Google is testing a feature that allows users to attach files via the Search bar and ask questions about the content.
  • TimeSquirrel@kbin.melroy.org
    32·
    19 小时前

    “Yep, it’s a text file. 25KB in size. Created two weeks ago, modified today…here’s your search results for the prompt you gave me:”

    You know…stuff your OS couldn’t do already. Society is literally going to forget how to use a computer.

    • RiskableEnglish
      10·
      18 小时前

      Even worse: It’s a compliance nightmare!

      Classified information leaking in this way is a one-off situation that might get an individual in trouble. If someone at a heavily-regulated company uploads the wrong thing though, that can cause major disruptions to commercial services while the regulators investigate. Not just fines or prosecutions after-the-fact!

      Here’s why it’s a big deal: Nearly every organization allows employees to use google.com. That necessitates allowing POSTs to google.com and from a filtering perspective it makes it nearly impossible to prevent. The best you can do is limit the POST size.

      Having said that, search forms in general always pose a 3rd party information disclosure risk but when you enable uploading of entire files instead of just limited text prompts you increase the risk surface by an order of magnitude.

      • Monument@lemmy.sdf.orgEnglish
        6·
        17 小时前

        My organization seems to have already thrown in the AI towel, or at least are resorting to magical thinking about it

        We’re highly integrated with Microsoft - Windows Login, Active Directory, Microsoft 365, and even a managed version of Edge as the org-wide ‘default’ browser that we’re encouraged to sign into with our organizational credentials to sync account information, etc. Our AI policy is basically “You can use any Microsoft AI feature your account can access.”
        They can try to block whatever sites they want with the firewall, but once you let a user get comfortable with the idea of allowing systems to exfiltrate data, you aren’t going to also make them more discrete. They’re trusting that by throwing open the floodgates users will actually use Microsoft’s offerings instead of competing offerings — as if folks who sometimes still cannot tell the difference between a web browser and ‘the internet’ will know the difference. And they are also trusting that Microsoft is going to uphold our enterprise license agreement and their own security to keep that data within our own cloud instance.

        Boy howdy, this will be interesting.

  • ivanafterall ☑️@lemmy.worldEnglish
    94·
    20 小时前

    This has been an immensely helpful feature of both Claude AI and ChatGPT. I have tons and tons of historic sources and suddenly, I’m not fighting with non-working OCR options. It’s pretty great.