Registar

User Tag List

Likes Likes:  0
Página 3 de 7 PrimeiroPrimeiro 12345 ... ÚltimoÚltimo
Resultados 31 a 45 de 96

Tópico: Google Chrome

  1. #31
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Chrome to Get Faster with New JavaScript Techniques


    Chrome was built with speed as one of the primary missions since its start back in 2008 and now the coders have come up with the next thing to help make it even faster. Chrome is introducing two techniques called script streaming and code caching designed to reduce that painful waiting time spent staring at a white screen, especially on mobile devices.
    The script streaming optimizes the parsing of JavaScript files where previous versions of Chrome would download a script in full before beginning to parse it, an inefficient way to deal with data. Starting in version 41, Chrome parses async and deferred scripts on a separate thread as soon as the download has begun. This means that parsing can complete just milliseconds after the download has finished, and results in pages loading as much as 10% faster. It’s particularly effective on large scripts and slow network connections.

    Code caching is the second new technique that helps speed up page loading, specifically on repeated visits to the same page. Chrome 42 introduces an advanced technique of storing a local copy of the compiled code, so that when the user returns to the page the downloading, parsing, and compiling steps can all be skipped. This allows Chrome to avoid about 40% of compile time across all page loads.
    Thanks to Chromium for providing us with this information
    Noticia:
    http://www.eteknix.com/chrome-to-get...pt-techniques/
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  2. #32
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    At Pwn2Own, Chrome Is First, IE Last In Browser Security

    Pwn2Own is a browser security competition where security researchers who have been working on finding vulnerabilities in web browsers for the past year try to win significant monetary prizes from companies such as Google, Microsoft, Apple and Mozilla. The flaws are usually found after months of work. At Pwn2Own they have only 30 minutes to demonstrate their hacking capability and beat the browsers' security before the others in the competition. The first to show a browser exploit in the given timeframe wins the prize. Multiple such prizes are given throughout the Pwn2Own competition.
    In the second day of Pwn2Own, security researchers managed to expose multiple vulnerabilities. All of the participating web browsers were ultimately hacked. However, Chrome only had one flaw discovered, and writing the exploit for it was the hardest, according to the researcher who managed to do it.

    Internet Explorer was the least secure browser of the bunch, with five vulnerabilities found. The researchers also found five vulnerabilities in the Windows operating system.

    • 5 bugs in the Windows operating system
    • 4 bugs in Internet Explorer 11
    • 3 bugs in Mozilla Firefox
    • 3 bugs in Adobe Reader
    • 3 bugs in Adobe Flash
    • 2 bugs in Apple Safari
    • 1 bug in Google Chrome
    A total of $557,500 was paid out to researchers. Korean Jung Hoon Lee who wrote the 2,000 lines of code exploit for Chrome was also the one to hack into some of the other browsers, managing to take home almost half of the total payout for himself. Lee won $225,000 at the Pwn2Own competition in bounty prizes, of which $110,000 he got in just two minutes.
    Over the past few years, IE and Firefox have traded off being in last place, but Chrome is usually consistently the one with the least vulnerabilities. Google created Chrome from the beginning with security in mind (the process sandbox, as well as other security features), so it's not too surprising to see it again be the most robust.
    IE on the other hand has too much legacy code it has to worry about, but hopefully things will change in terms of security as well if Microsoft's new browser, "Project Spartan," has a more prominent role in Windows 10.
    Mozilla also intends to replace more parts of its browser with components written in the memory-safe Rust language, which can help protect against common security vulnerabilities. However, a few more years will probably pass until that happens.



    Noticia:
    http://www.tomshardware.com/news/pwn...ity,28797.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  3. #33
    Moderador Avatar de Winjer
    Registo
    Feb 2013
    Local
    Santo Tirso
    Posts
    12,672
    Likes (Dados)
    30
    Likes (Recebidos)
    208
    Avaliação
    4 (100%)
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Afinal o Google Chrome é mais vulnerável que o IE

    Quando o assunto são vulnerabilidades ao nível das aplicações, o Internet Explorer é por norma aquele software a quem se aponta de imediato o dedo mesmo sem se ter, muita das vezes, informação que confirme tal acusação.Um estudo recente da Secunia vem agora provar que afinal o Google Chrome é mais vulnerável que o Internet Explorer. Mas há mais casos “complicados nesta lista!


