[himata4113]

My assistant has no permissions at all and is just as useful. All it needs is todo, reminders and websearch (and maybe a browser but ymmv).

[isodev]

> websearch (and maybe a browser

Your assistant can literally be told what to do and how to hide it from you. I know security is not a word in slopware but as a high-level refresher - the web is where the threats are.

[himata4113]

What will it do... leak my todo...? lol.

It's in a pod with zero permissions, secrets or access to the local network. It's also restarted daily incase somehow someone manages to escape a browser.

[piker]

> no permissions at all

> and maybe a browser

does not compute

[yyyk]

I suspect OP actually means 'cannot access anything locally' by 'no permissions'.

[himata4113]

I sometimes forget to be very clear about what I mean, too many ways to misinterpret these things.

[himata4113]

A browser doesn't magically give access to secrets, it is useful for looking up things behind a captcha.

[croes]

You are just some bad web searches away from being on suspect lists

[himata4113]

For that reason I do have it on a vpn, doubt it'll ever happen since I don't see an attacker being able to prompt inject that easily opus in general won't do those kind of searches even if you jailbreak it, it will actually make the guardrails activate and will start refusing everything.

[sarchertech]

If I was malicious I could do a lot of damage to someone with subtle manipulation of todo and reminders.

I’ll bet I could even push someone on the margins into divorce.

[noman-land]

How would you do it?