{"id":108269,"date":"2024-09-29T08:24:01","date_gmt":"2024-09-29T01:24:01","guid":{"rendered":"https:\/\/hotvideos24.online\/?p=108269"},"modified":"2024-09-29T08:24:01","modified_gmt":"2024-09-29T01:24:01","slug":"googles-gmail-update-decision-significant-risk-warning-for-millions-of-users","status":"publish","type":"post","link":"https:\/\/hotvideos24.online\/?p=108269","title":{"rendered":"Google\u2019s Gmail Update Decision\u2014\u2018Significant Risk\u2019 Warning For Millions Of Users"},"content":{"rendered":"<p> <script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<\/p>\n<div>\n<figure class=\"embed-base image-embed embed-2\" role=\"presentation\"><figcaption><fbs-accordion><\/p>\n<p class=\"color-body light-text\">New warning issued for millions of Gmail users<\/p>\n<p><\/fbs-accordion><small>dpa\/picture alliance via Getty Images<\/small><\/figcaption><\/figure>\n<p>We are in the midst of a generational change, as the smartphones that already run our lives get their greatest ever capability boost. As AI is worked into everything, everywhere, it is increasingly clear that we don\u2019t yet fully understand the risks, never mind the ways in which to stay safe. It is also clear there\u2019s no reverse gear.<\/p>\n<p>And so it is for the vast number of Gmail users this week, as Google continues to update millions of Workspace accounts to provide new AI tools. Those relying on the world\u2019s most popular email platform have just seen both the good and bad from all this change at almost exactly the same time.<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-6\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/09\/28\/google-play-store-bitcoin-crypto-warning-for-samsung-pixel-android-users\/\" target=\"_blank\" aria-label=\"Google Play Store App Deletion\u2014New Warning As Bitcoin, Crypto Wallets Empty\" rel=\"noopener noreferrer\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/09\/28\/google-play-store-bitcoin-crypto-warning-for-samsung-pixel-android-users\/\"><span class=\"link-embed__info\"><span class=\"link-embed__provider\">Forbes<\/span><span class=\"link-embed__title\">Google Play Store App Deletion\u2014New Warning As Bitcoin, Crypto Wallets Empty<\/span><small class=\"link-embed__byline\">By <span class=\"link-embed__author\">Zak Doffman<\/span><\/small><\/span><span class=\"link-embed__thumbnail-wrapper\"><span class=\"link-embed__thumbnail allow-inline-style\" style=\"background-image: url(https:\/\/specials-images.forbesimg.com\/imageserve\/66f80e42d5e9ac7920b4303b\/960x0.jpg?cropX1=2643&amp;cropX2=4821&amp;cropY1=1581&amp;cropY2=3015);\"\/><\/span><\/a><\/p>\n<p>First to the good. Google has <a href=\"https:\/\/workspaceupdates.googleblog.com\/2024\/09\/contextual-smart-replies.html\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/workspaceupdates.googleblog.com\/2024\/09\/contextual-smart-replies.html\" data-ga-track=\"ExternalLink:https:\/\/workspaceupdates.googleblog.com\/2024\/09\/contextual-smart-replies.html\" aria-label=\"confirmed\">confirmed<\/a> that the Gemini-powered smart replies first touted at its I\/O event earlier this year are now coming to Android and iOS. \u201cWe\u2019re excited to announce a new Gemini in Gmail feature, contextual Smart Replies, that will offer more detailed responses to fully capture the intent of your message.\u201d<\/p>\n<p><fbs-ad position=\"inread\" progressive=\"\" ad-id=\"article-0-inread\" aria-hidden=\"true\" role=\"presentation\"\/><\/p>\n<p>This will offer a range of responses \u201cthat take the full content of the email thread into consideration.\u201d While there are clear security and privacy concerns in AI reading an entire thread\u2014perhaps eventually an entire email history, <a href=\"https:\/\/support.google.com\/gemini\/answer\/13594961?hl=en\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/support.google.com\/gemini\/answer\/13594961?hl=en\" data-ga-track=\"ExternalLink:https:\/\/support.google.com\/gemini\/answer\/13594961?hl=en\" aria-label=\"this can be mitigated by delineating between on-device and cloud processing\">this can be mitigated by delineating between on-device and cloud processing<\/a>, and through new architectures that offering cloud processing as a secure extension of your phone.