    De acordo com o relatório de vulnerabilidades de 2015, produzido pela Secunia, o Google Chrome lidera a lista com 504 vulnerabilidades, seguido do Oracle Solaris (483), Gentoo Linux (350) e a quarta posição pertence ao tão “famoso” Internet Explorer (289).
    A Apple com o Mac OS X está na décima terceira posição com o 147 vulnerabilidades e o Windows 8 ocupa a vigésima posição com 105 vulnerabilidades.
    A Microsoft apenas tem dois “programas” na lista negra sendo que a IBM domina este TOP 20 com 8 entradas.

    Todos os dados foram recolhidos da ferramenta Personal Software Inspector (PSI), que pertence à própria Secunia e está instalado em milhões de computadores, que registou só no ano passado 15,435 vulnerabilidades, um número bastante elevado face aos anos anteriores.
    O estudo revela ainda que no caso de vulnerabilidade, se o patch não for disponibilizado no próprio dia, então é provável que demore algum tempo. Relativamente ao Open Source, muitos programadores demoram uma eternidade para resolver pequenos falhas de segurança.
    Secunia Vulnerability Review
    Holy shit! Será mesmo assim?
    Eu estou a usar o chrome....
    Ryzen R5 3700X / Noctua NH-D15 / B550 AORUS ELITE V2 / Cooler Master H500 Mesh / 16Gb DDR4 @ 3800mhz CL16 / Gigabyte RTX 2070 Super / Seasonic Focus GX 750W / Sabrent Q Rocket 2 TB / Crucial MX300 500Gb + Samsung 250Evo 500Gb / Edifier R1700BT


  4. #34
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Google removes 200 ad-injecting Chrome extensions that had malware

    Google has kicked off April with quite a bang, announcing that it has removed almost 200 ad-injecting Chrome extensions, which were exposing users to malware, and all sorts of other nasties.


    More than a third of these Chrome extensions were injecting ads that were recently classified as malware, with researchers finding 192 deceptive Chrome extensions that had affected a huge 14 million people. Google officials have removed those extensions, and pushed in new techniques that will catch any new, or updated extensions that try to abuse users.

    The study also found that there is widespread use of ad injectors for other browsers, not just Chrome, on both Windows and OS X. Over 5% of people visiting Google sites have at least one ad injector installed, and within that group, half of those half two injectors installed. Scarily, nearly one-third have at least four installed.


    Read more at http://www.tweaktown.com/news/44385/...are/index.html


    Talvez isto explique as vulnerelabilidades do Chrome
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  5. #35
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Google To Remove China's Root Certificate Authority From Chrome Over Ties To Forged Certificate


    Last week, Google's security engineers wrote a post about an intermediate certificate authority (CA) called MCS Holdings that issued some unauthorized digital certificates for Google's domains. The intermediate certificate for MCS Holdings was issued by CNNIC, China's main root certificate authority. Google believes CNNIC is also responsible for that forged certificate and has decided to remove it from Chrome.

    The Problem With Rogue CAs

    When a certificate authority issues false certificates that allow for unsecure connections and traffic interception, browser vendors usually respond by banning that CA and revoking its issued certificates.
    This sort of policy is important because the security model of the Web is rather vulnerable, having to depend on thousands of random certificate authorities and a few root CAs. These root CAs may even have strong ties to their local governments, and depending on the government, their intentions may not always be to the benefit of everyone on the Web.
    If browser vendors would allow the rogue CAs to break Internet security, even after they catch them doing it, then it could create a domino effect, and the security of the Web could fall apart. More CAs could start taking risks and forging certificates for various benefits, knowing that the browser vendors won't punish them.
    Also, if more people would see that their browsers continue to trust less trustworthy certificate authorities, they would eventually stop trusting HTTPS connections, too (which are useful for secure online banking, e-commerce, and stopping traffic interception, among many other things).
    Therefore, banning bad CAs seems like the most reasonable thing to do within the current security model of the Web as a deterrent for other CAs to avoid the same mistake.
    Banning The CNNIC Root CA

