Discussion

• @emilyforlini Emily Forlini on x

  OpenAI employee says the new Atlas AI browser “can still make...mistakes, like trying to buy the wrong product or forgetting to check-in with you before taking an important action.” No thanks!

• @pelaseyed @pelaseyed on x

  OpenAI basically admitting that Atlas is insecure right after asking permissions to your Keychain

• @morqon Morgan on x

  the deployment part of “research and deployment” is about helping society to adapt, including how we mitigate new risks [image]

• @spoonedher @spoonedher on x

  people like @elder_plinius are going to start being offered millions of dollars to stress test models for new environments, i think weirdly enough the next 10 years are going to see a huge boom in intellectual labor demand opposed to a contraction in it

• @cyberqueenmara MaraJade on x

  “Our long-term goal is that you should be able to trust ChatGPT agent to use your browser, the same way you'd trust your most competent, trustworthy, and security-aware colleague or friend.” I've vetted my friend over decades and I know my friend doesn't have an ulterior motive.

• @daniel_mac8 Dan Mac on x

  Sounds like most of he risks associated with Atlas are related to using the agent? So if you want to be a secure Atlas enjoyoor, simply don't use the agent?

• @jaredrhizor Jared Rhizor on x

  The transparency is nice, but it seems irresponsible for OpenAI to encourage people to use an AI web browser with a fundamental “unsolved security problem”.

• @talbeerysec Tal Be'ery on x

  prompt injections, the final frontier [image]

• @marktenenholtz Mark Tenenholtz on x

  Big respect to @OpenAI for sharing this, not everyone appreciates how much work goes into this

• @simonwillison.net Simon Willison on bluesky

  OpenAI's CISO Dane Stuckey posted an essay (on Twitter) about how their new ChatGPT Atlas browser attempts to deal with the risk of prompt injection attacks, I ended up writing a point-by-point commentary on my blog: simonwillison.net/2025/Oct/22/ ...