OpenAI under legal and security pressure
OpenAI is facing fresh scrutiny after backing a bill that would limit AI-company liability while also disclosing a supply‑chain security issue tied to a third‑party tool — developments that shift the debate from innovation to regulation and risk management. The company’s public posture on liability was reported by WIRED, and Reuters says OpenAI disclosed a security problem involving the Axios developer tool used in its macOS app signing process. Separately, police arrested a suspect after a Molotov cocktail was thrown at CEO Sam Altman’s home, highlighting how fraught the social environment around frontier AI has become. (wired.com; reuters.com; straitstimes.com
OpenAI got hit from three sides in two days: it backed an Illinois bill that would narrow when artificial intelligence companies can be sued, it told Mac users to update after a software supply-chain scare, and San Francisco police arrested a suspect after a Molotov cocktail attack at Sam Altman’s home. (wired.com) (openai.com) (straitstimes.com) The legal fight is about who pays when an artificial intelligence model is used to cause a disaster. WIRED reported that OpenAI testified for an Illinois measure that would shield frontier model developers from many lawsuits unless they acted intentionally or recklessly. (wired.com) That bill defines “critical harm” at a very high bar: mass death or injury, or at least $1 billion in property damage. It also applies to “frontier” systems built with more than $100 million in computing costs, which points at the biggest labs rather than small startups. (wired.com) OpenAI’s argument is that model makers should not automatically be liable when another person misuses a general-purpose tool, the same way a map app is not blamed for every crash caused by a reckless driver. Critics told WIRED that the proposal could let labs avoid responsibility even when they release unusually powerful systems into the world. (wired.com) At almost the same moment, OpenAI disclosed a different kind of risk: the plumbing behind software trust. On April 10, the company said a third-party developer tool called Axios was part of a broader industry incident tied to the process that certifies its macOS apps as legitimate OpenAI software. (openai.com) (cnbc.com) That kind of attack is called a supply-chain problem because the danger enters through a vendor or tool, not through the front door of the company itself. OpenAI said it found no evidence that user data was accessed, that its systems or intellectual property were compromised, or that its software was altered. (openai.com) (reuters.com) The practical consequence for users was simple: update the Mac apps. OpenAI said it was refreshing security certifications and requiring users of ChatGPT, Codex, Atlas, and Codex Command Line Interface on macOS to move to the latest versions to reduce the risk of fake apps being distributed. (openai.com) (ithinkdiff.com) Then the story turned physical. OpenAI said a person allegedly threw a Molotov cocktail at Altman’s San Francisco home and also made threats outside the company’s headquarters, and police later arrested a 20-year-old suspect with charges pending. (straitstimes.com) (bloomberg.com) No injuries were reported, but the sequence is hard to miss. OpenAI is now dealing at once with lawmakers asking how much responsibility a model builder should bear, security engineers asking how much trust can be placed in outside code, and police handling threats that have spilled from online anger into real-world violence. (bloomberg.com) (openai.com) (wired.com)
