- cross-posted to:
- [email protected]
- security
- cross-posted to:
- [email protected]
- security
Starting in version 1.54, [the browser] Brave will automatically block website port scanning, a practice that a surprisingly large number of sites were found engaging in a few years ago. According to this list compiled in 2021 by a researcher who goes by the handle G666g1e, 744 websites scanned visitors’ ports, most or all without providing notice or seeking permission in advance. eBay, Chick-fil-A, Best Buy, Kroger, and Macy’s were among the offending websites.
this raises my antennae way up but i have to admit, although being probed makes my skin crawl, i don’t actually understand what bad actors can do. it seems bad but that could be fud.
more distressing is the wall of shame; if even slightly true, this is hideous. typing just obvious things i know from just one screenful of a 700±line document: state farm, lending tree, citibank, glassdoor, iberia. for some reason financial firms are heavily represented here.
anyone have any knowledge in this domain? and if it’s an actual problem, what’s the best way to put a ring around it? the actor is inside your browser, so the usual firewall tricks don’t apply.
I don’t have any prior knowledge about it but it looks pretty invasive, I found this interesting article about it:
And this Firefox extension to block sites from scanning local ports:
inside the addons page: eBay is port scanning visitors to their website - and they aren’t the only ones
that one is very interesting if one has any coding background
Well this is disturbing.
Many thanks for the Firefox extension tip!