Very interesting article!

  • LainTrain@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    4 个月前

    I’m an cybersec MSc and an infosec professional.

    You obviously shouldn’t install closed source or otherwise shady extensions from dodgy authors you don’t know, but on the whole there is very little they can do that you should worry about.

    Most “advice” comes from people who want to sell you something and the infosec industry is mostly a scam to drain B2B procurement budgets plus a few gay furry researchers at defcon who are incomprehensible savants and actual malware authors who do something, unless they just write crappy .NET junk.

    Take for example an average “”“zero-day”“” in 2024: https://arstechnica.com/security/2024/07/threat-actors-exploited-windows-0-day-for-more-than-a-year-before-microsoft-fixed-it/

    This isn’t even a vulnerability. It’s just phishing that requires a user to have file extensions turned off, then download a dodgy as hell .PDF file that isn’t one due to hidden extension, which then uses a milquetoast .hta trojan downloader that only works if one has IE enabled on Windows AND opens the .pdf in MS Edge to pull in reverse shell code via probably psexec of some sort.

    There are so many steps one wonders why not just send a iamnotavirus.exe uac prompt and all to download, compile and run ransomware from vxunderground source code then and there.

    Worrying about stuff like this in browser is akin to using a VPN on public WiFi to avoid MITM attacks, there’s nothing wrong with it but there’s basically nothing to actually worry about there.

    • Plopp@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 个月前

      You obviously shouldn’t install closed source or otherwise shady extensions from dodgy authors you don’t know, but on the whole there is very little they can do that you should worry about.

      Sorry if I’m nitpicky or confused here. You just said it’s obvious that you shouldn’t install closed sourced or otherwise shady extensions. Do you think a normie knows and cares if an extension is open source? And how do they know if an extension is “shady”? And what about legit extensions that get bought by shady people and turned into shady ones long after they’ve been installed and the user base trusts it?