<\/p>\n<figure class=\"embed-base image-embed embed-4\" role=\"presentation\"><figcaption><fbs-accordion><\/p>\n<p class=\"color-body light-text\">Gemini powered smart, contextual replies<\/p>\n<p><\/fbs-accordion><small>Google<\/small><\/figcaption><\/figure>\n<p>There\u2019s a serious issue though, highlighted by another report this week that looks at the use of Gemini within Workspace as a productivity tool, including reading and summarizing and replying to emails that we haven\u2019t looked at ourselves.<\/p>\n<p>This raises the \u201csignificant risk\u201d of Gemini\u2019s susceptibility to \u201cindirect prompt injection attacks.\u201d <a href=\"https:\/\/hiddenlayer.com\/research\/new-gemini-for-workspace-vulnerability\/\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/hiddenlayer.com\/research\/new-gemini-for-workspace-vulnerability\/\" style=\"background-color: rgb(255, 255, 255);\" data-ga-track=\"ExternalLink:https:\/\/hiddenlayer.com\/research\/new-gemini-for-workspace-vulnerability\/\" aria-label=\"Hidden Layer\">Hidden Layer<\/a>\u2019s research team warns that malicious emails can be crafted not for a human to read, but rather for a human to ask AI to summarize or action. In this way \u201cthird-party attackers\u201d can, their proof of concept suggests, plant a phishing attack within the AI chat itself, tricking users into clicking dangerously.<\/p>\n<p>As <a href=\"https:\/\/www.ibm.com\/topics\/prompt-injection\" rel=\"nofollow noopener noreferrer\" target=\"_blank\" class=\"color-link\" title=\"https:\/\/www.ibm.com\/topics\/prompt-injection\" data-ga-track=\"ExternalLink:https:\/\/www.ibm.com\/topics\/prompt-injection\" aria-label=\"IBM\">IBM<\/a> explains, \u201ca prompt injection is a type of cyberattack against large language models (LLMs). Hackers disguise malicious inputs as legitimate prompts, manipulating generative AI systems (GenAI) into leaking sensitive data, spreading misinformation, or worse\u2026 Consider an LLM-powered virtual assistant that can edit files and write emails. With the right prompt, a hacker can trick this assistant into forwarding private documents.\u201d<\/p>\n<figure class=\"embed-base image-embed embed-0\" role=\"presentation\"><figcaption><fbs-accordion><\/p>\n<p class=\"color-body light-text\">Malicious AI prompt in email<\/p>\n<p><\/fbs-accordion><small>Hidden Layer<\/small><\/figcaption><\/figure>\n<p>An attacker sends an innocuous email to the intended victim, with a system prompt in the email itself. One example given is a simple email asking about a lunch meeting that includes a prompt to display a password compromise alert including a phishing link if the intended victims asks Gemini about their itinerary.<\/p>\n<p>\u201cThe prompt injection vulnerability,\u201d IBM says, \u201carises because both the system prompt and the user inputs take the same format: strings of natural-language text. That means the LLM cannot distinguish between instructions and input based solely on data type. Instead, it relies on past training and the prompts themselves to determine what to do. If an attacker crafts input that looks enough like a system prompt, the LLM ignores developers&#8217; instructions and does what the hacker wants.\u201d<\/p>\n<p>\u201cThough these are simple proof-of-concept examples,\u201d Hidden Layer\u2019s team points out, \u201cthey show that a malicious third party can take control of Gemini for Workspace and display whatever message they want. As part of responsible disclosure, this and other prompt injections in this blog were reported to Google, who decided not to track it as a security issue and marked the ticket as \u201cWon\u2019t Fix (Intended Behavior).\u201d<\/p>\n<figure class=\"embed-base image-embed embed-1\" role=\"presentation\"><figcaption><fbs-accordion><\/p>\n<p class=\"color-body light-text\">Gemini response, turning malicious prompt into phishing attack<\/p>\n<p><\/fbs-accordion><small>Hidden Layer<\/small><\/figcaption><\/figure>\n<p>This isn\u2019t just Gmail. With AI side-panels now adorning so many apps and productivity tools, the attack vector extends into all kinds of messaging apps and attachments. And we are at the very beginning of this. It is the next iteration of the social engineering that drives so many of the cyber attacks we report on, only the social engineering here deals with our interaction with AI instead of one another.