8 Million Users' AI Conversations Sold for Profit by "Privacy" Extensions | Koi Blog
www.koi.ai
  • spit_evil_olive_tips@beehaw.org
    5·
    11 hours ago

    yeah, the browser extension world is an absolute shitshow. the AI part of this is new, but nothing else about it is.

    I’d recommend reading Temptations of an open-source browser extension developer from 2021 if you haven’t seen it before.

    tl;dr - a guy writes a simple, useful, open-source browser extension (Hover Zoom) that as part of its functionality needs permissions from Chrome to view every page the user opens. he has receipts of 10 years worth of companies reaching out to him and offering to buy the extension (when concrete dollar amounts are mentioned, they’re in the tens to hundreds of thousands of dollars range). this would only make sense if they wanted to use it for nefarious data-harvesting purposes.

  • MountingSuspicion@reddthat.com
    18·
    22 hours ago

    Other than being an obvious ad for their own AI, the article was pretty informative.

    Per the article, the following were found to be affected. Probably anything by the publisher should not be trusted as they’re just a data mining company, so make sure not to download any rebrands or new releases from the same people. Chrome Web Store:

    • Urban VPN Proxy - 6,000,000 users
    • 1ClickVPN Proxy - 600,000 users
    • Urban Browser Guard - 40,000 users
    • Urban Ad Blocker - 10,000 users

    Microsoft Edge Add-ons:

    • Urban VPN Proxy - 1,323,622 users
    • 1ClickVPN Proxy - 36,459 users
    • Urban Browser Guard - 12,624 users
    • Urban Ad Blocker - 6,476 users
  • Hirom@beehaw.org
    341·
    1 day ago

    The extension remains live and featured as of this writing.

    The Chrome Web Store should be avoided for security. Google keeps failing at moderaring their store, at the same time kneecaping legitimate adblockers with manifest v3 in the name of security, and failing to remove actual malicious extension after both manual review and dislosure of its behaviour by outsiders.

    Running Chrome without any extension isn’t ideal either, it would leave people without protection from malvertising and tracking. So better avoid Chrome altogether, use Firefox or Zen Browser or Tor Browser.

  • melsaskca@lemmy.ca
    6·
    20 hours ago

    We need to class action these companies to get our cut of the money they are making off of our data.

  • Sasquatch@lemmy.ml
    6·
    21 hours ago

    The article never mentions how it knows Urban and others were selling the data it collects. I mean, they probably arr, but Koi needs to prove their claim.

    Also, starting a paragraph with “I asked our AI,…” reads exactly like “Merriam Webster defines courage as…”. Real bottom of the barrel, bargain bin journalism

  • SSUPII@sopuli.xyz
    9·
    1 day ago

    So many VPN companies have zero interest in privacy or just produce malware. This is nothing new, but it is weird to target LLM prompts and conversations.