Particle.news
Download on the App Store
3 ARTICLES
·
2w ago

Google Won’t Fix GeminiASCII Smuggling’ That Hides Commands in Calendar and Email

Researchers say Gemini lacks input sanitization that blocks invisible instructions in rival assistants.

Overview

  • FireTail researcher Viktor Markopoulos disclosed the technique in September after showing that hidden text in invites or emails can guide Gemini without users seeing it.
  • Google told reporters it does not consider the issue a security vulnerability and has no plans to release a patch.
  • The method, known as ASCII smuggling, uses Unicode Tags characters to keep payloads invisible to humans but readable by the language model.
  • Possible outcomes include overwritten organizer details, concealed meeting descriptions or links, and deceptive site recommendations when Gemini summarizes content.
  • FireTail reported that ChatGPT, Claude, and Microsoft Copilot blocked similar attacks via input sanitization, a protection Gemini currently lacks.