D.Draker Posted February 25, 2023 Share Posted February 25, 2023 Cookie Tracking and Stealing using Cross-Site Scripting Difficulty Level : Medium Last Updated : 13 Oct, 2022 https://www.geeksforgeeks.org/cookie-tracking-stealing-using-cross-site-scripting/ 2 Link to comment Share on other sites More sharing options...
Milkinis Posted February 25, 2023 Share Posted February 25, 2023 3 minutes ago, D.Draker said: Read about "file system feature" in Chrome, for example. It has access to your files ! Or scroll back to see how this browser spins up/scans even sleeping HDDs ! do you mean chrome browsers scan all of our files all day long non stop ? I know that some external utilities are able to scan and display stored passwords so the browser is not truly safe (leak-free) but the discussion was about infecting your data files while browsing the web. Link to comment Share on other sites More sharing options...
D.Draker Posted February 25, 2023 Share Posted February 25, 2023 (edited) 4 hours ago, Milkinis said: do you mean chrome browsers scan all of our files all day long non stop ? I know that some external utilities are able to scan and display stored passwords so the browser is not truly safe (leak-free) but the discussion was about infecting your data files while browsing the web. I don't know about "non-stop", I suspect it happens on start, but this information is widely available, could be easily found, like the example I gave you above about stealing ones cookies. EDIT : @Milkinis, in theory, there are methods to switch off the "file system" , I'm not sure about the success though. Edited February 25, 2023 by D.Draker 2 Link to comment Share on other sites More sharing options...
D.Draker Posted February 25, 2023 Share Posted February 25, 2023 3 hours ago, Milkinis said: chrome browsers Firefox aint better, there was a good topic here on how it leaks your data to russian yandex (with proof , screenshots , etc ). 3 Link to comment Share on other sites More sharing options...
D.Draker Posted February 25, 2023 Share Posted February 25, 2023 3 hours ago, Milkinis said: the browser is not truly safe Found them ! https://msfn.org/board/topic/183138-mozilla-and-firefox-has-turned-into-evil-and-lie-to-their-userbase-leave-it-and-go-for-alternatives/?do=findComment&comment=1207584 3 Link to comment Share on other sites More sharing options...
Milkinis Posted February 25, 2023 Share Posted February 25, 2023 Android is even worse as far as security goes than any Windows edition... and guess what there are far more people doing banking or online shopping with a phone than with a computer. when it comes to security as mentioned before XP is not the main target for stealing bank credentials. Link to comment Share on other sites More sharing options...
Milkinis Posted February 25, 2023 Share Posted February 25, 2023 7 minutes ago, D.Draker said: Firefox aint better, there was a good topic here on how it leaks your data to russian yandex (with proof , screenshots , etc ). Firefox forks ? security researchers found out back in 2020 some unexpected telemetry connections during start up on the original Firefox Quantum toward Mozilla servers. I can't recall if they were using WireShark or a more sophisticaded tool. like this https://www.reddit.com/r/PrivacyGuides/comments/z6rq1f/this_study_says_firefox_leaks_a_lot_of_info_and/ 2 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 25, 2023 Author Share Posted February 25, 2023 (edited) re: cookie steeling This is one of the biggest reasons I have never understood why people want to "save" tabs and even logins from one browsing session to the next. And even complain that a browser isn't "portable" if their logins can't be carried between different computers. There are people here at MSFN that would "complain" that they can't close 360Chrome with a HUNDRED PLUS tabs open and wonder why their next "session-restore" would be SLOW because they WANT their next launch to open those HUNDRED PLUS tabs !!! Never made one lick of sense to me! I clear all cookies, tabs, cache, et cetera with every exit! And I never log into any bank account without that being the ONLY thing I do during that browsing session. Edited February 25, 2023 by NotHereToPlayGames 1 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 25, 2023 Author Share Posted February 25, 2023 Said it before, will say it again - never allow javascript by default! This alone will prevent 99.9999999% of "security vulnerabilities". No, I don't know the "exact" percentage, but 9 nine's has to be pretty close! 1 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 25, 2023 Author Share Posted February 25, 2023 On 2/18/2023 at 6:50 PM, Cocodile said: here ya go, captured the error for you. Recently others wrote about the same not working Mega. Following up on this. My error console does show this Content Security Policy error when downloading Mypal.68.13 which is distributed via mega.nz. Perhaps mega.nz WORKS for my 360Chorme v13.5 build 1030 and not for C...dile is that I block access to cdnjs.cloudflare.com that mega.nz attempts to connect to. I also have to allow "fetch" in uMatrix for mega.co.nz. At any rate, mega.nz DOES WORK even though that Content Security Policy is being displayed in the error console. Link to comment Share on other sites More sharing options...
Milkinis Posted February 25, 2023 Share Posted February 25, 2023 9 hours ago, NotHereToPlayGames said: This is one of the biggest reasons I have never understood why people want to "save" tabs and even logins from one browsing session to the next. because it's annoying to move from a forum (or website) to another one and log in every time you startup your browser. Link to comment Share on other sites More sharing options...
Milkinis Posted February 25, 2023 Share Posted February 25, 2023 9 hours ago, NotHereToPlayGames said: There are people here at MSFN that would "complain" that they can't close 360Chrome with a HUNDRED PLUS tabs open and wonder why their next "session-restore" would be SLOW because they WANT their next launch to open those HUNDRED PLUS tabs !!! hundred's ? unless you patch the 32-bit edition it won't be able to load that many tabs at a time due to the RAM limitations. however with Serpent 52 this is not an issue, I have already had 300-400 active tabs in a single session, but beyond 100 tabs it struggles quite a bit Link to comment Share on other sites More sharing options...
D.Draker Posted February 25, 2023 Share Posted February 25, 2023 22 hours ago, NotHereToPlayGames said: re: cookie steeling This is one of the biggest reasons I have never understood why people want to "save" tabs and even logins from one browsing session to the next. And even complain that a browser isn't "portable" if their logins can't be carried between different computers. There are people here at MSFN that would "complain" that they can't close 360Chrome with a HUNDRED PLUS tabs open and wonder why their next "session-restore" would be SLOW because they WANT their next launch to open those HUNDRED PLUS tabs !!! Never made one lick of sense to me! I clear all cookies, tabs, cache, et cetera with every exit! And I never log into any bank account without that being the ONLY thing I do during that browsing session. Not sure what you meant by "cookie steeling", could it be your special English version again ? If you meant hardening, it's another subject . It is called cookie stealing. And no matter what, they aren't only classic cookies per se, they could be in the worker folder , also a form of never deleted cookies . Mega uses this form of a cookie to fingerprint you , there was an explanation from their support some time ago, they told it needs to be done to limit you to 1GB or so (not sure how much exactly). So the security error you all see, is pretty much it. 2 Link to comment Share on other sites More sharing options...
NotHereToPlayGames Posted February 26, 2023 Author Share Posted February 26, 2023 1 hour ago, D.Draker said: steeling stealing NOBODY cares! And I do mean **NOBODY** Is it a "god complex" that hass ewe corecttinng evveryyboddy's speellinng missteaks ??? Link to comment Share on other sites More sharing options...
D.Draker Posted February 26, 2023 Share Posted February 26, 2023 3 hours ago, NotHereToPlayGames said: NOBODY cares! And I do mean **NOBODY** Is it a "god complex" that hass ewe corecttinng evveryyboddy's speellinng missteaks ??? It's literally another word/meaning what you wrote, a typo would be smth like steering. So one could have assumed you meant hardening (strong as steel). I didn't know you had a god complex, sorry, I had no clue you would react this way to a simple doubt about what you meant . 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now