- Sep 15, 2008
- 5,055
- 198
- 116
NoScript and other popular Firefox add-ons open millions to new attack
- Thread starter Chiefcrowe
- Start date
The vulnerability still needs a malicious extension to be installed. Not huge problem for people who only install the bare minimum like https everywhere, ublock, noscript, MAF. But many people don't realize malware/privacy implications of installing browser extensions.
VirtualLarry
No Lifer
- Aug 25, 2001
- 56,571
- 10,206
- 126
Wow. Not too surprising though. JavaScript itself wasn't exactly designed with high security in mind.
Couldn't they introduce some sort of JS private namespace for each extension, and it would require explicitly importing the namespaces of functions and variables that it accesses, so that this sort of cross-extension programming could be more easily detected and controlled?
Or would that require too much of a revision to JavaScript's functionality itself?
Couldn't they introduce some sort of JS private namespace for each extension, and it would require explicitly importing the namespaces of functions and variables that it accesses, so that this sort of cross-extension programming could be more easily detected and controlled?
Or would that require too much of a revision to JavaScript's functionality itself?
John Connor
Lifer
- Nov 30, 2012
- 22,757
- 618
- 121
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter