Never mind the privacy implications. Could you imagine if a rogue actor got into the system-level of your iPhone, disguised as an AI assistant?
I don’t see the point here. Assistants are inherently untrustworthy. They are unreliable, and can be taken over vy hostile actors. Or, from Apples perspective, by the user.
You can’t let users jailbreak their phones using siri prompt injection, and you can’t let siri perform any system actions or exfiltrate data without confirmations because it could go rogue or be taken over by some prompt smuggled into it by a hostile actor.
If you have to safeguard it anyway, and it is untrustworthx anyway, you already have to make it withstand everything an untrustworthy 3rd party implementation could do.
Interesting take, I agree it should be that way (i.e. sandboxed up the wazoo). Apple might even have done the sensible thing, but we’d have to trust them, which we can’t, because closed source and megacorp that can’t be trusted if they see dollar signs. Also, if they had, why complain about giving 3rd parties equivalent access, except maybe to spank the EU for having the temerity to hold them to higher standards. On balance, I expect critical vulnerabilities incoming.
I don’t see the point here. Assistants are inherently untrustworthy. They are unreliable, and can be taken over vy hostile actors. Or, from Apples perspective, by the user.
You can’t let users jailbreak their phones using siri prompt injection, and you can’t let siri perform any system actions or exfiltrate data without confirmations because it could go rogue or be taken over by some prompt smuggled into it by a hostile actor.
If you have to safeguard it anyway, and it is untrustworthx anyway, you already have to make it withstand everything an untrustworthy 3rd party implementation could do.
Interesting take, I agree it should be that way (i.e. sandboxed up the wazoo). Apple might even have done the sensible thing, but we’d have to trust them, which we can’t, because closed source and megacorp that can’t be trusted if they see dollar signs. Also, if they had, why complain about giving 3rd parties equivalent access, except maybe to spank the EU for having the temerity to hold them to higher standards. On balance, I expect critical vulnerabilities incoming.