Amazon is prioritizing security in the development of its AI assistant, Alexa+, by incorporating security engineers to anticipate potential failures and risks. CISO Amy Herzog noted the contrasting perspectives of product and security engineers; while the former focus on functionality, the latter consider vulnerabilities. This collaboration aims to create a system that can efficiently handle tasks like scheduling, but also ensures necessary safety precautions are in place to prevent issues like unintended actions that could lead to harm, emphasizing the importance of designing for both innovation and security.
It's funny how, having been in both seats, the product engineer thinks about making the intended thing work, and the security engineer thinks about all the ways that you can game that system.
Whenever you're talking about a system that can take actions on behalf of someone our immediate reaction is: Wouldn't it be good if, like me, as someone who's running this household could just say, This is what I need to go shopping for.
Collection
[
|
...
]