anonym.legal

By · Last updated 2026-03-13

Til baka á BloggÖryggi AI

Samsung missti frumkoda til ChatGPT 3 sinnum

Thrja serstak Samsung thaeknisteymi limmdu einkamalaefni og trundlur-gogn inn i ChatGPT i aprilmanad 2023. Hvert tilvik afhjupadi adeinn.

March 13, 20269 mín lestur
Samsung ChatGPT leaksource code protectionenterprise AI controlsinsider data leakageMCP Server anonymization

Uppfaert 2026

Thrju teymi, thrjar lekur, einn manadur

I aprilmanad 2023 slogu Samsung Semiconductor upp threim serstak tilfellum. Thrju serstak teymi hafa sent einkamalaefni gogn a gervigreind-spjallbot i einum manade. Tilfelli voru ekki tengd. Serstak folk, serstak hlutverk, serstak dagar.

Thau deilu eingongu tveimur eiginleikum. Hvert einstaklingur notadi verkfaerid til ad gera raunverulegt verk. Hvert slysni sendi gogn sem Samsung hafdi ekki aetkuad ad deila utan fyrirtaekisins.

Tilvik 1 -- Frumkodi. Hugbunadarverkfraedingur var villuleitarinn til bunadarkodi. Hann limitadi einkamalafyrirtaekja halfleidi-frumkoda inn i spjallid. Kodinn faer framleidning hugverk.

Tilvik 2 -- Fundarnotar. Starfsmaedur var ad undirbua samantekt fundar. Hun sendi notar til gervigreindarinnar til ad thjaeppa saman. Tha notar innihjeldu trundlarstefnu og vegviser-upplysingar.

Tilvik 3 -- Gagnagrunnsfyrirspurn. Thridji starfsmaedur vildi hjalapt vid haga fyrirspurn. Hann deildi gagnagrunnsskipulagi og fyrirspurnar-logic. Ssu logic visadi til einkamala-skema og vidfangsefna reglna.

Thriu tilvik. Thrjar uppljostranir. Einn manadur.

Hvers vegna starfsmaedurnir gerdu thad

Enginn af thremur var ad starfa kaeruleysingalega. Thau notudu gervigreind-verkfaeri fyrir verkefni sem gervigreind-verkfaeri eru smidad fyir. Koda yfirfarning. Texta thjaeppun. Fyrirspurnar finestering. Hvert verkefni var gilt.

Saknanlegur hluti var taeknileg stoppun. Ekkert kerfi gat lokad skosum adir en hann naedi ytri netjona. Ekkert siu gat veitt einkamala-aukenni adir en thad foer ut ur netinu. Ekkert stod a milli raunverulegs thorf starfsmannsins og ytri thjonustunnar.

Orustuvidrvaruning til stefna til var til. En vidrvaruning er ekki hindrun. Ahataa slyslegrar villur var huglaeg og fjarlaegs. Framleidnilegur gaedi var raunverulegur og tafarlaus. Skynsamir starfsmenn valdi framleidni.

Nidurstadan var fyrirsjaaanleg. Thrju tilvik i thritiu dagar. Thrjar uppljostranir hugverks. Fyrirtaeki kreppa sem leiddi til banna um allt idnadinn.

Idnadarvidbragdid

Samsung hreyftist fljott. Hann skerar adgangur ad gervigreind-verkfaerum a fyrirtaekistaekvum.

Adrir skipulog fylgdu. Thau sem tilkynntu um takmarkanir innihjeldu Bank of America, Citigroup, Goldman Sachs, JPMorgan Chase, Apple og Verizon. Fjarmalagreinin bragdist hraedast. Stor bankar og taekni-fyrirtaeki draegu somu nidurstodur. Gervigreind-verkfaeri an taeknilegra stjornana settu up ohaefilegt fytilinaetni-ahattu.

Hvert og eitt komu ad somu nidurstodu. Starfsmenn eru ekki vandinn. Stefnuvidrvaraningar eru ekki naegar. Gogn foeru ut ur fyrirtaekjanetu thvi ekkert stopadi thad. Stefna ein getur ekki skapud taekni-stoppun.

71,6% umgangsmagnid

Banna-nalgaenin hefur maelt bilunarmagn. LayerX rannsokn fra 2025 fann ad 71,6% starfsmanna undir fyrirtaekja gervigreind-bonnum hjeldu afram med ad nota gervigreind-verkfaeri. Thau notudu persounlegar reinkninga eda persounlegar taekjaer.

