After reading this article I think I should drop it here in order to raise awareness among us developers, because from my experience I know that a lot of them are not aware that when they browse into a website they can be hacked while passively browsing the content of it, even when the site looks perfectly normal and behaves normal.
Quoting the article:
So all this types of browser attacks will be used to exfiltrate data as you type it, like credentials to login into your bank account or to permanently infect your computer with malware or ransomware.
So we must suspect when a page takes to much time to load or keeps having the spinner active in your tab and hit F12 to look what is doing.
I use 220.127.116.11 in conjunction with Steven Black Hosts File to resolve DNS in order to protect me from sites that are considered dangerous (I will do an article later on this setup). Another alternatives exist for the same but they require active software running on my network and I am not feeling confident in allowing it. I also use Firefox with tracking protection always enabled.
Oh did I mentioned you that now the page load time of the pages I visited are much more faster and free of tracking and ads???
Top comments (3)
You mean Firefox ESR? Would not recommend, switch to Chrome instead if you want good advice.
Also we have discuss it here.
The article is focused on the Tor Browser, but discuss mainly security holes in Firefox ESR (on which is TB based).
I only use the normal release of Firefox in Ubuntu.
Currently Firefox Quantum 63.0.3