SuperJail Warden
Gone Forever
+634|3690
So got an alert that a Chrome extension was infected with malware. Had the extension for years and the security report put out by Avast says the thing was probably created in order to put push malware. People have been complaining about the thing screwing with their Google search results in order to push advertising links. I would have never noticed since I have an adblocker. So I changed the three email addresses I use and my online banking. I guess at this point my TD Ameritrade, 2 Credit Cards, and student loan provider are the only other things that need to get changed? Anything beyond that is superfluous? I check my credit constantly so no worries there. I can only hope that the person who created the extension was just interested in pushing ad links.
https://i.imgur.com/xsoGn9X.jpg
RTHKI
mmmf mmmf mmmf
+1,736|6708|Oxferd Ohire
I find it amusing it was a chrome extension that got you and not the game hacks you were so afraid of
https://i.imgur.com/tMvdWFG.png
SuperJail Warden
Gone Forever
+634|3690
Yup. From my recent research it seems bad Chrome extensions is a common problem.
https://i.imgur.com/xsoGn9X.jpg
unnamednewbie13
Moderator
+2,053|6742|PNW

According to Statista, desktop Chrome 87 and 88 currently have like a combined 23% market share. Android Chrome 35%. Not a mystery why major browsers would be frequently, specifically targeted by malware.

Opera used to be my go-to alternative, but there's some stuff that doesn't look good these days.

Give Brave a look?
SuperJail Warden
Gone Forever
+634|3690
There is no excuse for Chrome extensions to be malware infected. People getting extensions through the Chrome store or whatever it is called should have confidence in the reliability and safety of the stuff.
https://i.imgur.com/xsoGn9X.jpg
RTHKI
mmmf mmmf mmmf
+1,736|6708|Oxferd Ohire
I was looking for a one time use extension. I forget what for. I do remember after trying it out realizing that it asked to redirect search and I absentmindedly gave it that.
https://i.imgur.com/tMvdWFG.png
unnamednewbie13
Moderator
+2,053|6742|PNW

SuperJail Warden wrote:

There is no excuse for Chrome extensions to be malware infected. People getting extensions through the Chrome store or whatever it is called should have confidence in the reliability and safety of the stuff.
In a perfect world.

I've intercepted malware from ads in the past, which is why I no longer allow them at all. Extensions can certainly open you up:

The real problem with extensions is if they are given too much access to the websites you visit, they have the power to do just about anything. They can act as a key-logger to capture your passwords and banking details, place ads on websites you visit, reroute your search traffic elsewhere and track everything little thing you do while you are online.

Having access to this info puts you and your identity at risk and leaves you vulnerable to more serious attacks. Chrome extensions, for example, have been criticized for secretly collecting and selling users data to the highest and often most shady bidder. Google is doing all it can to put a stop to this, but it’s not enough.
Chrome has been under constant attack and scrutiny because of its popularity, but Firefox is at even greater risk. Why? Simply because Firefox operates without system permissions, which means every extension you install automatically has access to everything.

Microsoft Edge is another example of a browser that comes with a permission system for extensions, but many require access to everything in order to work properly. Even an extension that only needs access to one website can be dangerous as well. In the end, it’s all about gathering as much info about you as possible and passing it along later.
https://www.komando.com/tech-tips/every … ns/584432/

This is the kind of stuff I get to lecture old people in the business about sometimes. Once they get a modicum of know-how, that's when they're at their most dangerous.
SuperJail Warden
Gone Forever
+634|3690
I am not too worried about this anyway. I don't expect whoever set this thing up to have been planning widespread mortgage fraud or draining bank accounts. Those are actually pretty hard to do and very illegal. The extensions have been around for like half a decade redirecting searches and links. I am not sure if that is even illegal but probably isn't very much since the extensions got away with it for so long.
https://i.imgur.com/xsoGn9X.jpg
unnamednewbie13
Moderator
+2,053|6742|PNW

The data collection is really the more ever-present concern, and enables some of the fraud.

The aforementioned old folks used to rely on me for pretty much all the computer questions and issues. Now, apparently I don't know what I'm talking about and they're going to smile and nod and do stuff anyway. Like run ccleaner every single time a website loads two seconds too slowly. Call up the ISP to chew them out because no internet (because a batteryless router didn't come back online after a power outage), nevermind the ISP tech support asking if there was a router between the modem and the network on our end. It's the ISP's fault. Install like 80 shady driver finders on a 20 year old laptop to get it working so they can hook it up to the network.

Or install browser extensions without asking or even reading about them.
SuperJail Warden
Gone Forever
+634|3690
The browser extension that was infected had 4 and half stars with over 200,000 reviews and 2 million users. It also did the job that it was marketed to do. I just didn't download something randomly.

https://chrome.google.com/webstore/deta … mpil?hl=en
https://i.imgur.com/xsoGn9X.jpg
unnamednewbie13
Moderator
+2,053|6742|PNW

Yeah, don't go off of download count and average reviews from the extension page.

