AI browsers such as ChatGPT Atlas, Perplexity Comet, and Dia offer remarkable convenience with their autonomous web browsing capabilities. However, this ease of use comes with significant security risks that every user must be aware of. Risks like prompt injection and credential theft are real threats, making it essential to understand how to secure your AI browser effectively.
Understanding Prompt Injection Risks
One of the most common threats is prompt injection, where malicious commands are concealed within the HTML code of websites. OpenAI has even cautioned against using Atlas with production data due to this vulnerability. Alarmingly, users don't need to take any action; simply visiting a compromised webpage can trigger the execution of hidden commands without their knowledge.
Real-World Examples of Vulnerabilities
The Brave security team has demonstrated such attacks on Perplexity Comet, a tactic referred to as CometJacking. In one instance, Comet managed to extract a user's email address, retrieve a one-time password from their inbox, and forward it to the attacker—all because the user requested a summary of a Reddit thread containing malicious instructions.
Similarly, ChatGPT Atlas has shown similar weaknesses. Security researcher Johann Rehberger successfully switched the browser from light mode to dark mode using a simple command embedded in a Word document. Additionally, Atlas is susceptible to cross-site request forgery (CSRF), where malicious sites can send instructions to the browser as if they were entered by the user themselves.
Increased Vulnerability Compared to Traditional Browsers
Another concerning issue is that AI browsers do not employ the same blocking and heuristic lists as traditional browsers to identify phishing sites. According to LayerX, Atlas users are 90% more vulnerable to these types of attacks compared to Chrome or Edge users. Automatic checkout features can also present direct financial risks, as evidenced by Amazon's legal victory to prevent Comet from completing purchases on its platform.
Enhancing Security Settings
Despite these genuine risks, it is still possible to use AI browsers safely. There are several built-in settings that can significantly enhance security. The first and most crucial step is to disable data sharing. Most AI browsers utilize your browsing patterns and search history to train their AI models, meaning your data is sent to browser developers by default unless you opt out. Here's how to turn this off for each browser:
- ChatGPT Atlas: Go to settings and disable data sharing.
- Perplexity Comet: Find the privacy settings option and turn off sharing.
- Dia: Access the settings menu to opt out of data collection.
The second step is to prevent the browser from accessing your logged-in sessions. As demonstrated with Comet, AI browsers can be manipulated to access already logged-in accounts and extract sensitive information through prompt injection. In ChatGPT Atlas, you can select the Logged Out mode in Agent Mode, prompting the browser to request credentials every time you need to log in. For Comet and Dia, use incognito mode while logging into any website.
The third step involves disabling persistent memory. Memory poisoning, a more sophisticated form of prompt injection, allows attackers to inject harmful instructions into your account-specific memory stored across devices. To disable this feature, go to your browser settings and turn off memory retention.
The fourth step is to restrict agent access to sensitive sites. You can disable agent access to banking and health platforms, ensuring they cannot view or act on these sites. Here's how to do that:
- Navigate to privacy settings.
- Look for agent access permissions.
- Disable access for banking and health websites.
In addition to these built-in settings, there are best practices you can follow to minimize risks when using AI browsers like Atlas, Comet, or Dia. The bottom line is that the less data and permissions your agent browser has, the lesser the damage it can inflict during an attack. By configuring security settings and adhering to best practices, you can enjoy the conveniences of AI browsers without compromising your privacy and data security.
Source: https://telset.id/how-to/panduan-keamanan-ai-browser-lindungi-data-dari-peretasan



