A security change in Chrome you would be wise to correct
|
Gene
Given the increasing popularity of Chrome among
blind users, this article from Kim Komando is important. The Chrome
designers are implementing a change which is very bad for security, dumbing down
the product for asthetics. Let's hope the protests from security experts
and others cause them to remember that they are not supposed to do harm, as part
of their founding principles.
See this article:
Gene |
|
|
|
Ervin, Glenn
With regards to Chrome, Has anyone else had ads popping up when Chrome is open? After I close Chrome, I have to bring up the task manager and close several more instances of it to keep the pop-up ads from happening. Chrome loads itself with multiple instances for more stability, each instance for a different process. But I have gone through settings and seemingly turned off anything related to pop-ups and notifications, and it still happens. Thanks. Glenn
From: nvda@nvda.groups.io <nvda@nvda.groups.io>
On Behalf Of Gene
Sent: Tuesday, September 11, 2018 10:01 AM To: nvda@nvda.groups.io Subject: [nvda] A security change in Chrome you would be wise to correct
Given the increasing popularity of Chrome among blind users, this article from Kim Komando is important. The Chrome designers are implementing a change which is very bad for security, dumbing down the product for asthetics. Let's hope the protests from security experts and others cause them to remember that they are not supposed to do harm, as part of their founding principles.
See this article:
Gene |
|
|
|
Gene
Adware. What antimalware programs do you
run?
Gene ----- Original Message -----
From: Ervin, Glenn
Sent: Tuesday, September 11, 2018 10:21 AM
Subject: Re: [nvda] A security change in Chrome you would be wise to
correct With regards to Chrome, Has anyone else had ads popping up when Chrome is open? After I close Chrome, I have to bring up the task manager and close several more instances of it to keep the pop-up ads from happening. Chrome loads itself with multiple instances for more stability, each instance for a different process. But I have gone through settings and seemingly turned off anything related to pop-ups and notifications, and it still happens. Thanks. Glenn
From: nvda@nvda.groups.io
<nvda@nvda.groups.io> On Behalf Of Gene
Given the increasing popularity of Chrome among blind users, this article from Kim Komando is important. The Chrome designers are implementing a change which is very bad for security, dumbing down the product for asthetics. Let's hope the protests from security experts and others cause them to remember that they are not supposed to do harm, as part of their founding principles.
See this article:
Gene |
|
|
|
Ervin, Glenn
I only run Microsoft’s MRT and Security Essentials.
From: nvda@nvda.groups.io <nvda@nvda.groups.io>
On Behalf Of Gene
Sent: Tuesday, September 11, 2018 10:54 AM To: nvda@nvda.groups.io Subject: Re: [nvda] A security change in Chrome you would be wise to correct
Adware. What antimalware programs do you run?
Gene ----- Original Message ----- From: Ervin, Glenn Sent: Tuesday, September 11, 2018 10:21 AM Subject: Re: [nvda] A security change in Chrome you would be wise to correct
With regards to Chrome, Has anyone else had ads popping up when Chrome is open? After I close Chrome, I have to bring up the task manager and close several more instances of it to keep the pop-up ads from happening. Chrome loads itself with multiple instances for more stability, each instance for a different process. But I have gone through settings and seemingly turned off anything related to pop-ups and notifications, and it still happens. Thanks. Glenn
From:
nvda@nvda.groups.io <nvda@nvda.groups.io>
On Behalf Of Gene
Given the increasing popularity of Chrome among blind users, this article from Kim Komando is important. The Chrome designers are implementing a change which is very bad for security, dumbing down the product for asthetics. Let's hope the protests from security experts and others cause them to remember that they are not supposed to do harm, as part of their founding principles.
See this article:
Gene |
|
|
|
Gene
Running Malware Bytes might find something.
Or, you might run an antiadware utility. If you want to try it first, it
would be a lot faster. Its name is AdwCleaner. Others may have more
information about it. I believe it found a false positive when I tried it
perhaps a year ago so look carefully at the list of results.