Privacy practices

The publisher has not provided any information about the collection or usage of your data
Permissions requirements for this from the firefox extension page:

Permissions
This add-on needs to:

Download files and read and modify the browser’s download history
Access browser tabs
Access your data for all websites
E: These alone aren't particularly useful (so many extensions nowadays have these permissions), but they're a catalyst for digging up info on it from tech, programming, and privacy sites.
SuperJail Warden
Gone Forever
+634|3690
It was literally the top search result in the Chrome app store for video downloader. I guess I could have done better research but I feel like Google is largely at fault for putting this forward as one of their top recommended extensions. And why the thing is even still available in their system is another big question.
https://i.imgur.com/xsoGn9X.jpg
unnamednewbie13
Moderator
+2,053|6742|PNW

If it's any comfort, questionable extensions are the tip of the iceberg. Scathing, if colorful:

Slouching towards dystopia: the rise of surveillance capitalism and the death of privacy
https://www.newstatesman.com/2020/02/sl … th-privacy

We're already aware that Google itself is less than up front about stuff. Meanwhile people are worried about thermal cams and contact tracing to help fight coronavirus, as they argue about it on facebook on devices full of tracking malware and vacantly-accepted clickwrap.
RTHKI
mmmf mmmf mmmf
+1,736|6708|Oxferd Ohire
dont you know posting that legal thing on your fb prevents them from selling info/media
https://i.imgur.com/tMvdWFG.png
KEN-JENNINGS
I am all that is MOD!
+2,973|6603|949

i own a domain and i want to start using an email address associated with that domain. I did a quick google search but what i found wasn't very straightforward. Anyone know how to set this up?
SuperJail Warden
Gone Forever
+634|3690
I think you actually need ti buy a email service from the web host before you can start getting emails
https://i.imgur.com/xsoGn9X.jpg
KEN-JENNINGS
I am all that is MOD!
+2,973|6603|949

Yes, that's absolutely something I need to do, but not necessarily from the web host (as far as I know). But I can't find a straightforward answer on how to set that up.
unnamednewbie13
Moderator
+2,053|6742|PNW

Steps can vary depending on who you're hosting with. At the very least if you're paying for a webhosting service that does email there should be a help link for that.
SuperJail Warden
Gone Forever
+634|3690
What company did you go with? SquareSpace? GoDaddy?
https://i.imgur.com/xsoGn9X.jpg
KEN-JENNINGS
I am all that is MOD!
+2,973|6603|949

I own domains through both, actually. This particular one is through GoDaddy. I was told by their customer support that I could use any email client, but when I went to add the option, it tells me I have to use o365. The marathon continues...
unnamednewbie13
Moderator
+2,053|6742|PNW

Did you click through these? Might be in here somewhere.

https://www.godaddy.com/how-to/course/setting-up-email
pirana6
Go Cougs!
+682|6261|Washington St.
Got my new comp setup and running like a top

Case: SSUPD Meshlicious. Small form factor / ITX. It's slightly shorter and nearly 1/3 the length of my previous mid-sized tower. Amazingly small on my desk.

Hardware: RTX 3090, 5900x, 32 GB RAM, etc. I don't want to talk about how I got the hardware but I'll say I overpaid for the CPU but actually did manage (through a nearly year-long series of stupid decisions) to get the GPU for msrp.

Last edited by pirana6 (2021-05-19 00:45:50)

SuperJail Warden
Gone Forever
+634|3690
So Amazon is introducing a new system where all of their Amazon devices are connected with each other to provide bandwidth support. So basically if your internet goes down, your Amazon device can piggyback off of your neighbor's device. I disabled this as soon as I could and I hope Amazon gets sued for it. But cool from a tech perspective.
https://i.imgur.com/xsoGn9X.jpg
unnamednewbie13
Moderator
+2,053|6742|PNW

Saw that on CBS. I have a lot of unanswered questions, but thankfully no amazon devices.

At the very least it should be opt-in only.
SuperJail Warden
Gone Forever
+634|3690
I checked my Amazon account and it was already disabled. Still don't trust them.

The idea is still cool. If we had something like "universal broadband" in the U.S., I would be okay the government using the modem they give me to host public wifi or the Amazon Echo developing self awareness by talking to the door bell.

They said they would only use 500 MB for your first device. If you have 2 devices 300 MB etc. as you link more Amazon devices. I have a bunch of devices so if Amazon is truthful I probably wouldn't contribute much to their network by their own algorithm but yes more questions.

Finally, imagine universal broadband in the U.S. You would have people being angry that they pay $20 a month for broadband but have to share it even though they only check their email. "I only use mine for email. Why should I pay the same amount as the kids on TikTok all day?" As if broadband is a scarce resource.
https://i.imgur.com/xsoGn9X.jpg

Board footer

Privacy Policy - © 2024 Jeff Minard