    Although this is usually expected to happen, few thought Google or any other browser vendor would go as far as to ban not just MCS Holdings, but also China's root certificate authority, CNNIC. Yet, this is exactly what Google has just announced.
    In a future update, the CNNIC root certificate will be revoked. For the time being, Google will continue to allow CNNIC's certificates to be used in Chrome through a publicly disclosed whitelist. After that, before it asks for reinclusion in the Chrome root store, CNNIC must adopt the Certificate Transparency system that Google has been proposing for the past few years.
    Certificate Transparency



    Although right now Google can quickly identify when forged certificates are issued for its domains, thanks to certificate pinning in Chrome, this solution isn't scalable and usually works only for Google's own websites. For that reason, Google came up with the Certificate Transparency project, which provides an "open framework for monitoring and auditing SSL certificates in nearly real time."
    The main goals of Certificate Transparency are:

    • Make it impossible (or at least very difficult) for a CA to issue an SSL certificate for a domain without the certificate being visible to the owner of that domain.
    • Provide an open auditing and monitoring system that lets any domain owner or CA determine whether certificates have been mistakenly or maliciously issued.
    • Protect users (as much as possible) from being duped by certificates that were mistakenly or maliciously issued.
    Because it's an open framework, anyone can verify the basic components that make Certificate Transparency work. This open system should bring a certain degree of improvement to the current CA model where it's hard to even know when a certificate against a certain site has been forged.
    China's CNNIC responds

    Although Google seems to imply that CNNIC has already agreed to implement Certificate Transparency for its certificates before it's reincluded in Chrome, the root CA responded publicly today by using a completely different tone:
    “1. The decision that Google has made is unacceptable and unintelligible to CNNIC, and meanwhile CNNIC sincerely urge that Google would take users' rights and interests into full consideration.
    2. For the users that CNNIC has already issued the certificates to, we guarantee that your lawful rights and interests will not be affected."
    Other Browser Vendors Have Yet To React

    Although Chrome is arguably the most popular web browser today (especially when including its mobile market share), it still has only about a third of the browser market. For this move to be completely effective, Mozilla, Apple and Microsoft might have to do what Google did and remove CNNIC from their certificate root store.
    Right now, Mozilla seems to be at least considering limiting CNNIC new certificates in its browser. However, it doesn't currently plan to remove CNNIC from the root store, unless the Chinese root CA doesn't agree to its set of requests in order to have some form of verification for its certificates.

    • Do not remove the CNNIC root, but
    • Reject certificates chaining to CNNIC with a notBefore date after a threshold date
    • Request that CNNIC provide a list of currently valid certificates, and publish that list so that the community can recognize any back-dated certs
    • Allow CNNIC to re-apply for full inclusion, with some additional requirements (to be discussed on this list)
    • If CNNIC's re-application is unsuccessful, then their root certificates will be removed
    Apple has been in a security promotion campaign lately and has even had some security troubles in China. Therefore, it wouldn't be too far-fetched for the company to follow in Google's footsteps. At the same time, Apple is seeing rapid growth for its iPhones in China, so it remains to be seen whether it will back Google on this, or whether it will compromise in order to maintain a good relationship with the Chinese government there and not harm its sales in any way.
    China hasn't always treated Microsoft well either, especially more recently when the government announced the banning of Windows 8 from government institutions. However, Microsoft has a relatively long history of giving in to China's censorship or surveillance requests, so it's once again hard to predict whether the company would follow Google's bold move to ban CNNIC from Internet Explorer (and Project Spartan).
    As usual, when security is involved, the weakest leak can make the whole system fall apart. In the same way, having some of the major browser vendors fail to agree to punish the rogue certificate authorities for issuing fake certificates could set a dangerous precedent.
    Noticia:
    http://www.tomshardware.com/news/goo...-ca,28873.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  6. #36
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Google releases Chrome 42, which includes push notifications

    Google has just pushed out Chrome 42, which now includes the new Push API and Notifications API. These two new APIs "allow websites to send notifications to web surfers even after they've closed or navigated away from said site", reports Techspot.


    The Mountain View-based giant stops websites from being overly forward with its notifications, as it mandates that developers must have consent for permission to its the Push API. If your system doesn't automatically update to Chrome 42, you can always grab the latest version of it, for Windows, from here.

