Browsers leak installed extensions to sites
“All browsers protect extension data from being accessed directly by websites visited in the web browser. The past has shown however that sites may use various techniques to scan for installed add-ons.
Security researchers have discovered flaws in the extensions systems of all modern browsers that attackers may exploit to enumerate all installed browser extensions.
The attack affects all modern browsers. The researchers confirmed it in Chromium-based browsers, and believe that it affects other browsers like Firefox or Edge which use the same extensions system as well. Firefox’s legacy add-on system is also vulnerable to the attack.
Chromium-based browsers like Google Chrome, Yandex and Opera, and Firefox-based browsers like Firefox or Pale Moon, and Microsoft Edge, are affected.”
– https://www.ghacks.net/2017/08/29/browsers-leak-installed-extensions-to-sites/
Are you identifiable by extensions, logins and your browser?
– https://www.ghacks.net/2017/04/05/are-you-identifiable-by-extensions-logins-and-your-browser/
Firefox resource URI leak Fix
– https://www.ghacks.net/2016/06/12/firefox-resource-leak/
“The add-on No Resource URI Leak has been created to block websites from accessing resource files. Simply install it in Firefox to block websites from accessing resource files. The easiest way to verify that the script is indeed working is to run the Browserleak test. If it returns no information, the add-on works as intended.”
– https://addons.mozilla.org/en-US/firefox/addon/no-resource-uri-leak/
--
Regards
wasbit
Rig 1: Optiplex 3050 SFF
Rig 2: Asus ROG G20CB (rebuilt wreck)
Rig 3: HP Elitebook 8440P
Dear Starfleet, hate you, hate the Federation, taking Voyager. - Janeway
.