Gene ----- Original Message -----
From: Ervin, Glenn
Sent: Tuesday, September 11, 2018 10:56 AM
Subject: Re: [nvda] A security change in Chrome you would be wise to
correct I only run Microsoft’s MRT and Security Essentials.
From: nvda@nvda.groups.io <nvda@nvda.groups.io> On Behalf Of
Gene
Adware. What antimalware programs do you run?
Gene ----- Original Message ----- From: Ervin, Glenn Sent: Tuesday, September 11, 2018 10:21 AM Subject: Re: [nvda] A security change in Chrome you would be wise to correct
With regards to Chrome, Has anyone else had ads popping up when Chrome is open? After I close Chrome, I have to bring up the task manager and close several more instances of it to keep the pop-up ads from happening. Chrome loads itself with multiple instances for more stability, each instance for a different process. But I have gone through settings and seemingly turned off anything related to pop-ups and notifications, and it still happens. Thanks. Glenn
From: nvda@nvda.groups.io <nvda@nvda.groups.io> On Behalf Of
Gene
Given the increasing popularity of Chrome among blind users, this article from Kim Komando is important. The Chrome designers are implementing a change which is very bad for security, dumbing down the product for asthetics. Let's hope the protests from security experts and others cause them to remember that they are not supposed to do harm, as part of their founding principles.
See this article:
Gene |
|
|
|
Kwork
I used it once, and got a false positive on something, so never
used it again. Pretty much stuck with Malwarebytes after that. On 9/11/2018 9:16 AM, Gene wrote:
|
|
|
|
Well google need to be made aware, its not that bad if you know where you are, but a brouser with such a market share well and on so many devices, they better know what they are doing.
toggle quoted message
Show quoted text
On 9/12/2018 3:01 AM, Gene wrote:
Given the increasing popularity of Chrome among blind users, this article from Kim Komando is important. The Chrome designers are implementing a change which is very bad for security, dumbing down the product for asthetics. Let's hope the protests from security experts and others cause them to remember that they are not supposed to do harm, as part of their founding principles. |
|
|
|
Gene
They are aware. If the story is in the
popular press, they knew about it before it was covered there. If people
want to complain to Google about the feature, it may make them more likely to do
something about the problem.
Gene ----- Original Message -----
From: Shaun Everiss
Sent: Tuesday, September 11, 2018 1:37 PM
Subject: Re: [nvda] A security change in Chrome you would be wise to
correct you are, but a brouser with such a market share well and on so many devices, they better know what they are doing. On 9/12/2018 3:01 AM, Gene wrote: > Given the increasing popularity of Chrome among blind users, this article from Kim Komando is important. The Chrome designers are implementing a change which is very bad for security, dumbing down the product for asthetics. Let's hope the protests from security experts and others cause them to remember that they are not supposed to do harm, as part of their founding principles. > > See this article: > https://www.komando.com/happening-now/486524/a-big-change-in-chrome-69-can-put-you-at-risk?utm_medium=nl&utm_source=notd&utm_content=2018-09-10-a-b > > Gene > > > > |
|
|
|
No i9ssues here, I use MSE and tha'ts it. I would just do a scann
and see if somethign is up. Chrome rocks. On 9/11/2018 8:21 AM, Ervin, Glenn
wrote:
|
|
|
|
Gene
MSSE is an adequate program but no knowledgeable
computer aedvisor says it is nearly as good at finding spyware as Malware
Bytes. If MSSE was running, as it presumably was, during the time of
infection, while it might now be aware of what it wasn't before because of
updated definitions, I wouldn't be confident of that. I doubt this
infection is new malware.
