We’re In the Windows 95 Era of AI Agent Security

Source: https://www.honeycomb.io/blog/windows-95-era-of-ai-agent-security Author: Steve Newman Date: 2025-09-17

Summary

Steve Newman argues that AI agent security is at the “Windows 95 era” — the point where capability has outrun security design, but the ecosystem hasn’t yet built in security primitives. Analogous to early Windows: powerful, widely adopted, fundamentally insecure by design.

Key Claims

  • The analogy: Windows 95 was designed for single-user PCs, then connected to the internet without rethinking the threat model. AI agents are designed for helpful tasks, then given access to systems without rethinking the threat model.
  • Core vulnerability: agents that can take actions (send emails, run code, access files) can be manipulated via prompt injection.
  • Prompt injection at scale: if an agent reads user-generated content (emails, documents, web pages) as part of its task, malicious content can redirect the agent’s behavior.
  • The fix: security primitives need to be built into agent infrastructure — not bolted on later. Isolation, capability restrictions, audit logging.
  • Timeline: this will get worse before it gets better — adoption is accelerating faster than security awareness.

Concepts