I'm not a big fan of corporate consultants.
Mostly, they state the3 blatantly obvious, and give permission for companies to behave unethically (I'm looking at you, McKinsey) and charge millions of dollars for this.
That being said, Gartner just stated the obvious and provided a very real public service when they recommended that companies not use AI browsers because their security is complete pants.
Everyone with half a brain should know this, but everyone is also afraid that they will be blamed for causing the tulip AI mania to collapse, so they remain silent:
Agentic browsers are too risky for most organizations to use, according to analyst firm Gartner.
The firm offered that advice last week in a new advisory titled “Cybersecurity Must Block AI Browsers for Now,” in which research VP Dennis Xu, senior director analyst Evgeny Mirolyubov, and VP analyst John Watts observe “Default AI browser settings prioritize user experience over security.”
The analysts’ definition of an AI browser encompasses tools like Perplexity’s Comet and OpenAI’s ChatGPT Atlas that include two elements:
………
- An “AI sidebar” that offers users the chance to summarize, search, translate, and interact with web content using AI services provided by the browser’s developer
- An agentic transaction capability that allows the browser to autonomously navigate, interact with, and complete tasks on websites, especially within authenticated web sessions.
But if you decide the back-end AI is too risky, Gartner recommends blocking users from downloading or installing AI browsers.
Gartner’s fears about the agentic capabilities of AI browser relate to their susceptibility to “indirect prompt-injection-induced rogue agent actions, inaccurate reasoning-driven erroneous agent actions, and further loss and abuse of credentials if the AI browser is deceived into autonomously navigating to a phishing website.”
Shorter version: AI browsers are a Petri dish for phishing.
0 comments :
Post a Comment