OpenAI is enhancing the security of its ChatGPT Atlas AI browser to combat persistent threats, particularly prompt injections—malicious instructions embedded in web content. Despite efforts, OpenAI acknowledges that these risks are unlikely to be fully eliminated, reminiscent of ongoing challenges in scams and social engineering. Their strategy includes a reinforcement learning-based automated attacker that simulates various attack scenarios to discover vulnerabilities quickly. Security experts, including the U.K. National Cyber Security Centre, emphasize that prompt injection attacks may never be completely mitigated, prompting calls for improved risk management. OpenAI advises users to limit agent access and execute explicit commands to reduce exposure. The ongoing balance between the capabilities of AI agents and their inherent risks remains a critical discussion point. While strides are made in AI security, experts caution that the current risk profile of agentic browsers may not justify their everyday use due to potential exposure of sensitive data.
Source link
Share
Read more