How to Use AI Browsers Without Getting Hacked ...Middle East

News by : (Live Hacker) -

As I've explored these browsers, I've been mindful of the many security risks to contend with: Prompt injection, where malicious AI prompts are hidden in a website or browser extension’s HTML source code, is the most obvious threat. But there are also cases of AI agents acting without a user’s permission to access your logged-in accounts. Moreover, AI browsers can leak data between browser tabs and hand over user credentials on clever prompting without even using any malicious code. 

A regular web browser can only open a page for you after you make the request. You still decide which sites to navigate to and what buttons to interact with. With AI browsers like Atlas or Comet, the browsers themselves scan and analyze a web page for you, summarize information, and even act autonomously to execute tasks in agent mode. These things make AI browsers very convenient for daily use, but they also expose them to new vulnerabilities, as attackers can now manipulate the browser to access your accounts and data much more easily. 

Brave’s security team used several prompt injection attacks to demonstrate issues with Perplexity Comet, which has since been termed CometJacking. In one particular case, Comet dug up its user's email address, obtained a one-time password from their inbox, and forwarded it to an attacker without anyone the wiser. All it took was a request to summarize a Reddit thread that had malicious prompts hidden in it. 

Automated checkouts carry a direct financial risk. While AI browsers are relatively new, Amazon already won a court injunction to prevent Comet from completing checkouts for users on its websites, because it’s known to bypass certain security measures put in place to prevent financial fraud.

Enable built-in browser settings for better safety

Almost every AI browser uses your browsing patterns and search history to train future iterations of its AI models, so it’s effectively getting better at doing things by learning from your day-to-day tasks. That means all your browsing data is being sent to the browser’s developers by default unless you specifically opt out. Luckily, browsers that train models on your data also give you the option to disable training, at least on paid plans. This is always the first feature you should turn off if you use AI Browsers.

Data Controls and disable Improve model for everyone to disable model training. You can also selectively opt out of letting ChatGPT use your browsing history or audio recordings of chat sessions for model training here. 

Account > Preferences. Toggle off AI data retention to opt out of model training from Perplexity. 

Privacy. Disable the option that says Share content data to improve Dia.

Keep your browser from accessing your logged-in sessions

Using the Logged out version of Agent mode with ChatGPT Atlas Credit: OpenAI/ChatGPT

In ChatGPT Atlas, you can specifically prevent the AI from accessing your logged-in browser sessions in Agent Mode, so that it’s forced to ask for your credentials each time it needs to log into an email account or social media profile. While there’s no exact equivalent to this feature with Comet or Dia, those browsers also offer controls that let you decide how much access your agent can have. 

Perplexity Comet: In Comet, there’s no universal toggle that restricts access to logged-in sessions. Perplexity notes that Comet does not have access to your passwords since those are only stored in your operating system’s vault, but it can still use your active sessions to pull sensitive information from logged-in accounts or execute tasks using those accounts. So, your best bet is to use Incognito mode when logging into any websites with the Comet browser, so you don’t stay logged in after you quit. 

Delete browsing data from dia://settings/ to delete your existing session cookies and log out of all active accounts. 

ChatGPT Atlas: Go to Settings > Personalization. Toggle off Reference browser memories to prevent ChatGPT from retaining any memory from your previous chat sessions. This will effectively prevent it from getting better at your tasks by learning from your data, but it will also shield you from attacks that specifically target this feature. OpenAI notes that ChatGPT Atlas has built-in security filters that restrict access to sensitive information like government ID, bank account or credit card numbers, and SSNs. But disabling browser memories entirely offers much better safety. If that feels too extreme, you can also use incognito mode when performing any tasks that you’d rather not have relegated to your browser memory, or go to Settings > Personalization > View browser memories to delete or archive memories you don’t want retained. 

Privacy and security > Delete browsing data to clear your browsing history, cache, and cookies. To delete saved AI memories from your Perplexity account, you can navigate to New Tab Page > Account > Preferences > Memory, where you can choose to disable memory retention by toggling off Use search history and Notes. You can also click Manage memories to alter or delete specific memories. 

Memory, then click Reset Memory or Disable Memory. 

Restrict what agents can access on sensitive sites

Restrict access to sensitive sites when using Comet Credit: Perplexity AI

ChatGPT Atlas: Go to Settings > Personalization. You’ll see an option called ChatGPT page visibility. If you click on it, you can add a list of websites where your agents won’t be able to access any data or take actions even when prompted. But you’ll still be able to access these sites using the browser manually. 

Privacy and security, then take a look at the options under Comet Assistant to find Block personal search for these websites. This should give you more options to configure which websites Comet can navigate to and interact with, as well as whether it can access your browser history by default. 

Privacy and security > Site settings to control all site permissions on an individual level. However, this does not prevent agents from seeing the data on these websites. To prevent Dia from gaining access to data from sensitive sites, it’s better to just avoid logging into any private accounts unless in incognito mode. 

A few additional best practices for AI browser safety

Keep using your regular browser, like Chrome or Firefox, for most day-to-day work. Maintain a separate profile for AI browsers with no sensitive logins just for running AI browsing tasks.

Avoid accessing user-generated content platforms like Reddit with your AI browser, which are a haven for prompt injection attacks. But if you must do it, make sure to restrict your agents from seeing or accessing anything on these sites. 

When asking an agent to execute multi-step workflows, always keep an eye on what it’s doing and use the pause or interrupt controls to stop any suspicious activity as soon as you spot it. 

For sensitive platforms like financial websites or workplace communication apps, enable two-factor authentication on your account to prevent agents from logging in without your knowledge. 

Hence then, the article about how to use ai browsers without getting hacked was published today ( ) and is available on Live Hacker ( Middle East ) The editorial team at PressBee has edited and verified it, and it may have been modified, fully republished, or quoted. You can read and follow the updates of this news or article from its original source.

Read More Details
Finally We wish PressBee provided you with enough information of ( How to Use AI Browsers Without Getting Hacked )

Last updated :

Also on site :

Most Viewed News
جديد الاخبار