At least once a week I get a security announcement with 50+ serious issues in Chromium forcing me to recompile the damn thing over and over again (Gentoo). The last thing I need is yet bigger attack surface! Get rid of all that crap and make a browser that displays web pages in a secure fashion instead!
Announcement
Collapse
No announcement yet.
Chrome 61 Beta Rolls Out With JavaScript Modules, WebUSB Support
Collapse
X
-
Originally posted by debianxfce View Post
The list of Linux malware is short and "few if any are in the wild, and most have been rendered obsolete by Linux updates or were never a threat."
https://en.wikipedia.org/wiki/Linux_malware
Comment
-
Originally posted by grok View PostThe Web Share API is very useful. For instance, if your Google Chromium detects that you are a communist, it shares automatically with your government or relevant political/security services.
- Likes 1
Comment
-
Originally posted by uid313 View PostThis WebUSB thing sounds pretty scary. Imaging malware spreading on some advertising network or CDN, and it uses WebUSB to infect millions of USB devices.
Writes malware to USB storage devices, and rewrites firmware on webcam, keyboard, mouse, printers, scanners, etc.
Comment
-
Originally posted by schmidtbag View PostDo you know for a fact WebGL can access system memory or are you just assuming that? I get the impression it is a layer abstracted from direct OpenGL, which ought to prevent low-level hardware access.
https://www.contextis.com/resources/...-exploitation/
https://www.contextis.com/resources/...ecurity-flaws/
USB devices are just as dangerous. Think keyloggers, webcams, flash drives, etc.
https://wicg.github.io/webusb/#webus...ity-descriptor
- Likes 2
Comment
-
Originally posted by carewolf View PostIt requires your USB devices to all be net-safe. Originally WebGL had security holes as well until the drivers and in some cases the GPUs were fixed to not be vulnerable.
Comment
-
Originally posted by grok View PostThe Web Share API is very useful. For instance, if your Google Chromium detects that you are a communist, it shares automatically with your government or relevant political/security services.
Comment
-
Originally posted by starshipeleven View PostThe USB device itself must advertise that it wants to use this functionality, it's not just flat enabled for all https://wicg.github.io/webusb/#webus...ity-descriptor
Comment
-
Originally posted by starshipeleven View PostUhm, can you please state where in the API it shows that random websites can reflash a USB device firmware?
But everything doesn't always go as planned. There are security vulnerabilities that can be exploited and unintentional things can occur.
Comment
Comment