Why is no one talking about this? This is why I don't use an AI browser You can literally get prompt injected and your bank account drained by doomscrolling on reddit:
Why is no one talking about this? This is why I don't use an AI browser You can literally get prompt injected and your bank account drained by doomscrolling on reddit: https://t.co/aGN8xrdZtD
No one seems to be concerned about this, it seems to me like the #1 problem with any agentic AI stuff You can get pwned so easily, all an attacker has to do is literally write words down somewhere???
Furthermore, it seems like very high profile and rich people and investors are trying out these AI browsers, seems like a really easy way to pwn someone with a lot of money: x.com/garrytan/statu…
Furthermore, it seems like very high profile and rich people and investors are trying out these AI browsers, seems like a really easy way to pwn someone with a lot of money: x.com/garrytan/statu…
@zack_overflow Check out my monthofaibugs.com for many examples Also wanted to include Comet but didn't get access in time... is it now GA?
@zack_overflow I'm strongly reminded of Windows XP when suddenly everyone figured out RPC vulnerabilities
@zack_overflow Same reason I don’t worry myself over people who engage in all kinds of self destructive behavior. I can’t fix stupid, and I’m not interested in trying.
@zack_overflow Why would I be concerned about this? This only affect people who are stupid enough to use AI browsers. It's just natural selection.
@zack_overflow it’s natural selection, anyone who thinks this technology is safe enough to let it roam their pc freely needs to be scammed and starved before they can repopulate
@zack_overflow "No one". Meanwhile @simonw was over here clearly outlining the intrinsic flaw 3 months ago: simonwillison.net/2025/Jun/16/th…
@zack_overflow It's just really scary how even those of us (like me) You have genuine intentions & motivations for learning to use AI, there's so much sketchy stuff online that idk it just seems kind of like the wild west. Like all these big rich tech corps./elites Etc get to write the rules.
@zack_overflow ... It'll make life so much better". Or whatever tf kind of shz they try to tell everyone. Tbh, learning all of the most up to date / most in demand tech/AI/I.T. skills that lead to gig work/contract work (Fiverr, Upwork), & fully remote jobs, is so intimidating.
@zack_overflow Sorry, character limit lol. The I.T./tech/AI sphere has really changed rapidly recently. We've been "reassured" by these tech giants and AI / tech corporations and large data & web dev tech firms that AI "will create new & better jobs" & other b,, s propaganda "it'll make life..
@zack_overflow Thanks for sharing this, very well articulated post. I actually have had very similar questions/concerns. I am a seasoned prompt engineer, am learning cybersecurity, ethical hacking, AI training, vibe coding, all types of development (web, app, AI coding, full stack data analyst)
@zack_overflow the browser presumable comet isnt even in release yet
@zack_overflow Even at the ai slop factory i used to work at we had guardrails against things like this. Perplexity should be doing better
@zack_overflow Why are we still using in-band signalling 40+ years after these issues were well known from blue-boxing on the phone network?
@zack_overflow I'm working on some (very early) formal verifiability (of AI agents) stuff that could make this hard(er). One very simple way to reduce the harm of this would just be using an agent that is always logged out of any website, and that has to be logged in by the user
@zack_overflow I am very concerned about this, I just assumed so will everyone else with an IQ over 70. But at some point it will take over our desktops, and I will move back to lynx in the terminal.
