Posted on 03/20/2021 11:35:15 AM PDT by Swordmaker
If you want on or off the Apple/Mac/iOS Ping List, Freepmail me.
Ping for your attention
Thanks to Freeper Mark17 for the heads up...
Kind of light on details. html5 is pretty functional these days and will do things only jacascript would do a few years ago.
Hmmm. Maybe something related to css image urls?
Thanks to Swordmaker for the ping!
I don’t want to dismiss or diminish the problems of malware in technology today. But, aren’t most - or at least many - of these kinds of exploit warnings largely theoretical in nature?
Thanks for the heads up. I wonder if a VPN eliminates vulnerability.
You are vulnerable to attacks when you view web pages. Viewing them through a VPN doesn't change anything. You are still connecting to remote hosts and downloading content.
Hmmm, which browser?
HTML and CSS are rendered onscreen by the browser. So, safari or brave or firefox or chrome are the one executing the code.
In before the “Buy a ?” squad....LoL
This article is bordering on useless. What’s the vulnerability? Is it remote code execution (RCE)? Data exfiltration? Privacy breach? They just say “oh, there’s this vulnerability. It doesn’t require Javascript.” Great! Thanks. What’s it do?
I am completely illiterate about any and all of this, just wanted to mention what’s been happening when I’m on facebook. Multiple pages open up, 15 to 20 sometimes, of anything I scroll past on facebook, ads, pictures someone posts, anything. It seemed to only be when I was on fb but about 20 minutes ago I opened a link someone posted on here, on another thread, and 2 additional pages of the same link opened up. Not sure if it indicates a hack or what and no idea how to stop it.
I have a Lenovo ThinkPad laptop, given to me by a friend, and Windows 10. I use Firefox for a browser and a couple of months ago switched to DuckDuckGo for a search engine, had google before that.
Thanks..and sorry for posting a possible unrelated issue.
The researchers say no, VPN is not a help. The article does not say why.
I still use Win7 for my general searches, which are benign, and freerepublic. Anything else I use Oracle Virtualbox.
.
Did a little digging on this - for the average person it’s not going to be a big deal.
This is once again some hacks getting their masters thesis by writing papers on stating the obvious.
What they’ve “proven” is that they can figure out things about the physical characteristics about your computer - like memory speed, CPU type, power consumption, etc via the scary term “side-channel attack”
https://www.wired.com/story/what-is-side-channel-attack/
This isn’t all that complex - regardless of VPN and browser security you STILL pull down web page info from the server. CSS still has some scripting features (for stuff like animation and scaled scrolling) so stick a little processing for animation in there that changes how things are loaded and voila, the server knows some things about the computer it sends data too.
At BEST - the most information they’re going to get from you is a hardware fingerprint - but that’s not going to mean anything because all MacBook 13” M1s are the same hardware!!!
In an spy situation it gets a little more serious because you can figure out a profile and maybe usage patterns on a group or business and focus any hacking efforts - but in the grand scheme of things it’s nothing to worry about.
article says vpn does not
Guys, a VPN only takes your internet traffic encrypts it between your pc and it’s exit server wherever in the world it is. It only protects you from local network vulnerabilities and attacks. It doesn’t prevent you from getting infected from a compromised web site.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.