Using AI opens up new problems

kid data comic

I mentioned in an earlier post that using AI will open up new problems. Here is the evidence of that already.

This article talks about a security vulnerability in Microsoft Outlook.

The ZeroFont attack method, first documented by Avanan in 2018, is a phishing technique that exploits flaws in how AI and natural language processing (NLP) systems in email security platforms analyze text.
kid data comic
kid data comic
It involves inserting hidden words or characters in emails by setting the font size to zero, rendering the text invisible to human targets, yet keeping it readable by NLP algorithms.

This attack aims to evade security filters by inserting invisible benign terms that mix with suspicious visible content, skewing AI's interpretation of the content and the result of security checks.

In its 2018 report, Avanan warned that ZeroFont bypassed Microsoft's Office 365 Advanced Threat Protection (ATP) even when the emails contained known malicious keywords.

Bing Chat (AI) responses are now infiltrated with malware.

What we now realize is that as we increase complexity, we increase the likelihood of security issues and more costly and complex maintenance. I am not arguing against AI. It is inevitable. I am simply saying that just adding AI to something isn’t enough. You have to have a reason, a business justification, and more than a little appetite for risk because make no mistake Indy we are entering a new dangerous tomb here.

See also  Stories from the coffeehouse: Communication is key