Gene ----- Original Message -----
From: Sarah k Alawami
Sent: Tuesday, September 11, 2018 5:46 PM
Subject: Re: [nvda] A security change in Chrome you would be wise to
correct No i9ssues here, I use MSE and tha'ts it. I would just do a scann and see if
somethign is up. Chrome rocks. On 9/11/2018 8:21 AM, Ervin, Glenn wrote:
|
|
|
|
Brian's Mail list account
I guess one has to realise, just as in Android phones, the customer is the main way they earn money, ie advertising to them and gathering data about them.
toggle quoted message
Show quoted text
It is like many things the old, no such thing as a free lunch issue. A trade off between how much privacy and ability to stop ads you get against how much it costs. Brian bglists@... Sent via blueyonder. Please address personal E-mail to:- briang1@..., putting 'Brian Gaff' in the display name field. ----- Original Message -----
From: "Ervin, Glenn" <glenn.ervin@...> To: <nvda@nvda.groups.io> Sent: Tuesday, September 11, 2018 4:21 PM Subject: Re: [nvda] A security change in Chrome you would be wise to correct With regards to Chrome, Has anyone else had ads popping up when Chrome is open? After I close Chrome, I have to bring up the task manager and close several more instances of it to keep the pop-up ads from happening. Chrome loads itself with multiple instances for more stability, each instance for a different process. But I have gone through settings and seemingly turned off anything related to pop-ups and notifications, and it still happens. Thanks. Glenn From: nvda@nvda.groups.io <nvda@nvda.groups.io> On Behalf Of Gene Sent: Tuesday, September 11, 2018 10:01 AM To: nvda@nvda.groups.io Subject: [nvda] A security change in Chrome you would be wise to correct Given the increasing popularity of Chrome among blind users, this article from Kim Komando is important. The Chrome designers are implementing a change which is very bad for security, dumbing down the product for asthetics. Let's hope the protests from security experts and others cause them to remember that they are not supposed to do harm, as part of their founding principles. See this article: https://www.komando.com/happening-now/486524/a-big-change-in-chrome-69-can-put-you-at-risk?utm_medium=nl&utm_source=notd&utm_content=2018-09-10-a-b<wlmailhtml:%7bC045F55E-C6A4-4D66-B25C-CC4F14F1006E%7dmid://00003403/!x-usc:https://www.komando.com/happening-now/486524/a-big-change-in-chrome-69-can-put-you-at-risk?utm_medium=nl&utm_source=notd&utm_content=2018-09-10-a-b> Gene |
|
|
|
Brian's Mail list account
I am currently using superantispyware, but its quite funny on access. The installer needs screen navigation to get to the I agree button and unless you launch it from the tray, it 'forgets' to tell nvda where to put the focus, and in the latest incarnation the x you need to tick to remove unwanted software seems to have become totally invisible to nvda so you either delete all or nothing, though the cookie part seems to work.
toggle quoted message
Show quoted text
I do wish they would test things before they put them out. Its almost right but they do not seem very helpful to free users...However who is going to pay if they are not confident about blind access? Brian bglists@... Sent via blueyonder. Please address personal E-mail to:- briang1@..., putting 'Brian Gaff' in the display name field. ----- Original Message -----
From: "Kwork" <istherelife@...> To: <nvda@nvda.groups.io> Sent: Tuesday, September 11, 2018 5:51 PM Subject: Re: [nvda] A security change in Chrome you would be wise to correct I used it once, and got a false positive on something, so never used it |
|
|
|
Mallard <mallard@...>
Oh well! They know alright! I assume they knew when they signed a secret agreement with Mastercard... Or were they sleeping or drunk when they signed it?
toggle quoted message
Show quoted text
None of those corporations is clean from the point of view of user data protection. I think it's a matter of give and take. They give you stuff "free of charge", but not free. You pay for their services with your data. In Italy we say that not even dogs wag for nothing... (smile) Ciao, Ollie Il 11/09/2018 20:37, Shaun Everiss ha scritto:
Well google need to be made aware, its not that bad if you know where you are, but a brouser with such a market share well and on so many devices, they better know what they are doing. |
|
|
|
Gene
This has nothing to do with sharing data or any
agreements with any other companies. This is a matter of pandering to
convenience to the point that a core security matter, the ability to see a
complete address, was sacrificed to make things look better and save a tiny bit
of room on the screen.