<\/p>\n<p>\u201cWhile Gemini for Workspace is highly versatile and integrated across many of Google\u2019s products, there\u2019s a significant caveat,\u201d Hidden Layer warns, \u201cits vulnerability to indirect prompt injection\u2026 under certain conditions, users can manipulate the assistant to produce misleading or unintended responses. Additionally, third-party attackers can distribute malicious documents and emails\u2026 compromising the integrity of the responses generated by the target Gemini instance.\u201d<\/p>\n<p><a class=\"embed-base color-body color-body-border link-embed embed-8\" href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/09\/26\/warning-for-millions-of-samsung-s24-ultra-s23-ultra-z-fold-6-z-flip-6-users\/\" target=\"_blank\" aria-label=\"Samsung\u2019s Update Mistake\u2014Bad News For Millions Of Galaxy Phone Owners\" rel=\"noopener noreferrer\" data-ga-track=\"forbesEmbedly:https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/09\/26\/warning-for-millions-of-samsung-s24-ultra-s23-ultra-z-fold-6-z-flip-6-users\/\"><span class=\"link-embed__info\"><span class=\"link-embed__provider\">Forbes<\/span><span class=\"link-embed__title\">Samsung\u2019s Update Mistake\u2014Bad News For Millions Of Galaxy Phone Owners<\/span><small class=\"link-embed__byline\">By <span class=\"link-embed__author\">Zak Doffman<\/span><\/small><\/span><span class=\"link-embed__thumbnail-wrapper\"><span class=\"link-embed__thumbnail allow-inline-style\" style=\"background-image: url(https:\/\/specials-images.forbesimg.com\/imageserve\/665f1316eb56abe36576d67d\/960x0.jpg?cropX1=253&amp;cropX2=1761&amp;cropY1=647&amp;cropY2=1709);\"\/><\/span><\/a><\/p>\n<p>Google does seem to be taking this seriously and will not dismiss these threats as intended behaviors. In response to the Hidden Layer report, a Google spokesperson told me that \u201cdefending against this class of attack has been an ongoing priority for us, and we\u2019ve deployed numerous strong defenses to keep users safe, including safeguards to prevent prompt injection attacks and harmful or misleading responses. We are constantly hardening our already robust defenses through red-teaming exercises that train our models to defend against these types of adversarial attacks.\u201d<\/p>\n<p>This applies across the board, not just to Google Workspace. It\u2019s just that Google is uniquely positioned with platforms such as Gmail to drive out its AI faster than anyone else, and so these problems will likely hit there first.<\/p>\n<\/div>\n<p><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3711241968723425\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"fluid\"\r\n     data-ad-layout-key=\"-fb+5w+4e-db+86\"\r\n     data-ad-client=\"ca-pub-3711241968723425\"\r\n     data-ad-slot=\"7910942971\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><br \/>\n<br \/><div data-type=\"_mgwidget\" data-widget-id=\"1660802\">\r\n<\/div>\r\n<script>(function(w,q){w[q]=w[q]||[];w[q].push([\"_mgc.load\"])})(window,\"_mgq\");\r\n<\/script>\r\n<br \/>\n<br \/><a href=\"https:\/\/www.forbes.com\/sites\/zakdoffman\/2024\/09\/28\/new-google-gmail-warning-windows-android-iphone-users\/\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>New warning issued for millions of Gmail users dpa\/picture alliance via Getty Images We are in the midst of a generational change, as the smartphones that already run our lives &hellip; <a href=\"https:\/\/hotvideos24.online\/?p=108269\" class=\"more-link\">Read More<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8630],"tags":[],"class_list":["post-108269","post","type-post","status-publish","format-standard","hentry","category-technology","entry"],"_links":{"self":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/108269","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=108269"}],"version-history":[{"count":0,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=\/wp\/v2\/posts\/108269\/revisions"}],"wp:attachment":[{"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=108269"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=108269"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hotvideos24.online\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=108269"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}