This spring, the Linux kernel will begin supporting the “Copilot key” which Microsoft added to Windows machines about a year ago.
With the advent of the 6.14 kernel, which is expected to have its stable release this spring, Linux support for the new Copilot key on laptops and desktops becomes an inevitability. With this support, people in the security field have raised concerns for the potential for abuse.
Timothy Rohrbaugh, founder of the year-old AI-focused startup LLM Strategic Solutions and a 20-year computer security veteran, told FOSS Force that the introduction of the new key raises questions around the use of AI.
“This is crazy what I’m seeing now,” he said. “People are using these AI labs and they don’t realize what they’re doing.”
Why a Copilot Key?
Microsoft Copilot is a generative artificial intelligence chatbot developed by Microsoft. Based on the GPT-4 series of large language models, it was launched in 2023 as Microsoft’s primary replacement for the discontinued Cortana.
The Copilot key is a new dedicated key on Windows keyboards that launches Microsoft’s AI assistant, Windows Copilot, when pressed. It replaces the menu key and is part of Microsoft’s push to integrate AI features into Windows 11.
A year ago, Microsoft started making keyboards for laptops and desktops with the Copilot key, adding the first new key to the keyboard in about a decade. According to The Register’s Richard Speed, “the addition of [a key] to invoke the unloved assistant carried a certain inevitability.”
“As 2024 wore on, Microsoft realized that not every user wanted Copilot to pop up when the Copilot key was pressed, and so allowed it to be customized via the Settings app,” Speed said. “Microsoft’s handy PowerToys application suite also permitted users to make the key do more than fire up a generative AI assistant.”
Copilot Key on Linux
PCs and their keyboards are often pressed into service as Linux machines, where the Copilot key is being given new life as the Linux 6.14 kernel arrives. Last week, Lenovo’s senior Linux developer, Mark Pearson changed the atkbd keyboard driver in Linux to ensure support for the key. The caveat here is that it’s up to whatever is being used as a desktop environment to decide what to do with it.
In a post to kernel.org Pearson wrote: “Microsoft defined Meta+Shift+F23 as the Copilot shortcut instead of a dedicated keycode, and multiple vendors have their keyboards emit this sequence in response to users pressing a dedicated ‘Copilot’ key. Unfortunately, the default keymap table in atkbd does not map scancode 0x6e (F23) and so the key combination does not work even if userspace is ready to handle it.
“Because this behavior is common between multiple vendors and the scancode is currently unused, map 0x6e to keycode 193 (KEY_F23) so that key sequence is generated properly.”
So where is the security issue?
Rohrbaugh said that many of the CTOs he works with use their own private GenAI systems in their companies, but added that some are missing the bigger picture. He added that despite thinking they are using their own systems, the data is still being sent — proxied most of the time unknowingly to private AI labs — to other computers.
While for non-sensitive or personal correspondence this may not be an issue, things like company secrets and proprietary information such as code could be exposed in the logs of a third-party system. The criminals and threat actors realize the risk, and now have one of four targets to focus on today that are a gold mine of data they can use to enhance phishing attacks, credentials, or code they can analyze.
Complicating things, according to Rohrbaugh, is the fact that software vendors are racing to add AI features powered by these AI labs. They accommodate the use by forwarding their data to these same AI labs perpetuating the same exposure.
“Ideally, [vendors] would have to disclose that they are using AI by these proprietary AI labs, and then provide a method of turning it off,” Rohrbaugh said. “Congress should be investigating this activity, and holding these companies accountable for clear lack of disclosure.”
But back to the key. Once there is kernel support for it, is there not a way to deactivate its use of Copilot on Linux?
“Disable the key, or physically remove it,” Rohrbaugh said.
I don’t see how the comment has anything to do with what’s actually happening? It’s like saying, “We must be wary of cheating,” as a reaction to the kernel supporting mouse buttons that isn’t left, right, and middle click.
If I installed Linux on a second-hand computer with Copilot key, I should expect I can use the key however damn I wanted just like I could with a Windows key, mac’s command key, or the various random shortcut keys on a cheap mechanical keyboard.
I get the wariness against AI, but are we really going to get AI derangement syndrome over the kernel supporting a button?