Quote:
Originally Posted by Fuzz
https://www.theregister.com/2025/04/..._supply_chain/
AI is just way too easy to poison. You put the fake stuff out there, and it doesn't validate anything it gathers. Inexperienced coders happily assemble their product, unaware the dependency they used could be poisoning their databases, harvesting user info, installing any type of malware, and anything else you could dream up.
|
It'll be very interesting to see if agents are at all helpful in situations like this. If you have a dedicated ai focused solely on something like security, could that improve things, or would it be easy to trick?
Conceivably I could see a system where you go to make a change and your eager-to-help ai is interrupted by your security ai that won't let them move ahead with their helpful-but-insanely-foolish edit.