This is great and it’ll cut out a hell of a lot of the noise being generated, hope other browsers followhttps://twitter.com/gibwar/status/933216114925961219 …
-
-
Replying to @troyhunt
Just what we need in the year of the first big browser extension author phishing campaign.
1 reply 0 retweets 0 likes -
Replying to @SimonRWaters @troyhunt
The bad guys were just lazy but they could patch the extension to remove the CSP. Given that, I guess there's little point in us even expecting reports.
1 reply 0 retweets 0 likes -
Browsers could detect removal of CSP and disable the extension, report it to distribution channel as malware.
1 reply 0 retweets 0 likes -
If the endpoint is compromised then it's generally not worth us trying to fix the problem. What about extensions that install fonts to help with visibility or change colours?
2 replies 0 retweets 1 like -
Replying to @Scott_Helme @RichFelker and
Sites can't possibly start whitelisting extensions and banning them all is a terrible user experience.
2 replies 0 retweets 0 likes -
Banning all extensions except UBO would be great UX.
2 replies 0 retweets 0 likes -
Who decides that uBO is allowed and no others? Are they impervious to the author fishing attacks we've seen lately?
1 reply 0 retweets 2 likes
My statement was imprecise and snarky. The functionality of UBO should just be builtin with the browser.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.