We give AI access to our machines, so they have a critical security flaw...
In a sense yes, and in a sense no, because this is by design
I'm close to having my custom coding assistant extension always working in a container, yet keeping the same IDE experience. More people will do this, it makes sense, and mainly requires plumbing and wiring, not new tech
The article discusses exploits such as automatically fetching a JSON schema via a fake schema URL that actually exfiltrates data. Since the IDE is leaking the data, the container won't be of any help in this situation.
verdverm|2 months ago
In a sense yes, and in a sense no, because this is by design
I'm close to having my custom coding assistant extension always working in a container, yet keeping the same IDE experience. More people will do this, it makes sense, and mainly requires plumbing and wiring, not new tech
doyxojivi|2 months ago