My browser, the spy :: Do not trust browser extensions

by Volker Weber

DataSpii begins with browser extensions—available mostly for Chrome but in more limited cases for Firefox as well—that, by Google's account, had as many as 4.1 million users. These extensions collected the URLs, webpage titles, and in some cases the embedded hyperlinks of every page that the browser user visited. Most of these collected Web histories were then published by a fee-based service called Nacho Analytics, which markets itself as “God mode for the Internet” and uses the tag line “See Anyone’s Analytics Account.”

I have zero extensions in my browser. Why? Because they can read everything that I can see. And a whole lot more.

More >

Comments

So you don't use an Ad-Blocker? And don't say Pi-hole :-)

Karl Heindel, 2019-07-19

Correct. I have zero plugins.

Volker Weber, 2019-07-19

As there is a security management behind the extension system (at least of Firefox), there are many different rights extensions could have (see https://support.mozilla.org/en-US/kb/permission-request-messages-firefox-extensions). There are extensions that even have no specific rights and can simply "see" nothing.

But anyway, to aim for less (better no) extensions is always a great achievement.

René Fischer, 2019-07-19

I see your point, but honestly, wouldn't you even trust something like 1Password?

Christian Andres, 2019-07-19

I do not use 1Password because it is a high value target.

Volker Weber, 2019-07-19

Volker, so do you use a different password manager, instead of 1Password, or how do you keep track of your secure passwords?

John Keys, 2019-07-19

A few dozen passwords in my brain, the important ones on paper. The rest I reset as necessary.

Volker Weber, 2019-07-19

Recent comments

Torsten Pinkert on Paypal muss seinen Service verbessern at 02:43
Stefan Heinz on 30 Jahre Lotus Notes: Die Hard, Folge 30 :: heise online at 19:57
Jan Tietze on Paypal muss seinen Service verbessern at 16:21
Thomas Cloer on Paypal muss seinen Service verbessern at 11:47
Ingo Seifer on tizi Ränzlein at 12:58
Ken Bisconti on 30 Jahre Lotus Notes: Die Hard, Folge 30 :: heise online at 23:55
Jens Huber on 30 Jahre Lotus Notes: Die Hard, Folge 30 :: heise online at 21:17
Frank Stoermer on Paypal muss seinen Service verbessern at 16:29
Volker Weber on Motorola One Hyper at 10:25
Moritz Petersen on Paypal muss seinen Service verbessern at 10:23
Oliver Stör on Motorola One Hyper at 10:22
Maik Endler on Paypal muss seinen Service verbessern at 09:39
Robert Dahlem on Paypal muss seinen Service verbessern at 08:56
John Keys on Paypal muss seinen Service verbessern at 08:43
Hubert Stettner on Paypal muss seinen Service verbessern at 07:35
Sami Bahri on Paypal muss seinen Service verbessern at 07:14
Daniel Kirstenpfad on Paypal muss seinen Service verbessern at 05:01
Thomas Lang on Paypal muss seinen Service verbessern at 01:29
Kristian Raue on Paypal muss seinen Service verbessern at 23:35
Christoph Dierker on Paypal muss seinen Service verbessern at 23:08
felix kluge on Paypal muss seinen Service verbessern at 23:00
Juergen Eichholz on Paypal muss seinen Service verbessern at 22:40
Roland Dressler on 30 Jahre Lotus Notes: Die Hard, Folge 30 :: heise online at 17:04
Maik Endler on 30 Jahre Lotus Notes: Die Hard, Folge 30 :: heise online at 09:55
Harald Gärttner on 30 Jahre Lotus Notes: Die Hard, Folge 30 :: heise online at 08:10

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 12:00

visitors.gif

buy me coffee

Paypal vowe