paintingvef.blogg.se - Use brave browser

USE BRAVE BROWSER SOFTWARE

Brave will include a new permission called the “localhost” permission.

Brave will continue to use filter list rules to block scripts and sites known to abuse localhost resources.

Requests to localhost resources, from a localhost context are allowed automatically Brave does not block a locally hosted page from accessing other locally hosted resources.

Brave already blocks scripts known to maliciously scan localhost resources and block requests from public sites to localhost resources. They could also try to determine if you have some vulnerable products running on your device and then come back with an exploit.įrom Brave version 1.54 and up, this will no longer be possible. By doing so, someone now has a picture of you built up and can potentially track you across the web.

USE BRAVE BROWSER SOFTWARE

As Brave explains, fingerprinting scripts will try to figure out the combination of software running on your system. Lots of dubious software can use the access to localhost resources to get up to mischief. Examples include some wallets for cryptocurrencies, security software provided by banks or security companies, and hardware devices that use certain Web interfaces for configuration. a small but important amount of software has been built expecting to be freely accessible by websites, often in ways invisible to users. Browsers are allowed to access these resources, and, on top of that, some software has been built to be accessible to websites with no malicious intention behind it. While you may think everything is being served up from the web, some aspects of what you see in a browser are being hosted by software on your computer. The issue Brave is tackling is one related to how browsers typically work.

Brave claims that many popular browsers allow websites to “access local network resources without protection or restriction, which puts users’ privacy and security at risk.” For example, an organisation’s IT team may do this to ensure everything is working as expected and close any potential gaps which may have been missed.Īs Ars Technica notes, a 2021 list of sites compiled by a researcher makes it clear that many major sites are, or have been, involved in this practice. It’s worth noting that scanning is not by default a malicious activity. Port scanning involves scanning a computer network for open ports, which can then be exploited by individuals up to no good to gain unauthorised access or gather information about potential system vulnerabilities. Well, let’s start at the beginning with a rundown of what port scanning actually is.

You may expect some antics related to cookies and perhaps the occasional tracking beacon, but port scanning? You may well not have even been aware that sites do such a thing. Port scanning, I hear you cry? Yes indeed. Websites performing port scanning will now be automatically blocked beginning with version 1.54 of the browsing tool. If you use Brave browser, then you’re shortly going to find you have a new string added to your security bow.