Just great.

Obviously the customers don’t need to know that their audit logs not only could have been turned off for conversations without any extra authentication, but also are so easy to turn off that it happens by accident without any extra intervention.

Also their entire Vulnerability disclosing guideline is security/compliance/image theater.

That’s gonna be a bunch of security and compliance violations, not to mention messing with incident response and digital forensics.

When your AI buddy actually has your back, and wouldn’t tell on you…