Are extensions allowed to exfiltrate AI chats, unrelated to their core function?
28 views
Skip to first unread message
James Arnott
1:24 PM (8 hours ago) 1:24 PM
to Chromium Extensions
Hi,
I was just wondering if extensions are allowed to exfiltrate user AI chats, unrelated to their core features, without the user being explicitly aware when they're using these AI chat platforms.
As far as I know, it's against the rules, but when I report them, nothing happens or they just get their featured badges taken away.
I made a blog post about this here.
Here's the list of extensions I caught exfiltrating AI chats (they also all exfil URLs, all but StayFocusd + StayFree exfil full URLs with no exceptions from what I see).
As far as I know, it's against the rules, but when I report them, nothing happens or they just get their featured badges taken away.
I made a blog post about this here.
Here's the list of extensions I caught exfiltrating AI chats (they also all exfil URLs, all but StayFocusd + StayFree exfil full URLs with no exceptions from what I see).
This list includes a list of "confirmed" and "capability", where confirmed means I saw it exfiltrating AI chats with my own eyes and capability means that AI chat collection can be enabled via remote config. Poperblocker, for example, started collecting AI chats ~24 hours after installing it, enabled by the remote config.
I'm speaking at DEF CON 34, later this year about extensions, and I'd love to say "Google cares about your privacy".
Here's some demo videos of the extensions exfiltrating this data:
Similarweb - hoklmmgfnpapgjgcpechhaamimifchmp - https://www.youtube.com/watch?v=-c5Jewuqrqw
Poper Blocker - bkkbcggnhapdmkeljlodobbkopceiche - https://www.youtube.com/watch?v=jtExgNjBGMo
I'm speaking at DEF CON 34, later this year about extensions, and I'd love to say "Google cares about your privacy".
Here's some demo videos of the extensions exfiltrating this data:
Similarweb - hoklmmgfnpapgjgcpechhaamimifchmp - https://www.youtube.com/watch?v=-c5Jewuqrqw
Poper Blocker - bkkbcggnhapdmkeljlodobbkopceiche - https://www.youtube.com/watch?v=jtExgNjBGMo
WhatRuns - cmkdbmfndkfgebldhnkbfhlneefdaaip - https://www.youtube.com/watch?v=UYwUmaVohQk
StayFocusd - laankejkbhbdhmipfmgcngdelahlfoji - https://www.youtube.com/watch?v=IOdGJEky1SU
(stayfocusd AI chat exfil capability is demonstrated here by swapping out the remote server, I have not seen them exfiltrating AI chats with my own eyes yet)
StayFocusd - laankejkbhbdhmipfmgcngdelahlfoji - https://www.youtube.com/watch?v=IOdGJEky1SU
(stayfocusd AI chat exfil capability is demonstrated here by swapping out the remote server, I have not seen them exfiltrating AI chats with my own eyes yet)
I've not made a demo video for Stylish but I have manually confirmed the exfiltration of AI chats, via the remote config. ID: fjnbnpbmkenffdnngjfgmeleoegfcffe blog post detailing the obfuscation + url exfil: https://amibeingpwned.com/blog/stylish-is-back-back-again
I'd appreciate some kind of action taken here. I know UrbanVPN got caught exfiltrating AI chats and they got taken off the chrome web store, so I don't see any reason these extensions, confirmed to be exfiltrating AI chats (which does not align with their stated purpose) would be allowed to do the same.
I'd appreciate some kind of action taken here. I know UrbanVPN got caught exfiltrating AI chats and they got taken off the chrome web store, so I don't see any reason these extensions, confirmed to be exfiltrating AI chats (which does not align with their stated purpose) would be allowed to do the same.
Reply all
Reply to author
Forward
0 new messages