    Noticia:
    http://www.tweaktown.com/news/44591/...ons/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  7. #37
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    New Google Chrome Update Will No Longer Support Java


    Chrome Version 42; The answer to life, the universe and everything?
    Not for much longer as Google have deprecated NPAPI, NPAPI stands for Netscape Plug-in API. A feature of Chrome to allow extensions to interface with the local machine.
    This doesn’t come as a surprise though, Google started their efforts to remove support more than a year ago. Google have kept the option to re-enable the support for NPAPI of you really, really need it, however, they do plan to remove the functionality as of September this year.
    The disabling of this feature will mean a large impact to several extensions and plugins that are available for the browser, such as Java. Chrome will now refuse to run the Java plugin as default. Severely minimizing the attack vector against the browser and more importantly, your personal data.
    Apps have now started to be removed from the Google Web Store now. Google state the following:
    “In April 2015 (Chrome 42) NPAPI support will be disabled by default in Chrome and we will unpublish extensions requiring NPAPI plugins from the Chrome Web Store. All NPAPI plugins will appear as if they are not installed, as they will not appear in the navigator.plugins list nor will they be instantiated (even as a placeholder). Although plugin vendors are working hard to move to alternate technologies, a small number of users still rely on plugins that haven’t completed the transition yet. We will provide an override for advanced users (via chrome://flags/#enable-npapi) and enterprises (via Enterprise Policy) to temporarily re-enable NPAPI (via the page action UI) while they wait for mission-critical plugins to make the transition. In addition, setting any of the plugin Enterprise policies (e.g. EnabledPlugins, PluginsAllowedForUrls) will temporarily re-enable NPAPI.”
    The team are not the only people pushing for the end of Java in the web browser. The developers of Minecraft and the US government have taken serious steps to mitigate user exposure to the exploits of Java vulnerabilities.
    Thanks to TheRegister for this information
    Noticia:
    http://www.eteknix.com/new-google-ch...-support-java/
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  8. #38
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Password Alert is a new Chrome extension designed to defend against phishing



    The best IT security in the world is useless if a user mistakenly tries to log into a phony site they believe is legitimate. A simple mistype of a URL or a clever phishing attempt is often all it takes to lure some users into voluntarily giving up their credentials.
    Google has come up with a new anti-phishing extension for Chrome called Password Alert it hopes can help fight against phishing. As the name suggests, the extension is designed to alert users if they’re about to (or already have) entered their Google account credentials into a non-Google property.
    Upon installation, Password Alert will initialize itself the next time you enter your password into accounts.google.com. Each time you sign into a Google account, the extension saves a salted reduced-bit thumbnail of your password to Chrome local storage. This is then compared to each password you enter into any other website.

    Although not explicitly expressed, the extension is also designed to help teach better password practices by encouraging users to not use the same password for multiple accounts.
    Eran Feigenbaum, Google’s Director of Security for Google Apps for Work, said the company has been using a very similar tool internally the the past few years. He added that even Google staffers regularly fall for phishing attacks.
    As of now, Password Alert only works with Google and Google for Work accounts. The good news, however, is that the code is open source so it can be implemented by other sites and services in the future.
    Noticia:
    http://www.techspot.com/news/60518-p...d-against.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  9. #39
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Google Opens Chromium Dev Channel To Android Platform

    Developers have a new tool for testing their websites on Chrome for Android, thanks to a Dev channel Google just released. Google has long made the Dev channel available to ChromeOS, Linux, Mac and Windows. Now, Android is part of the crew.


    The Dev channel ends up being a two-way street. Google gets your direct feedback on its pre-release Chrome features so it can weed out bugs before the version goes mainstream. The benefit for you is that you can see how the upcoming version of Chrome will handle your website. You’ll get an early look at potential problems, but you also get a sneak peek at features that you might want to take advantage of.

    Obviously, this version of Chrome for Android is going to occasionally have problems and isn’t meant to be something you rely on for important tasks – that’s what the official version of Chrome is for. “Life on the Dev channel can be rocky at times, so on Android it installs side-by-side with any other version of Chrome you have on your device,” Google’s Chrome Technical Program Manager, Jason Kersey, said in a blog post.