Astaedan er einfaldt. Verkfaeri sem leggur raunverulegt gildi verdur notad. Folk finna umbrot fremur en ad gefast upp a thvi. Gervigreind getur skerst vinnslutima i helmingi. Stefnuvidrvaruning mun ekki breyta tha staerdfraedi. Starfsmenn skrasetja inn fra persounlegum sima eda fartolvu. Oryggisteymi geta ekki litid a thann umferd.

Raunhaeflegar nidurstadan er versti tilfellid. Fyrirtaekjagogn naa enn til gervigreind-verdura. En nu flyta thau gegnum rasar med engan eftirlita. Umferd tolfaeridings med fyrirtaeki taeki maetti a minnsta kosti vera skrasett. Notkun persounlegs reiknings er osynileg.

Samsungs thrju tilvik gerdo sig a fyrirtaeki taekjum. Starfsmenn sem umgangast bannid gera somu hlut. Thau senda vinnugogn til gervigreind-likan. En nu fer thad gegnum rasar med engan eftirlit.

Taekni lagfaering sem thekkar grundvallarsastaedu

Samsung tilvik voru ekki vegna gaedingarlausra manna. Thau voru vegna skipulagi sem hafdi engan millipunkts-lag. Ekkert var a milli skipunar starfsmannsins og netjona verdusins.

Model Context Protocol (MCP) skipulag fyllir thann gap. Hann setur gagnsaean proxy i gagnaleidin. Forritarar sem nota Claude Desktop eda Cursor IDE eru adaradhorfendur. Thad eru nakkvaemslega tha verkfaeri notuad fyir naenn koda villuleit eins og var hja Samsung fyrstu tilfellinu. MCP-Thjonninn situr inni i brokollsleididinni fyir bada.

Adir texti naer gervigreind-likaninu, keyrir MCP-Thjonninn hann gegnum nafnleynd-skref. Frumkodi er skannadi fyir einkamala-kennirmerki. Falla-nofn, breytu-nofn og API-endastodvar eru skipt ut med skipulagdum taeikn. Gagnagrunnsskema-upplysingar og stillingargildi eru skipt ut. Skiptingin gerist adir en kodinn fer ut ur netinu ydar.

Forritari sem villuleita einkamala-koda sendir koda gegnum MCP-bidhafinn. Vikvamu kennimerkjin eru thaegar taekn tha. Gervigreind-likanid hjaelpar enn med villuleit-verkefni. Raun einkamala-upplysingar naa aldrei a netjona verdusins.

Tilvik 1 verdur taekni-omotuleg. Frumkodin fer ut ur netinu thaegar nafnlaegt. Verkfraedingurinn faer hjaelp sem tharfnast. Hugverk helst a stidi fyrirtaekisins.

Sama roki thekkar Tilvik 2. Fundarnota-samantekt gegnum vafra-bundin verkfaeri er thesst med Chrome Extension og fyrirtaekja-stjornum thess. Tilvik 3 er thekkt af MCP nafnleynd i hvavetna gervigreind-koda vidhafi.

Bann gegn Taeknilegum Stjornum

Ad banna verkfaeri sem 71,6% starfsmanna umgangast thaegar dregur ahattu til osynilegra rasa.

Vafra DLP-verkfaeri bordingin thekkar millipunkts-valkosti fyir vafra-bundna gervigreind-notkun. Fyir skipulog sem bera saman nafnleynd vid adra DLP-voru, Nightfall gegn anonym.legal bordingin thekkar lokun-gegn-nafnleynd millimarkadinn beint.

Samsung tilvik voru snemmkomin merki. Grundvallarsastaedan var fjarvera. Enginn millipunkts-lag. Engar taeknileg stjornun. Thann gap er laganlegt nu. Spurningin er hvort fyrirtaeki setja upp lagfaeringuna, eda halda afram med bann sem flestir starfsmenn umganga thaegar.

Heimildir

Tengdar Greinar

Öryggi AI

AI Coding Assistants Leak Production PII

Unit test fixtures with real customer records. Log files with production data for debugging. GitHub found 39 million secrets leaked in 2024.

Öryggi AI

Internal Wiki PII: Confluence Customer Data

Support teams document processes with screenshots of customer accounts. Over 3 years, that's thousands of GDPR data minimization violations in your.

Öryggi AI

Screenshot PII: Leaks in Internal Tools

Slack, Teams, Jira, and email regularly receive screenshots containing customer PII. This access-control violation bypasses every DLP tool.

Ertu tilbúinn að vernda gögnin þín?

Byrjaðu að anonymiza PII með 285+ gerðum í 48 tungumálum.

Byrjaðu Ókeypis PrufuSkoða Eiginleika

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.