Wow, I knew of course that #Brave was running some really aggressive marketing campaigns... But now they are apparently spamming random bloggers because of links to MDN for browser extensions information.
For reference, the article in question is https://palant.info/2015/10/15/using-webextensions-apis-in-a-classic-extension/.
https://www.theregister.com/2020/06/24/bitdefender_security_hole/ got thoroughly confused by Bitdefender announcement claiming that the vulnerability resides in the SAFEPAY browser. No, a malicious website doesn't need to be opened in this browser, the exploit works from any browser as my post clearly states.
https://gbhackers.com/vulnerability-in-bitdefender-anti-virus/ on the other hand appears to be based on my blog post and Bitdefender announcement only. But it somehow manages to misattribute my statements to Bitdefender while also mangling my other statements in an attempt to avoid placing them in quotation marks.
I think the crown so far goes to https://androidrookies.com/bitdefender-anti-virus-found-vulnerable-allowing-attackers-to-run-commands-remotely/ which is a confusing mix of Wikipedia info, my article and https://www.bleepingcomputer.com/news/security/bitdefender-fixes-bug-allowing-attackers-to-run-commands-remotely/ without any of the sources named. Some of my statements are marked as quotes, others are simply part of the text. And parts are just weird.
And then one only needs to enable this reporter in ~/.config/urlwatch/urlwatch.yaml.
Don't forget to set DISPLAY=:0 when running urlwatch via cron!
Luckily, adding a reporter is fairly simple. One can create a ~/.config/urlwatch/hooks.py script, e.g. with the contents below (using kdialog command line tool to display a message).
And - yes, I can totally see how this error message can make someone despair. Crazy enough, I actually remember moving TSRs into high memory. 😀
Ok, so far it seems that the technical changes in Firefox are limited to a consent page. If you disagree the extension won't do anything and suggest that you uninstall. If you agree the same data is transmitted as before (minus page title).
Somehow my quick and dirty tool to make minified JS code readable turned into a pretty versatile pattern matching framework. At this point it can undo quite a bit of readability damage already, and adding new patterns is fairly easy.
Sometimes I almost regret not collecting IP addresses of blog commenters, this comment was likely sent from Avast headquarters. Seems to be the kind of logic a company would use to justify going behind users' back. They are fighting for data freedom!
Software developer and security researcher, browser extensions expert. He/him
Other Mastodon account for non-technical topics: https://social.tchncs.de/@WPalant
A Mastodon instance for info/cyber security-minded people.