    Google plans to update the dev channel weekly and has already put up a feedback form you can use to report bugs or other issues.

    Noticia:
    http://hothardware.com/news/google-o...GeSp0h1j72V.99
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  10. #40
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Google Tweaks 'Password Alert' After Researcher Bypasses It With 7 Lines Of Code

    You have to respect that Google is trying to help its users avoid unwittingly giving away their passwords, but it’s a little unnerving that a researcher was able to neutralize the Password Alert notification so soon after it appeared. Google fixed the vulnerability quickly and immediately spread the word that a new version of the extension is available for users.


    Password Alert is designed to give you a notification when you enter your Gmail password into a site that isn’t a Google site. The concept is good – if you are unknowingly entering your password into a phishing site, this notification should give you a heads up before you hand over your login info. Of course, it only works when the notification appears. Paul Moore managed to kill the notification as soon as it appears, making it so you won’t notice the notification at all. The attack requires only seven lines of code.


    As we mentioned, Google responded quickly and updated the extension to version 1.4 to prevent this kind of attack. It looks as though Password Alert may still be vulnerable, as Paul Moore announced this morning on Twitter that there is already a new bypass.

    Noticia:
    http://hothardware.com/news/google-t...zmJFzpDjXxF.99
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  11. #41
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Chrome now used by 25-50% of web surfers, depending on who you ask

    Google’s Chrome web browser has surpassed the 25 percent browser market share milestone, jumping 0.69 percentage points to finish at 25.68 percent according to the latest numbers from web analytics firm Net Applications. What's funny about these numbers is that they are very far off from other measurements by competing firms. According to StatCounter, Chrome is not only the most popular mobile browser without tablets but also with them counted in. StatCounter stats had Chrome surpassing the 50% share of the desktop browser market last January.
    Internet Explorer continues to be drop in usage while Mozilla’s Firefox usually ranks second when looking at desktop PCs, and third when looking at all devices (mobile, tablet, desktop) behind Chrome + Android and Safari (OS X and iOS).

    Last week was big for Microsoft as it finally gave Project Spartan an official name, Microsoft Edge. Based on what we’ve seen of the browser thus far, it looks to be a solid solution with a fresh new look, deep Cortana integration and some nifty new features like annotation and Reading Mode. IE11 in particular is not bad, and Edge will be based on some of its technology, but Microsoft cleverly has dropped the IE name and is looking to start off fresh.

    How it’ll actually handle day-to-day web surfing, however, will likely be the deciding factor for most.
    Noticia:
    http://www.techspot.com/news/60554-c...b-surfers.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  12. #42
    Moderador Avatar de Winjer
    Registo
    Feb 2013
    Local
    Santo Tirso
    Posts
    12,672
    Likes (Dados)
    30
    Likes (Recebidos)
    208
    Avaliação
    4 (100%)
    Mentioned
    7 Post(s)
    Tagged
    0 Thread(s)
    Google working to fix Chrome high RAM usage

    Chances are, if you use Google Chrome, you have noticed just how much RAM the browser tends to eat up. Well, Google’s development team is also aware of this and is now working on a fix, which will hopefully make Chrome use up fewer resources.Currently Chrome creates a new process for each tab and instance of the browser opened. This can make the browser sluggish on some machines and a battery life nightmare for mobile users. Speaking during a Reddit AMA session late last week, a Chrome for Android engineer said: “We are actively working on reducing battery usage and we are looking into when Chrome is in the foreground and in the background.”

    “Since its inception Chrome has been focusing on security and performance of the web across all supported platforms. Performance sometimes has come at the cost of resource usage, but given the importance of the mobile platform this is one of the top things we are looking into.”
    While mobile is a big focus, Google has not forgotten about desktop users. On the desktop side, Google is currently trying to fight memory leaks: “We are profiling Chrome to improve our start-up speed and proactively fighting memory bloat and memory leaks. For example, this year the first gesture latency and mean input latency has decreased steadily.”
    Finalmente!
    Ryzen R5 3700X / Noctua NH-D15 / B550 AORUS ELITE V2 / Cooler Master H500 Mesh / 16Gb DDR4 @ 3800mhz CL16 / Gigabyte RTX 2070 Super / Seasonic Focus GX 750W / Sabrent Q Rocket 2 TB / Crucial MX300 500Gb + Samsung 250Evo 500Gb / Edifier R1700BT


