Mr Tan is getting extremely desperate, no one is using his ai browser.
Prompt injection just for fun
Imagine having your very own AI agent! Your robot pal who goes out and does useful things for you! Just ask, it’s on the case!
This exploit was discovered by two security guys at the Brave web browser. They put a comment on a post on Reddit with the prompt injection in it. Then they asked Comet to summarise the Reddit web page. [Brave, archive]
Comet then went to their test user’s Perplexity AI login page and grabbed the user’s email address. Perplexity sent back a verification email for that address to login — then Comet read the verification email.
Of course it can read your GMail.
Finally, Comet posted a new comment to Reddit containing the verification email and the login code — and that’s enough for the attacker to take over the test user’s Perplexity account. Then Comet errored out and said it couldn’t summarise the web page.
All the user had to do for all of this to happen was go to a web page and ask Comet to summarise it.
At least I tried
> Comet isn't available for your system yet. Comet is currently available for Windows and macOS.
The official description says this is a limited time offer. I don't know when it will end. If you want to get it for free, now is the best time.
Mr Tan is getting extremely desperate, no one is using his ai browser.
Prompt injection just for fun
Imagine having your very own AI agent! Your robot pal who goes out and does useful things for you! Just ask, it’s on the case!
This exploit was discovered by two security guys at the Brave web browser. They put a comment on a post on Reddit with the prompt injection in it. Then they asked Comet to summarise the Reddit web page. [Brave, archive]
Comet then went to their test user’s Perplexity AI login page and grabbed the user’s email address. Perplexity sent back a verification email for that address to login — then Comet read the verification email.
Of course it can read your GMail.
Finally, Comet posted a new comment to Reddit containing the verification email and the login code — and that’s enough for the attacker to take over the test user’s Perplexity account. Then Comet errored out and said it couldn’t summarise the web page.
All the user had to do for all of this to happen was go to a web page and ask Comet to summarise it.
courtesy of David Gerard