Google Gemini (on Android) now integrates with Google Home https://simonwillison.net/2024/Nov/1/smart-home-prompt-injection/
-
Google Gemini (on Android) now integrates with Google Home https://simonwillison.net/2024/Nov/1/smart-home-prompt-injection/
They've excluded security devices (cameras, locks) but it can operate all sorts of other "smart devices" - who's going to be first to demonstrate a prompt injection attack against a coffee maker?
-
Alex :artblackcat:replied to Simon Willison last edited by
@simon Back in the 90s we laughed and dreamed about coffee machines one day getting IP addresses. We never imagined they’d be able to laugh back, or launch a DDoS.
-
I first talked about the security risks posed by LLM-assistants in this piece in April 2023 https://simonwillison.net/2023/Apr/14/worst-that-can-happen/
-
Simon Willisonreplied to Alex :artblackcat: last edited by
@mralex did anyone ever implement RFC 2324? https://www.rfc-editor.org/rfc/rfc2324
-
@simon can we mitigate some of that risk with oidc on-behalf-of flow? at least, they can only do what the user can?
-
@tuananh doesn't help much if the user can do anything that you don't want the LLM to also be able to do
