AI工具“沉浸式翻译”泄露隐私

Core Points - The AI translation plugin "Immersive Translation" has been reported to have privacy leakage risks, as translated content can be publicly accessible if users share snapshot links [1][2] - The plugin, developed by Shanghai Shitongwen Network Technology Co., Ltd., has over 3 million users on the Edge browser alone and was recognized as one of Chrome's best extensions for 2024 [2] - The snapshot sharing feature was taken offline after users reported that sensitive information, including business contracts and personal data, could be indexed by search engines [3][4] Company Overview - "Immersive Translation" utilizes multiple AI models, including ChatGPT, DeepSeek, and Gemini, to provide bilingual translation for various content types [2] - The plugin has been available since October 2022 across major browsers like Edge, Chrome, and Safari [2] Incident Details - Users were able to generate snapshot links of translated content, which lacked necessary security measures, leading to potential exposure of sensitive information [2][3] - The company acknowledged the issue and stated that the feature would remain offline until a robust privacy protection mechanism is established [3] Security Implications - Experts noted that the incident was not a data security breach but rather a flaw in the feature design, emphasizing the need for better security measures [4] - Previous incidents of data leakage in online translation services highlight the importance of safeguarding sensitive information during translation processes [4] Recommendations - It is advised that service providers implement security features similar to file-sharing services, such as password protection and expiration dates for shared links [5]