This week in San Francisco is the RSAC 2026 conference, one of the biggest annual events for cybersecurity experts. Unlike DefCon, this con is all about business, rather than hacks—at least, the business of stopping hacks, rather than exploring hacks as an art. Speakers have been discussing vulnerabilities: holes in IT security, weaknesses in infrastructure, cognitive and emotional exploits of the elderly.
They also keep calling AI stupid.
Not that AI’s existence is stupid, or using AI is stupid. They mean the models are not that bright, which makes them vulnerable to attack—and by extension, us as well.
This point came up again and again during sessions, with a striking example dropped from the lips of noted cryptographer Adi Shamir, co-inventor of the RSA protocol and partial namesake for the RSA (former owner of the RSAC Conference). During a panel discussion with several other prominent cryptographers, he called agentic AI “exciting” but also terrifying—and said to think of AI agents as “very clever idiots.”
“I agree with Dawn [Song] that the most recent exciting development in security is the explosive proliferation of agents. I’m totally terrified by what’s going on because in order to use it, I have to give access to all my files, all my communication, all my appointments, everything to those agents to make them useful. And if I think about it, I don’t even let my wife access everything I have on my phone. Why should I give it to something made by Manus or by OpenClaw?
“I can foresee many disasters—already there are some anecdotal stories about people asking their agent to rearrange the photo albums on their computer, and then the agent said, ‘I’m very sorry but unfortunately all of those pictures have been deleted.’ I think the way you should think about agents is as very clever idiots. With this mental image, you’ll probably be on the right way.”
The takeaway for those of us in the stands, curious (or even eager) to see AI reduce the amount of menial, time-consuming tasks in a day? Security experts can see how early the technology is—not yet advanced enough to trust with freely executing instructions on your behalf. I’ve seen plenty of other things during RSAC 2026 so far that prove that point, including a demonstration of how easily AI can be manipulated into executing malicious commands.
The best analogy I’ve heard so far is that if you wouldn’t trust a toddler to see or do something, you probably shouldn’t yet trust AI to, either.
Related posts:
Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn
Experts say Telegram’s ’30 engineers’ team is a security red flag
India’s WazirX confirms security breach following a $230M ‘suspicious transfer’
iOS 18.3.1 released to fix ‘extremely sophisticated’ security flaw