The fast rise of AI-powered functions brings innovation, but additionally safety blind spots. As AI programs turn out to be integral to our day by day lives, their safety should preserve tempo with their capabilities. This is the main target of our AI Safety Testing Sequence, the place we analyze widespread AI functions for vulnerabilities that would put customers in danger.
In our final evaluation, we examined Deepseek’s Android app and uncovered important safety flaws. This time, we flip our consideration to Perplexity AI, one of the crucial broadly used AI-powered search assistants. Whereas its AI capabilities are spectacular, our safety testing revealed a number of vulnerabilities—some of which mirror previous errors seen in Deepseek, whereas others expose new dangers.
Let’s learn the way Perplexity AI measures up by way of safety on this weblog: Will it fare higher than Deepseek, or will it reveal comparable—and even new—vulnerabilities? Extra importantly, what do these findings inform us in regards to the broader state of safety in AI-driven functions? Learn on to seek out out extra.
What are Perplexity AI’s safety points?
Our safety evaluation uncovered a number of comparable vulnerabilities beforehand recognized in Deepseek’s Android App, that are:
- Unsecured community configuration: Elevated threat of network-based assaults
- No SSL validation or certificates pinning: Can result in impersonation assaults
- Weak root detection: Permits attackers to escalate privileges
- Susceptibility to the StrandHogg vulnerability: Permits phishing and id theft
- Publicity to Janus vulnerability – Permits attackers to switch APKs and inject malware
- Tapjacking assaults – Let attackers manipulate UI interactions to trick customers
- And 5 further important points within the Perplexity AI Android app.
These weaknesses additional expose customers to dangers reminiscent of knowledge theft, account takeovers, and reverse engineering assaults. Beneath, we break down the 5 newly recognized vulnerabilities and their potential impression.
1. Hardcoded secrets and techniques discovered
Assault sort
Credential publicity
Threat stage
Crucial
Perplexity AI comprises hardcoded secrets and techniques, reminiscent of API keys, straight throughout the utility’s code. Attackers who decompile the app can simply extract these secrets and techniques and misuse them to realize unauthorized entry to backend companies, probably resulting in knowledge leaks and system compromise.
In 2019, a significant safety breach affected an enterprise SaaS supplier when attackers exploited hardcoded API keys of their cellular utility. This allowed unauthorized entry to delicate buyer knowledge, resulting in thousands and thousands of information being uncovered.
How might Perplexity repair it?
- Retailer delicate keys securely utilizing atmosphere variables or encrypted vaults.
- Use safe token administration programs to rotate API keys frequently.
- Implement correct entry management insurance policies to stop unauthorized entry.
2. CORS misconfigurations: Wildcard origin in response headers
Assault sort
Cross-Website Request Forgery (CSRF) & knowledge theft
Threat stage
Excessive
Perplexity AI’s API responses comprise wildcard origins (*), permitting any web site to make requests to the app’s backend. This opens the door to malicious web sites making unauthorized requests on behalf of customers, probably exposing delicate knowledge.
A 2022 knowledge breach at a fintech firm resulted from a CORS misconfiguration that allowed attackers to hijack person classes. Malicious web sites might ship authenticated requests to the corporate’s backend, extracting monetary knowledge with out customers’ data.
How might Perplexity repair it?
- Limit CORS origins to trusted domains solely.
- Implement correct authentication and token validation to stop unauthorized entry.
- Repeatedly assessment API safety configurations.
3. SSL Pinning Not Carried out
Assault sort
Man-in-the-Center (MitM) assault
Threat stage
Crucial
The Perplexity AI app doesn’t implement SSL pinning, making it susceptible to interception assaults the place hackers can spoof safe connections and steal person knowledge.
In 2017, a high-profile cellular banking app suffered from MitM assaults on account of an absence of SSL pinning. Hackers intercepted communication between the app and the financial institution’s servers, enabling them to steal person credentials and transaction knowledge.
How might Perplexity repair it?
- Implement SSL pinning to confirm server certificates earlier than establishing a safe connection.
- Implement HTTPS with HSTS to stop insecure connections.
- Conduct periodic safety testing to establish and repair community vulnerabilities.
4. Bytecode shouldn’t be obfuscated
Assault sort
Reverse engineering & code tampering
Threat stage
Excessive
Lack of bytecode obfuscation makes Perplexity’s app logic straightforward to reverse-engineer, exposing important code paths and vulnerabilities.
A well-liked ride-hailing app was reverse-engineered by attackers in 2020, permitting them to create fraudulent variations of the app that bypassed fee programs, resulting in huge monetary losses for the corporate.
How might Perplexity repair it?
- Use instruments available out there to obfuscate code and stop reverse engineering.
5. ADB detection and lacking developer choices protections
Assault sort
Debugging exploitation
Threat stage
Excessive
Perplexity doesn’t detect if ADB debugging or developer choices are enabled, making it simpler for attackers to govern the app in a managed atmosphere.
In 2021, a cellular recreation was broadly hacked when attackers used ADB debugging to switch in-game parameters. This led to fraudulent in-app purchases and vital income loss.
How might Perplexity repair it?
- Implement runtime checks to detect debugging instruments.
- Implement safety insurance policies to limit debugging in manufacturing environments.
Why do you have to care?
When you have the Perplexity app in your telephone, these safety flaws put your private knowledge in danger proper now as:
🔓 Your non-public data is uncovered
Hackers can exploit these vulnerabilities to steal your private knowledge, together with delicate login credentials.
