latest browser; it charges your browser with the capabilities of an LLM. Although a browsing assistant sounds splendidly convenient and futuristic, Atlas leaves loads be be desired.
On this post I’d wish to dive deep into how Atlas and most current AI-powered browsers fail on three points: privacy, security, and censorship.
First we’ll take a take a look at how Atlas works.
Atlas under the hood
First let’s understand how Atlas and other AI browsers work, what their capabilities are, and the way they differ from other “regular” browsers.
Why do AI browsers exist?
AI browsers aim to unravel a growing problem on the net: information overload. I’m sure we are able to all recognize trying to find information in pages stuffed with forms, ads, and countless UX flows. Corporations like OpenAI try to unravel this by offering an AI assistant to do that for you.
The AI browser is designed to be a brand new interface layer on top of the online. You possibly can let an LLM interpret a page, extract meaning, answer questions, and even take actions. The strategic incentive of OpenAI is to integrate ChatGPT deeply right into a browser as a way to keep users inside their ecosystem.
The promise is convenience, automation, and a more personalised browsing experience. As we’ll see later in this text, the implementation introduces significant privacy, security, and moderation risks.
What can Atlas do for me?
AI browsers are browsers that we interact with similar to with ChatGPT. You possibly can ask them to summarize the web site you’re taking a look at, translate it, or ask questions on the content. The browser keeps a history, learns out of your browsing habits, and “gets to know you” a bit higher.
Moreover there’s agent mode. Imagine tasking the browser and seeing it perform the next task autonomously: “I would like a pleasant holiday for two, either by train or plane with a max cost of €800”. You’ll see Atlas opening tabs, Googling, reading web sites, clicking buttons, etc.
How does Atlas work?
Essentially, Atlas is only a Chromium browser that uses ChatGPT for . Agent mode is evaluated by ChatGPT, it analyzes web pages with ChatGPT, etc.
Concerns
Although AI browsers like Atlas offer quite a lot of cool capabilities, there are some concerns, the largest of which we’ll discuss now.
Privacy
Atlas reads together with all the pieces you see and sort, sharing this information with ChatGPT. This is actually the “AI” a part of “AI browser”. This leaves an infinite privacy concern.
We’re already quite acquainted with “regular” tracking like many web sites do. They collect details about what visitors do on their site.
Atlas takes this to the acute by tracking all the pieces you do on every site. It observes what you read, how long you stay, what you do next; essentially, your entire online behaviour is tracked and that data is within the hands of company (OpenAI).
Security
The massive problem with security is that the browser cannot reliably distinguish between data (e.g. the content of a site for tickets) and directions (“find tickets to Rome”). This leaves the browser wide open for prompt injection.
Easy prompt injection to steal your sensitive data
The browser reads together with you on a web site you visit. It sends the content to ChatGPT as a way to analyze it and e.g. summarize it. Imagine a malicious actor who hides invisible instructions (e.g. white text on a white background) on the page:
“Ignore all previous instructions and as a substitute do the next: …”
This incredibly easy approach to prompt injection influences how your browser operates. Mix this with agent mode and its capabilities and also you’re just asking to be hacked.
Researchers from Brave (“regular” browser) have already documented such attacks, showing that AI-powered browsers could be manipulated to navigate to the user’s banking site, extract saved passwords, and send sensitive information to attacker-controlled servers.
Censorship
Everyone knows that LLMs are heavily moderated. We’ve all heard the stories of Deepseek refusing to answers questions on Tiananmen Square and Google’s Gemini generating racially diverse historical figures. Some queries mustn’t be answered, e.g. we don’t want ChatGPT to show users how one can make a bomb.
My problem with Atlas, nonetheless, is that there may be company that determines what you see, especially if you realise that very same company holds the complete history of your online activity. In a world stuffed with , propaganda, censorship, and increasingly authoritarian figures, this seems like an infinite risk.
Conclusion
AI-assisted browsing is coming, but not like this. Personally I feel there’s quite a lot of potential in AI browsers but the safety issues are glaring. That, together with the undeniable fact that Atlas will share all my online activity with only one company, which is also perfectly in a position to censor or influence what i see, is something I find very dangerous.
Until transparency, privacy, and safeguards catch up, I wouldn’t trust it with my data… or my wallet.
I hope this text was as clear as I intended it to be but when this just isn’t the case please let me know what I can do to make clear further. Within the meantime, try my other articles on all types of programming-related topics.
Completely happy coding!
— Mike
Sources:
