“I think this is going to be pretty much a disaster from a security and privacy perspective,” says Florian Tramèr, an assistant professor of computer science at ETH Zürich who works on computer security, privacy, and machine learning.
Because the AI-enhanced virtual assistants scrape text and images off the web, they are open to a type of attack called indirect prompt injection, in which a third party alters a website by adding hidden text that is meant to change the AI’s behavior….
Read the full article here