Internet Giant Declines to Address Security Gap in Gemini that Potentially Exposes Users' Data
An alarm has been raised about a potential security flaw in the Gemini system, which could result in sensitive user information being sent to unintended recipients. However, the company behind Gemini appears to be brushing off the issue.
Uncovering a Hidden Threat
A cybersecurity expert has detected that Gemini is vulnerable to a specific kind of cyber assault known as ASCII smuggling attacks. This form of attack involves burying harmful prompts in innocuous-looking communication like emails or calendar invites. This becomes a problem when a language learning model (LLM) like Gemini is asked to summarize a text containing these hidden prompts.
While the company that owns Gemini is known for its stringent security measures and a proactive approach to user safety, it seems to be downplaying this particular issue. This dismissive stance is raising eyebrows, given the potential risks this vulnerability poses.
Understanding ASCII Smuggling Attacks
If you're not in the know about ASCII smuggling, it works on the principle of 'hiding in plain sight'. The attacker injects a clandestine instruction into a regular communication, such as an email. This could be written in the smallest font size to escape the victim's notice.
When the victim uses an AI tool like Gemini to summarize the text, the AI unknowingly reads out this hidden prompt too. This opens up a Pandora's Box of problems. For instance, the prompt might instruct the AI to dig up confidential information from your inbox or share your contact details. With Gemini's recent integration into a popular productivity suite, this vulnerability takes on greater significance due to the increased risk.
Testing the Waters
The cybersecurity expert who discovered this vulnerability decided to put some of the most widely used LLMs to the test. His findings were eye-opening. Alongside Gemini, two other LLMs were found to be susceptible to ASCII smuggling attacks. However, three other LLMs had safeguards in place to ward off such attacks, proving their security mettle.
The Company's Response
The expert reached out to the company behind Gemini, even providing a live demo where he fed Gemini a concealed instruction. The AI was duped into promoting a malicious website offering a high-quality phone at a discounted price.
Despite this demonstration, the company responded by downplaying the issue. They classified it not as a security bug, but as a social engineering tactic. In essence, they shifted the responsibility onto the user, implying that it's the user's job to identify and avoid such threats.
This response indicates that the company has no immediate plans to rectify this security loophole in Gemini, leaving users to fend for themselves in the face of this hidden threat.