There is a crucial element missing in the article below: how were the extensions able to execute remote code in their own context? By default, this not possible. (cc. @dangoodin001)https://arstechnica.com/information-technology/2019/07/dataspii-technical-deep-dive/ …
-
-
Nowadays it's best to presume the world wide web is highly hostile to users, and installing a *trusted* content blocker is the best mitigation.pic.twitter.com/iK78ODisqJ
Prikaži ovu nit -
Never install an extension declaring `unsafe-eval`/`unsafe-inline` in its manifest.json file.
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.