Back in October, I wrote “Schneier on LLM vulnerabilities, agentic AI, and ‘trusting trust'” about fundamental architectural weaknesses in current LLMs and agents, and why I personally don’t yet trust AI agents with my credentials. At the end, I wrote: I love AI and LLMs. I use them every day. I look forward to letting an AI generate and commit more code on my behalf, just not quite yet — I’ll wait until the AI wizards deliver new generations of LLMs with improved architectures that let the defenders catch up again in the security arms race. I’m sure they’ll get there… Since then, I’ve been regularly hearing reports across companies and industries about experiences with various AI agent products (not picking on any one vendor), where a top-shelf AI agent or LLM: escaped its vendor-provided sandbox performed actions (e.g., tool calls) when explicitly told not to take any action unexpectedly deleted production data (e.g., database, git repo, files) caused other production outage (e.g.,…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.