Photo by Manuel Torres Garcia on Unsplash
LLM-utilizing platforms’ utterly useless “security” (if there are any in the first place) aren’t just a corporate problem anymore, or should I say, it was everyone’s problem from the very beginning. It’s leaky as heck. Anything that you put into it could leak anywhere and everywhere, including public web search results.
These “AI browsers” or “agentic browsers” are absolute privacy and security nightmares. Just assume that anything and everything you even DISPLAY in there could and will be leaked- Photos, emails, chats, passwords… EVERYTHING.
These prompt injections means that anyone can put some instructions unknown to you in some webpage or link OR document OR anything (including images) somewhere, and the stupid chatbot powering that “agentic browser” could be tricked into doing all sorts of wicked stuff because it couldn’t tell whether it’s you commanding it to wreck you or if it’s some prompt-injection hacker.
Just don’t do it. Don’t use those things. Seriously. I was actually thinking of testing those things using throwaway email addresses but fuck it, I’m not even gonna risk that; Got better things to do with my time.