Wow, I knew of course that was running some really aggressive marketing campaigns... But now they are apparently spamming random bloggers because of links to MDN for browser extensions information.

For reference, the article in question is

It seems that I'm done with the illustration for next Monday's article. We'll have another "secure browser" to pick apart in a week. got thoroughly confused by Bitdefender announcement claiming that the vulnerability resides in the SAFEPAY browser. No, a malicious website doesn't need to be opened in this browser, the exploit works from any browser as my post clearly states.

Show thread on the other hand appears to be based on my blog post and Bitdefender announcement only. But it somehow manages to misattribute my statements to Bitdefender while also mangling my other statements in an attempt to avoid placing them in quotation marks.

Show thread

And then one only needs to enable this reporter in ~/.config/urlwatch/urlwatch.yaml.

Don't forget to set DISPLAY=:0 when running urlwatch via cron!

Show thread

Luckily, adding a reporter is fairly simple. One can create a ~/.config/urlwatch/ script, e.g. with the contents below (using kdialog command line tool to display a message).

Show thread

And - yes, I can totally see how this error message can make someone despair. Crazy enough, I actually remember moving TSRs into high memory. πŸ˜€

Show thread

I did try going through their support channel as well but got the reply below. I guess that outsourced their support to some country far away...

Show thread

What a time to be alive. Nigerian princes no longer want to transfer money, they are now in the business of selling face masks.

Fancy phishing approach: rather than spam a suspicious phishing URL, send people a link to a Google Docs document. Make that document look like a download page and long enough that the Google footer disappears below the fold. The "here" link points to a malicious URL of course.

Came across this wonderful web-only password manager today. Sure, security-wise that's an inherently flawed combination. But their security bullshit is soooo charming...

Ok, so far it seems that the technical changes in Firefox are limited to a consent page. If you disagree the extension won't do anything and suggest that you uninstall. If you agree the same data is transmitted as before (minus page title).

Show thread

Somehow my quick and dirty tool to make minified JS code readable turned into a pretty versatile pattern matching framework. At this point it can undo quite a bit of readability damage already, and adding new patterns is fairly easy.

Sometimes I almost regret not collecting IP addresses of blog commenters, this comment was likely sent from Avast headquarters. Seems to be the kind of logic a company would use to justify going behind users' back. They are fighting for data freedom!

I realize that clocks are ticking differently for embedded devices, which is why Windows XP installs are still common. However, this view on a German ICE train screen is still special. Judging by the visuals, this is Windows 3.1, released 1992. Take that, software updates!

This is either a huge "hack me please" sign in this browser extension's manifest or the extension is actually a backdoor. In case you are wondering: no, I don't think that the extension is using any of these permissions.

Me: Nice, a browser extension listing script-src: 'unsafe-eval' in its CSP. They disabled all protections, there might be fancy vulnerabilities inside.

Them: Actually, we only need it for this code:

Finally brought out an update for PfP: Pain-free Passwords. Now I get to use the new access keys feature in my production profile.

just took down without any advance warning. My offense: I didn't publish a privacy policy, this extension not collecting any data whatsoever. The joke: unlike Mozilla Add-ons, Chrome Web Store does not have a field for the privacy policy!

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.