Brave Profile picture
Aug 20 7 tweets 2 min read Read on X
AI agents that can browse the Web and perform tasks on your behalf have incredible potential but also introduce new security risks.

We recently found, and disclosed, a concerning flaw in Perplexity's Comet browser that put users' accounts and other sensitive info in danger. Image
This security flaw stems from how Comet summarizes websites for users.

When processing a site's content, Comet can't tell content on the website apart from legitimate instructions by the user. This means that the browser will follow commands hidden on the site by an attacker.
These malicious instructions could be white text on a white background or HTML comments. Or they could be a social media post.

If Comet sees the commands while summarizing, it will follow them even if they could hurt the user. This is an example of an indirect prompt injection.
One example attack:
1. A Comet user sees a Reddit thread where one comment has hidden instructions.

2. The user asks Comet to summarize the thread.

3. Comet follows the malicious instructions to find the user's Perplexity login details and send them to the attacker.
This attack demonstrates the risks presented by AI agents operating with full user authentication across multiple sites.

New security measures are needed to make agentic browsing safe.
In today's blog post, we share more details on this vulnerability and discuss potential protections against other attacks of this nature.

Perplexity has patched this error since we reported it to them. brave.com/blog/comet-pro…
Security and privacy cannot be an afterthought in the race to build more capable AI tools.

In the next blog post of this series, we'll discuss Brave's efforts to deliver secure AI browsing to our nearly 100 million users. Stay tuned!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Brave

Brave Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @brave

Aug 11
AI assistants collect personal information, store your conversations on their servers and use your inputs to train their models.

Leo doesn't. Here's how we built privacy into every part of the Brave browser's AI assistant...
All of the AI models offered through Leo are hosted on our own infrastructure to ensure user privacy.

We don’t retain your conversations with Leo or use them for model training. We also don’t collect any personal data such as your IP address.
This same approach applies to any documents or images you ask Leo to analyze. They’re discarded immediately after Leo answers your prompt.

Other companies retain these files on their servers.
Read 6 tweets
Jul 23
New testing confirms that Brave for Android is outperforming the competition. 🏆

It's faster, uses less battery and CPU, and consumes less mobile data and Wi-Fi bandwidth than other major browsers. 🧵
We conducted performance tests with a Google Pixel 6a using our open-source BLaDE infrastructure.

In the tests, we measured Brave against four competing browsers: Chrome, DuckDuckGo, Edge and Firefox.

Here's what we found...
Battery and CPU:

Brave uses 3.9% less energy than Chrome, Edge, and Firefox and 5.5% less CPU on average.

It uses 23.7% less energy and 17.6% less CPU than DuckDuckGo. On review, we found a resource management issue in DDG that we shared with its team: github.com/duckduckgo/And…Image
Read 7 tweets
May 12
🔥 Big news: Brave is adding @Cardano support!

Brave and @InputOutputHK are teaming up to integrate Cardano's blockchain into our browser's multi-chain wallet. Image
When the integration is live, Brave Wallet users will be able to directly access Cardano to manage native assets like NIGHT, engage in governance, and seamlessly swap tokens.

This update expands Brave's multi-chain capabilities beyond its existing support for networks like Ethereum and Solana.
We're excited to make Web3 more accessible and secure for Brave and Cardano users.

Learn more about Brave Wallet's Cardano support here: brave.com/blog/io-cardan…
Read 4 tweets
Apr 23
Users can't trust Google.

Google has lied repeatedly to Chrome users about plans to protect their privacy.

This week, it broke yet another promise. 🧵
In 2020, Google announced plans to remove third-party cookies from Chrome by 2022.

Then Google delayed the removal of these trackers to 2023.

Then Google delayed it to 2024.

Last summer, the company announced it wouldn't block third-party cookies after all.
While Google dragged its feet, nearly every other browser began blocking third-party cookies.

Chrome is now the worst browser for user privacy by far. Users' data is collected through cookies (and other tracking methods) so they can be targeted with ads.
Read 6 tweets
Sep 17, 2024
Did you just download Brave?

Here are a few things you should do right away to get the most out of our browser... 🧵
1) Import settings/bookmarks

When you install Brave on desktop, you’ll be prompted to import your data from previous browsers.

If you don’t do this at setup, you can do it at any time by heading to Settings -> Get Started and clicking “Import bookmarks and settings.”
2) Set up syncing

If you use Brave on more than one device, you can synchronize your browsing data across all of them.

Go to Settings -> Sync to start a sync chain. Image
Read 7 tweets
Aug 26, 2024
Google Chrome's proposed "Related Website Sets" (RWS) feature will further undermine Chrome users' privacy.

RWS allows companies to track you across sites without your knowledge.
If two sites are owned by the same organization, Chrome will allow third-party cookies between them.

This would let Google link YouTube videos you watch to your Google profile, even when you’re not logged into YT, and even after third-party cookies are deprecated in Chrome.
Google justifies RWS by saying that users expect two sites owned by the same company to share data.

However, a study we conducted with @univofstandrews, @imperialcollege, and @hkust showed that users can't consistently tell if two sites are related: brave.com/blog/related-w…
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(