  13. #43
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Popular Chrome extension Hola sold your bandwidth for botnets

    One of the most popular VPN extensions for Google Chrome, Hola, has been caught out selling its users’ “idle resources”, like your bandwidth, via a separate company for botnet use. This means that users of Hola likely had their bandwidth sold for DDOS attacks.
    Hola was often used as a way for people outside of the US to access video on demand content, such as geo-blocked YouTube videos or Netflix. The brand used to sell off bandwidth is known as the Luminati VPN network. The problem was first discovered over on the 8Chan forum boards, as the site was the target of a DDOS attack, that seemingly came from Hola’s network.

    8Chan made a little post about Hola, stating: “Hola ‘Better Internet’ is an extremely popular free VPN. How it works is not very clear to all its users though, as I quickly became aware in the past week when 8chan was hit by multiple denial of service attacks from their network. When a user installs Hola, he becomes a VPN endpoint, and other users of the Hola network may exit through his internet connection and take on his IP. This is what makes it free: Hola does not pay for the bandwidth that its VPN uses at all, and there is no user opt out for this.”
    “Hola was created by the Israeli corporation Hola Networks Limited at the end of 2012, and at first was just the VPN service. However, Hola has gotten greedy. They recently (late 2014) realized that they basically have a 9 million IP strong botnet on their hands, and they began selling access to this botnet. An attacker used the Luminati network to send thousands of legitimate-looking POST requests to 8chan’s post.php in 30 seconds, representing a 100x spike over peak traffic and crashing PHP-FPM.”
    Hola’s founder, Ofer Vilenski, has claimed that the company has always been upfront about its business practices. However, the amount of outrage users have expressed tells a very different story. This Reddit thread for instance, is filled with people who had no idea what Hola was doing.
    Noticia:
    http://www.kitguru.net/channel/gener...h-for-botnets/
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  14. #44
    Tech Membro Avatar de DHunt3r
    Registo
    Oct 2014
    Local
    guimaraes
    Posts
    825
    Likes (Dados)
    0
    Likes (Recebidos)
    0
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    isso nao quer dizer mais RAM para o senhor google chrome?

  15. #45
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Chrome starts saving batteries



    Saving the universe from Flash

    Google's latest beta feature on Chrome has come up with a method of killing off battery draining flash heavy sites.


    On the latest beta Chrome is a new toggle that lets users select which Flash content will be automatically played and which content will not.
    Google has been working closely with Adobe to create this feature and make sure that only content that "isn't central to the webpage" gets blocked. If anything gets accidentally filtered then you can simply click on it to resume.
    This feature might also improve battery life on mobile devices like laptops. It is still useful but it probably have been more useful a few years ago or if you visit porn sites – or so we are told.
    It will be coming to stable desktop builds in the next few months.
    Version 23 also gives users an option to send a "do-not-track" request to websites and online services, although Google warned that this feature's effectiveness depends on how the sites and services field these requests.
    Chrome 23 also consolidates in an icon next to the URL a website's permission settings for things like geolocation identification, pop up messages and camera-microphone access.
    You can click on the page/lock icon next to a website's address in the omnibox to see a list of permissions and tweak them as you wish.
    Security fixes include one flaw which is mostly an Apple iOS one. This defends against wild writes in compromised graphics drivers.
    Google fixed 13 other security vulnerabilities, including five rated High and seven rated Medium.
    Noticia:
    http://www.fudzilla.com/news/37928-c...ving-batteries
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

 

 
Página 3 de 7 PrimeiroPrimeiro 12345 ... ÚltimoÚltimo

Informação da Thread

Users Browsing this Thread

Estão neste momento 1 users a ver esta thread. (0 membros e 1 visitantes)

Bookmarks

Regras

  • Você Não Poderá criar novos Tópicos
  • Você Não Poderá colocar Respostas
  • Você Não Poderá colocar Anexos
  • Você Não Pode Editar os seus Posts
  •