Google allows 37,000 Chrome users to be tricked with a fake extension by fraudulent developer who clones popular name and spams keywords.pic.twitter.com/ZtY5WpSgLt
Yeah, I do @musllibc, FOSS & infosec stuff. But now is not the time for a mostly-/only-tech Twitter feed.
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
Add this Tweet to your website by copying the code below. Learn more
Add this video to your website by copying the code below. Learn more
By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.
| Country | Code | For customers of |
|---|---|---|
| United States | 40404 | (any) |
| Canada | 21212 | (any) |
| United Kingdom | 86444 | Vodafone, Orange, 3, O2 |
| Brazil | 40404 | Nextel, TIM |
| Haiti | 40404 | Digicel, Voila |
| Ireland | 51210 | Vodafone, O2 |
| India | 53000 | Bharti Airtel, Videocon, Reliance |
| Indonesia | 89887 | AXIS, 3, Telkomsel, Indosat, XL Axiata |
| Italy | 4880804 | Wind |
| 3424486444 | Vodafone | |
| » See SMS short codes for other countries | ||
This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.
Hover over the profile pic and click the Following button to unfollow any account.
When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.
The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.
Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.
Get instant insight into what people are talking about now.
Follow more accounts to get instant updates about topics you care about.
See the latest conversations about any topic instantly.
Catch up instantly on the best stories happening as they unfold.
Google allows 37,000 Chrome users to be tricked with a fake extension by fraudulent developer who clones popular name and spams keywords.pic.twitter.com/ZtY5WpSgLt
Legitimate developers just have to sit back and watch as Google smears them with fake extensions that steal their good namepic.twitter.com/3Tnv4NtY9t
I'm being mean to Google because there's no way their Chrome team is happy with this extension vetting/moderation situation.
[UPDATE] Google: An Update on Malware in the Chrome Web Storehttps://groups.google.com/a/chromium.org/forum/#!topic/security-dev/-WWQ9cFC2nI …
I'm sorry for being mean, Google.
:3 ur welcome @AdblockPlus | https://adblockplus.org/blog/37000-fooled-after-abp-imposter-gets-in-web-store-how-to-make-sure-you-ve-got-the-real-abp …
Update: TWO fake AdBlock Plus, including one with fake user numbers, have been added back to the Chrome extension store, in the same place.pic.twitter.com/duSBJSz6zn
To evade Google filters, attackers have used look-alike Cyrillic Unicode characters in the extension namepic.twitter.com/UvJWjx1Lvy
Homoglyphs are a solved problem: simply collapse them before similarity checks.
The problem is Google has junior teams implementing safety-critical infrastructure like this & no senior review or use of existing solutions
That they're junior is obvious from the awful UI if the extensions site.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.