Is this a Confused (AI) Deputy?

[Dale Schumacher]

https://pistachioapp.com/blog/copilot-broke-your-audit-log

It seems that Copilot can do things (on your behalf) that you are not permitted to do.

[Matt Rice]

I don't know, I'd give it partial credit but it doesn't seem like the
typical or classic confused deputy.
both have the typical conjunction of authority `access ∧ log` where
they intend `access → log`
and fail to use it correctly. Where the classic confused deputy uses
`write` to the `log` in a way unintended.

This uses `access` in a way that fails to write to log in the way it
was intended.
They aren't exactly the same in the sense that the classic confused
deputy not just fail to write an entry in
the log, but can blow away the entire log, and the writing is not done
for the purpose of writing audit logs
but for an arbitrary purpose.

If this was "Summarize Kasper's recent management report and write it
to the audit log", I think it'd be a lot clearer
that this was invoking the log in a way that was never intended. But
it definitely feels like all of the ingredients are there, so what do
I know?

[Jonathan Shapiro]

I think this isn't a confused deputy so much as an intended misbehavior. :-)

It's amusing to me that they neglect the big problem with the log entry, which is that it says nothing about the party or actor who performed the operation.

Jonathan

[Matt Rice]

I should have also pointed out in my last email that the logging
appears to always be invoked but in this case logs an empty record.
At least the misbehavior being called out seems to happen through data channels.

> --
> You received this message because you are subscribed to the Google Groups "friam" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to friam+un...@googlegroups.com.
> To view this discussion visit https://groups.google.com/d/msgid/friam/7c0d6a55-3548-42ff-8d90-74873e2dbfb8n%40googlegroups.com.