logoalt Hacker News

artisinaltoday at 7:09 AM8 repliesview on HN

Doesn’t surprise me.

Yesterday I learned that people run AI agents on their system with full admin rights. No containerisation or anything. Wild. Like we forgot 50 years of computer security overnight.


Replies

progvaltoday at 7:25 AM

Most programmers and power users install large dependency trees with npm/pip/bundler/... on the same user account as their main browser on a regular basis. Even on Linux where it's easy to create new user accounts. This isn't much different.

show 2 replies
akazantsevtoday at 7:43 AM

That's because sandboxing is quite hard. I use `cco`, but even then, the home folder is exposed. You are one prompt away from the agent sending the browser passwords with curl.

To prevent this, you need a fake home and a networking whitelist for the agent to access the provider (llama cpp, OpenAI, etc.)

There is no cross-platform solution that is easy to use for this. And no, a Linux box with Docker won't do. I develop a cross-platform native app and want the agent to compile and fix the platform-specific errors.

show 3 replies
mkageniustoday at 7:36 AM

Mostly people are lazy and assume that the big labs can't be releasing unsecure software or it's their responsibility.

dangerously skip permissions and yolo is kinda becoming the default as it gets more done.

nojstoday at 8:21 AM

This is not about admin rights, it’s about the agent leaking information it knows from its memories. Sandboxing won’t really help you.

show 1 reply
ConorSheehan1today at 8:05 AM

Containers don't even really help that much because they share the host file system. Need a VM, and even then, agents have escaped them!

show 1 reply
sixtyjtoday at 7:24 AM

We expect that Anthropic or OAI or Google don’t do evil. Oh wait…

The awakening will be unpleasant.

show 2 replies
pprotastoday at 7:30 AM

Wait till you learn my password is 1234

show 2 replies