AI Screen Readers Pose New Threat to Sensitive Web Form Inputs

💬 AI screen readers as an emerging attack surface for sensitive web form inputs — Microsoft Copilot Vision reads page content in real time including what users type. Microsoft Copilot Vision, Google Gemini Live, and Apple Intelligence can access rendered page content, including user-typed inputs, via DOM inspection or visual analysis. Standard security measures like fs-exclude, CSP headers, or type="password" do not prevent these AI tools from reading sensitive data, as they operate as first-party browser features with DOM access. The only mitigation mentioned involves storing real input values in Web Workers to prevent exposure in the DOM. The post raises questions about how these tools access data and their implications for compliance frameworks like HIPAA.