Post by Paul G. Allen School of Computer Science & Engineering

7,086 followers

If you’re tempted to browse the web with the assistance of #AI, you might want to think again. That’s because “browser agents aren’t ready for the public,” warns #UWAllen professor David Kohlbrenner. He and faculty colleague Franziska Roesner in the University of Washington’s Security & Privacy Research Lab co-led a study that revealed agentic browsers are susceptible to cyberattacks by violating a cornerstone of modern web security known as the same-origin policy. This policy ensures that information from one website — say, a person’s bank account information — can’t be accessed by another website in the same browser unless the user intentionally supplies it. A human user, that is. An AI agent, on the other hand, can be tricked into bypassing the same-origin policy to reveal a user’s personal information across websites in ways they didn’t intend. That’s what happened when the team launched a proof-of-concept cyberattack on ChatGPT Atlas using a technique known as a prompt injection, in which a malicious website issues hidden instructions to the AI agent. The researchers found Chrome with Gemini, Claude for Chrome and Perplexity Comet to have similar vulnerabilities. Firefox AI Mode carried the least risk of the browsers tested, but it also had the most limited capabilities. “After 30 years of building up this same-origin policy, this is a big step back for browser security,” Roesner said. Read the UW News story: https://lnkd.in/g7eN5yWY #Artificialintelligence #ComputerSecurity #Cybersecurity #AgenticAI #ChatGPT #UWdiscovers Photo by Kaitlyn Baker on Unsplash

Post content