Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

evil browser extensions

Encouraging best practices in the VPN industry via independent, community-certified verification of clean installers and clean basic service operations. Let's reward the good, and make the bad a little bit less tempting 〰 github repo#cleanVPN
User avatar

Topic Author
Pattern_Juggled
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am
Contact:

evil browser extensions

Postby Pattern_Juggled » Sat Feb 28, 2015 7:21 pm

Well, I am sticking this here for now even though it likely will be evicted at some point.

There's alot of evil browser extensions out there. Alot.

Stuff like this:

onetab_bad.png


I've begun capturing snapshots of them in the github.com/cryptostorm/fishycode repository, for now.

Is there someone out there who specialises in reporting and/or investigating these things? Are there best practices for doing so? They do some seriously, seriously evil shit - watch the events in your browser, and the .js console. You'll see.

The worst ones, by far, are "privacy" related. User-agent switchers, "free" proxy services, etc. I am pretty sure some are doing #superfish-style ssl kneecapping although I've had not time to confirm for certain. I do see them pulling certs in, and doing... things with them.

I suspect alot of crytostorm members have shitware extensions in their browsers that are causing serious security issues, currently. Time to clean that crap out.

Cheers,

~ pj
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

    ✨ ✨ ✨
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github
bitmessage:
BM-NBBqTcefbdgjCyQpAKFGKw9udBZzDr7f

Return to “#cleanVPN ∴ encouraging transparency & clean code in network privacy service”

Who is online

Users browsing this forum: No registered users and 4 guests

Login