• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

"This website wants to scan for devices on your local network".... <raising eyebrow is an understatement>

mikeymikec

mikeymikec

Lifer
So apparently Chrome derivatives have this feature now. I was downloading Intel's driver update tool and when I got to the 'download now' page in MS Edge, the browser asked me this question.

It's in Chrome on Android too.

What the hell? It's almost like the Chromium devs discussed what would be a great feature to be exploited by malware when so many people see their browser asking a question and just click "allow" without thinking.

I often recommend disabling the browser notifications feature because so many customers have had scam notifications and fallen for stuff like "your McAfee is out of date", I guess this is another one to add to the list!
 
bba-tcg said:
I tell all customers to either not answer the allow / block prompt or pick block. Never allow.
Click to expand...

In my experience, when asked if they remember such a message appearing... always the answer is no.

I have a side concern that there's a vulnerability being exploited surrounding the browser notification feature, but Occam's Razor points towards the most obvious suspect: People just clicking a troublesome message out of their way.

I'm puzzled as to why the network feature exists in the first place though.
 
Interesting. Looks like it's more about blocking access to local LAN IPs than something new and sinister.

piunikaweb.com

Chrome asking to connect to local network devices: here's why

Seeing "look for and connect to any device on your local network" in Chrome? It's a new security feature, not a hack. Here's what it means and what to do.
piunikaweb.com piunikaweb.com

I wonder whether a PiHole would trigger this?
 
@Ken g6 Thanks for the link, but I still think it's odd to present the question in that kind of context. It should be a very definite warning message saying that this is a very wrong situation unless you know for a fact that it's OK.

PS: I have had a tonne of customers with scam browser notifications and I think it's precisely because of an innocuous-sounding confirmation message like "this website wants to send you notifications, allow/block?".
 
mikeymikec said:
@Ken g6 Thanks for the link, but I still think it's odd to present the question in that kind of context. It should be a very definite warning message saying that this is a very wrong situation unless you know for a fact that it's OK.

PS: I have had a tonne of customers with scam browser notifications and I think it's precisely because of an innocuous-sounding confirmation message like "this website wants to send you notifications, allow/block?".
Click to expand...
It is the site notification allow/block that triggers the scam notifications because all I have to do is clear the site permissions in all chromium based browsers, particularly in Edge, even if the customer is not using Edge as their default browser. I tell them it's best to not select either option - just ignore it.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top