🌍 Your knowledge might be stolen with out your data
Weak safety settings make it simpler for malicious web sites to siphon off your knowledge silently.
📡 Cybercriminals can spy in your exercise
With out strong protections, attackers can intercept your searches and even steal your login particulars.
🐞 Your telephone might be exploited
The app lacks protections towards hacking instruments, leaving your machine susceptible to distant assaults.
So, what might be your security measures?
✅ Uninstall the app instantly
Eradicating the Perplexity AI app out of your telephone is most secure till these points are addressed.
🔒 Use trusted apps
Persist with well-reviewed apps with robust safety measures to guard your knowledge.
🛡️ Maintain your machine safe
Repeatedly replace your telephone’s software program and allow safety features like Play Shield to detect threats.
Evaluating Deepseek vs. Perplexity: A have a look at AI safety tendencies
Right here’s a breakdown of the important thing vulnerabilities present in each apps. This comparability highlights the areas the place each apps share comparable flaws and the place Perplexity has distinctive dangers, providing a clearer image of every app’s safety posture.
|
Safety Concern |
Deepseek Android |
Perplexity Android |
Influence |
|
Hardcoded Secrets and techniques |
🟥 Sure |
🟥 Sure |
Knowledge Theft |
|
Knowledge Publicity (CORS Misconfigurations) |
🟥 Sure |
🟥 Sure |
Knowledge Theft |
|
SSL Pinning Not Carried out |
🟥 Sure |
🟥 Sure |
Account Takeover |
|
Bytecode Not Obfuscated |
🟥 Sure |
🟥 Sure |
Reverse Engineering |
|
ADB/Debugging Protections Lacking |
🟥 Sure |
🟥 Sure |
Debugging Exploitation |
|
Unsecured Community Configuration |
🟥 Sure |
🟥 Sure |
Man-in-the-Center (MitM) |
|
No SSL Validation or Certificates Pinning |
🟥 Sure |
🟥 Sure |
Impersonation Assault |
|
Weak Root Detection |
🟥 Sure |
🟥 Sure |
Privilege Escalation |
|
Susceptibility to the StrandHogg Vulnerability |
🟥 Sure |
🟥 Sure |
Phishing & Id Theft |
|
Publicity to Janus Vulnerability |
🟥 Sure |
🟥 Sure |
APK Modification & Malware Injection |
|
Tapjacking Assaults |
🟥 Sure |
🟥 Sure |
UI Manipulation |
Key takeaways from Perplexity AI’s threat evaluation
AI safety debt is getting worse.
Perplexity doesn’t simply repeat Deepseek’s errors—it builds on them.
Each vulnerability we present in Deepseek can also be current in Perplexity, plus 5 further weaknesses that widen the assault floor. This isn’t simply an oversight; it’s a sample.
AI functions are evolving quick, however their safety isn’t maintaining.
Perplexity is a good greater threat than Deepseek.
With CORS misconfigurations, lack of bytecode obfuscation, and lacking debugging protections, Perplexity is much more uncovered than Deepseek.
These gaps make it simpler for attackers to steal knowledge, reverse-engineer the app, and manipulate its habits.
If Deepseek was a warning signal, Perplexity is a full-blown safety hazard.
Deepseek’s distinctive weaknesses nonetheless matter.
Whereas Perplexity has extra vulnerabilities general, Deepseek has its personal set of important flaws, like unsecured community configurations and publicity to superior threats like StrandHogg and Janus. These dangers make Deepseek a primary goal for extra refined assaults that may hijack person classes and inject malware.
The AI safety hole is rising.
AI functions have gotten extra highly effective, however their safety flaws are multiplying simply as quick.
With each Deepseek and Perplexity failing basic safety checks, it’s clear that safety isn’t a precedence in AI growth. Till that adjustments, customers will proceed to bear the dangers.
Appknox professional opinion: Is Perplexity AI protected?
Subho Halder, CEO and Co-Founder, Appknox, thinks:
Our testing highlights important vulnerabilities in Perplexity AI that expose customers to quite a lot of dangers, together with knowledge theft, reverse engineering, and exploitation. It’s essential for the builders to deal with these points swiftly.
Within the meantime, customers ought to be cautious about utilizing the app, notably for delicate actions.”
Conclusion: The larger image in AI safety
As AI functions like Perplexity proceed to evolve, so too should our strategy to securing them. The vulnerabilities uncovered in our evaluation—whether or not widespread oversights like hardcoded secrets and techniques or extra superior threats like reverse engineering—spotlight the urgent want for strong safety measures in AI-powered options.
Whereas Perplexity AI shares some important flaws with Deepseek, it additionally introduces new dangers that shouldn’t be missed.
For builders, this underscores the significance of proactive safety practices—implementing SSL pinning, securing API keys, and addressing CORS misconfigurations are only the start.
For customers, the message is obvious: whereas AI functions deliver super worth, they should be trusted solely when their safety is assured. Till these vulnerabilities are addressed, it’s prudent to stay cautious about utilizing apps that expose delicate knowledge to pointless threat.
At Appknox, we’re dedicated to uncovering safety dangers in AI-driven apps and serving to enhance the safety posture of those rising applied sciences. Keep tuned for future posts on this sequence, the place we proceed to research widespread AI functions and their vulnerabilities.
AI safety isn’t a future drawback—it’s occurring now. In the event you’re navigating these dangers or have insights to share, be a part of our LinkedIn group to debate the most recent threats, greatest practices, and real-world safety challenges with business friends.
Let’s push for a safer AI future—collectively.