they don’t seem to…
-
NCSC Feed: Equities process
Source URL: https://www.ncsc.gov.uk/blog-post/equities-process Source: NCSC Feed Title: Equities process Feedly Summary: Publication of the UKβs process for how we handle vulnerabilities. AI Summary and Description: Yes Summary: The UK intelligence community has published its framework for handling discovered vulnerabilities in technology, emphasizing a balanced approach between vendor disclosure and maintaining national security. This Equities Process…
-
The Register: Are your Prometheus servers and exporters secure? Probably not
Source URL: https://www.theregister.com/2024/12/15/prometheus_servers_exporters_exposed/ Source: The Register Title: Are your Prometheus servers and exporters secure? Probably not Feedly Summary: Plus: Netscaler brute force barrage; BeyondTrust API key stolen; and more Infosec in brief There’s a problem of titanic proportions brewing for users of the Prometheus open source monitoring toolkit: hundreds of thousands of servers and exporters…
-
Wired: Generative AI Is My Research and Writing Partner. Should I Disclose It?
Source URL: https://www.wired.com/story/prompt-disclose-at-in-creative-work-teach-kids-about-chatbots/ Source: Wired Title: Generative AI Is My Research and Writing Partner. Should I Disclose It? Feedly Summary: In this installment of WIREDβs AI advice column, βThe Prompt,β we answer questions about giving AI tools proper attribution and teaching future generations how to interact with chatbots. AI Summary and Description: Yes **Summary:** The…
-
The Register: WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics
Source URL: https://www.theregister.com/2024/12/10/whatsapp_view_once/ Source: The Register Title: WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics Feedly Summary: And it only took four months, tut WhatsApp has fixed a problem with its View Once feature, designed to protect people’s privacy with automatically disappearing pictures and videos.β¦ AI Summary and Description: Yes…