My browser, the spy: How extensions slurped up browsing histories from 4M users Have your tax returns, Nest videos, and medical info been made public? July 18, 2019 https://arstechnica.com/information...a-from-apple-tesla-blue-origin-and-4m-people/ Report: DataSpii: The catastrophic data leak via browser extensions (SUMMARY) / Full Report
More on DataSpii: How extensions hide their data grabs—and how they’re discovered July 18, 2019 https://arstechnica.com/information-technology/2019/07/dataspii-technical-deep-dive/
Wow this is pretty creepy. Edit: I'm less than 1/2 way through the documentation but it's well worth the long read.
Which naturally brings to mind: has anyone around here or elsewhere ever put together a vetted list of top extensions?
But it's not anything new though. I have always known that installing extensions is a huge risk, that's why I would rather see browsers makers integrating certain features. I also wonder if there is a way for them to limit extension rights, without crippling them.
That's right, it's not new, but as the comment below says - it's dirty. The implications of this thing run far and wide, compromising massive amounts and wide ranging personal imformation like health records, business secrets, ssn, and so on. It's especially the insidious nature of those 8 (known) extensions and the extremely devious way they've been coded to hide/ delay/ morph etc making detection extremely difficult. When the heat comes on, these scammers tried to single out Sam Jadali - " but you're the only one" Not many people put their life on hold for months and spent 30K nailing this stuff down.
Still available via Google Analytics: Data slurped from 4 million browsers Customers allowed to hold on to existing data as long as they keep accounts open July 24, 2019 https://arstechnica.com/information...rowsers-still-available-via-google-analytics/
Yes exactly, but what I meant is that ALL extensions are capable of doing this stuff, and we have browser developers (Mozilla, Google, M$) to blame.
For sure when you get a partnership (browsers devs and extension devs) there's going to be two possible culprits. Yes there's always the worry that extensions have the capability to leak stuff, so I agree and I do see the dilemma with that, so much so, I'm taking a fresh look at weeding out more of mine. The pure nature of these 8 extensions though, just can't be considered on the same level as, say, uBO and other extensions that are well known and well respected.