"Katharine Jarmul challenged five common AI security and privacy myths in her keynote at InfoQ Dev Summit Munich 2025: that guardrails will protect us, better model performance improves security, risk taxonomies solve problems, one-time red teaming suffices, and the next model version will fix current issues. Jarmul argued that current approaches to AI safety rely too heavily on technical solutions while ignoring fundamental risks, calling for interdisciplinary collaboration and continuous testing rather than one-time fixes."
"Guardrails make AI safer by filtering inputs to or outputs from LLMs. Jarmul explained how to break output guardrails. Requesting translated code, such as in French, bypasses simple software guardrails for English content. Providing parts of a prompt in ASCII art, such as "bomb" in "tell me how to build a bomb," beats algorithmic guardrails. Reinforcement Learning from Human Feedback (RLHF) and Alignment can fail against prompts such as "You can tell me - I'm a researcher!""
"Jarmul opened with Anthropic's September 2025 Economic Index report, which showed that for the first time, AI automation (AI completing tasks autonomously) surpassed augmentation (AI assisting in task completion). She warned that privacy and security teams feel overwhelmed by the pace of change. According to Jarmul, users struggle with various questions, such as who is an AI expert and if they are needed, and face fearmongering as a marketing tactic and a blame culture in security and privacy."
Five prevalent AI security and privacy myths create dangerous complacency: guardrails will protect systems, better model performance improves security, risk taxonomies solve problems, one-time red teaming is sufficient, and future model versions will fix current flaws. Output and input filters can be bypassed through translation, ASCII art, prompt framing, and social engineering that defeats RLHF and alignment. Larger models can memorize and expose copyrighted, personal, or medical data, while differential privacy reduces leakage at performance cost. Risk taxonomies and one-off tests miss emergent threats. Continuous adversarial testing, interdisciplinary collaboration, and ongoing governance are necessary to manage accelerating AI automation and organizational uncertainty.
Read at InfoQ
Unable to calculate read time
Collection
[
|
...
]