Connect with us
Important Chrome Browser Security Services Update Important Chrome Browser Security Services Update

Security

Important Chrome Browser Security Services Update

Published

on

Since the advent ofInternet, it was necessary to design interfaces to access it. This is how web browsers were born. Unfortunately, this giant network of communication is not without drawbacks. Indeed, ill-intentioned people called hackers use it to harm to everybody. It is surely with this in mind that the chrome browser has decided to make a major update to its security protocols.

A hand holding a smartphone.
Credit: The Sun

In reality, this major overhaul will take place in two phase. New versions of said browser will be created in the coming months and will include security measures. security much safer than previous versions. It should be added that all browsers working with the chromium kernel (chromium) will have to be upgraded.

Many developers are at work in this large-scale project. These are, for example, Titouan Rigoudyn, engineer and software developers and Eiji Kitamura, expert engineer in web security.

Chrome 98 and 101: new security measures

The provisions embedded in the latest versions of this browser send a control request with the header ” Access-Control-Request-Private-Network “. Subsequently, this request must be validated and include the specification ” Access-Control-Allow-Private-Network : true.” »

“Chrome will start sending a preflight request CORS (Cross-Origin Resource Sharing) before any private network request for a sub-resource, which requests explicit permission from the target server” said Titouan Rigoudy and Eiji Kitamura . This means that from chrome 101, access to internal data by a site will be under control.

Basically, according to the engineers, all these provisions are intended to protect routers, as well as users against request forgeries leading to malicious domains

A general and mandatory evolution

In addition to Chrome, the browser edge Microsoft’s Chromium-based has added a new navigation mode to the beta channel (build 98.0.1108.23) to make it more secure. Furthermore, Microsoft declares: “This feature is a huge step forward as it allows us to mitigate unplanned zero active days (based on historical trends). »

The company continued in these terms: “When enabled, this feature brings hardware-enforced stack protection, arbitrary code protection (ACG), and content stream protection (CFG) as support for security mitigations. security to increase user safety on the web. »

SOURCE: THEHACKERNEWS

.

Click to comment

Leave a Reply

Your email address will not be published.

Security

Nvidia lost. LHR mining protection is also hacked under Linux. This was done by NBMiner developers

Published

on

Nvidia lost LHR mining protection is also hacked under

Two days have passed since the NiceHash developers cracked the Nvidia LHR protection, as the NBMiner team also pleased their users with the same news. Only this time we are talking about software for Linux.

Nvidia lost.  LHR mining protection is also hacked under Linux.  This was done by NBMiner developers

Thus, Nvidia’s protection completely fell for both Windows and Linux. Unfortunately, both programs are closed source, so it’s not clear what mechanisms the developers used to hack.

Whether the loss of Nvidia will affect the availability and prices of video cards is still difficult to say. At the moment, the cryptocurrency market continues to fall, but sooner or later it will turn around, and gamers may again face shortages and overpriced graphics cards.

Continue Reading

Security

Xiaomi has released a profitable set of security camera and smart door locksmart door lock

Published

on

Xiaomi has released a profitable set of security camera and

Xiaomi has introduced a new kit with an outdoor video surveillance camera and a smart door lock, which includes Mi Outdoor camera and Mi Smart Door Lock 1S.

The bundle is priced at around $237, which is a great deal as these devices cost $20 more individually.

Mi Smart Door Lock 1S supports 7 unlocking methods, including fingerprint, password, temporary password, Bluetooth, HomeKit, NFC or regular key unlock. Compared to the first generation, the new lock supports both the Mijia app and Apple HomeKit.

Xiaomi has released a profitable set of security camera and

As for the rechargeable version of Xiaomi Outdoor Camera, this is Xiaomi’s first outdoor wireless camera. It has an independent design and can be installed without connecting the mains cable or power cable. It has a wide viewing angle of 130°, 1080p resolution and supports WDR technology.

In addition, the battery version of the Xiaomi Outdoor Camera offers night vision up to 7 meters and people detection function. It is IP65 rated and has a long battery life of up to 90 days.

Continue Reading

Security

“These are machines for sucking out personal data.” Prayer and mental health apps have poor security

Published

on

These are machines for sucking out personal data Prayer and

Mental health apps have worse privacy protection than most other types of apps, according to a new analysis by Mozilla. We are talking about the entire category as a whole. In addition, things are also bad for prayer applications.

“These are machines for sucking out personal data.”  Prayer and mental health apps have poor security

The vast majority of mental health and prayer apps are exceptionally creepy. They track a variety of data, share and capitalize on users’ most intimate personal thoughts and feelings, such as mood, mental state, and biometric data.

The team analyzed 32 mental health and prayer apps. Of these apps, 29 received a Privacy not included warning, indicating that the team is concerned about how the app manages user data.

These applications collect large amounts of personal data in accordance with vague privacy policies. Most applications have also been found to have poor security practices that allow users to create accounts with weak passwords. Considering how much personal information such programs can contain, this is a bad feature.

The list of the worst programs according to the specified criteria included Better Help, Youper, Woebot, Better Stop Suicide, Pray.com and Talkspace. In particular, the Woebot chatbot claims to collect information about users and shares this data for advertising purposes, and Talkspace collects transcripts of user chats.

They work like data-sucking machines with the look and feel of a mental health app. In other words: wolves in sheep’s clothing

Continue Reading

Most Popular