Gene ----- Original Message -----
From: Mallard
Sent: Wednesday, September 12, 2018 1:53 AM
Subject: Re: [nvda] A security change in Chrome you would be wise to
correct agreement with Mastercard... Or were they sleeping or drunk when they signed it? None of those corporations is clean from the point of view of user data protection. I think it's a matter of give and take. They give you stuff "free of charge", but not free. You pay for their services with your data. In Italy we say that not even dogs wag for nothing... (smile) Ciao, Ollie Il 11/09/2018 20:37, Shaun Everiss ha scritto: > Well google need to be made aware, its not that bad if you know where > you are, but a brouser with such a market share well and on so many > devices, they better know what they are doing. > > > > On 9/12/2018 3:01 AM, Gene wrote: >> Given the increasing popularity of Chrome among blind users, this >> article from Kim Komando is important. The Chrome designers are >> implementing a change which is very bad for security, dumbing down >> the product for asthetics. Let's hope the protests from security >> experts and others cause them to remember that they are not supposed >> to do harm, as part of their founding principles. >> >> See this article: >> https://www.komando.com/happening-now/486524/a-big-change-in-chrome-69-can-put-you-at-risk?utm_medium=nl&utm_source=notd&utm_content=2018-09-10-a-b >> >> >> Gene >> >> >> >> > > > > |
|
|
|
Brian's Mail list account
Well, its a bad choice of default really for a setting that should be available in the main settings at first install.
toggle quoted message
Show quoted text
I wonder what they were thinking? I know that many sighted people are very cavalier about clicking and thinking later on. The Recent Hack of British Airways was carried out by a spoof web site and some rogue javascript implanted on an insecure landing page on the BA site. Nobody spotted it was not the connect url, and since the spoof site merely passed the data onto the real site, it took a while for it to be seen. Brian bglists@... Sent via blueyonder. Please address personal E-mail to:- briang1@..., putting 'Brian Gaff' in the display name field. ----- Original Message -----
From: "Gene" <gsasner@...> To: <nvda@nvda.groups.io> Sent: Tuesday, September 11, 2018 4:01 PM Subject: [nvda] A security change in Chrome you would be wise to correct Given the increasing popularity of Chrome among blind users, this article from Kim Komando is important. The Chrome designers are implementing a change which is very bad for security, dumbing down the product for asthetics. Let's hope the protests from security experts and others cause them to remember that they are not supposed to do harm, as part of their founding principles. See this article: https://www.komando.com/happening-now/486524/a-big-change-in-chrome-69-can-put-you-at-risk?utm_medium=nl&utm_source=notd&utm_content=2018-09-10-a-b Gene |
|
|
|
Ervin, Glenn
I have done MSSE full scans and MRT scans and they find nothing. I have never been comfortable with the third-party anti-virus programs, in fact, the state of Nebraska only uses security essentials on its computers.
Glenn
From: nvda@nvda.groups.io <nvda@nvda.groups.io>
On Behalf Of Sarah k Alawami
Sent: Tuesday, September 11, 2018 5:46 PM To: nvda@nvda.groups.io Subject: Re: [nvda] A security change in Chrome you would be wise to correct
No i9ssues here, I use MSE and tha'ts it. I would just do a scann and see if somethign is up. Chrome rocks. On 9/11/2018 8:21 AM, Ervin, Glenn wrote:
|
|
|
|
Tempest in a teacup. The end user is responsible for entering the web address that they want, and that's what gets loaded.
Every modern web browser has allowed the end user to omit the www for some years now and inserts that in most cases when necessary. If you, for any you, aren't taking a quick look around a page after it loads, and saying "hmmmmm?," if you're not encountering what you're used to, the display of the address is the last issue to worry about. Just go back to the address bar and enter the corrected address. -- Brian - Windows 10 Home, 64-Bit, Version 1803, Build 17134 The psychology of adultery has been falsified by conventional morals, which assume, in monogamous countries, that attraction to one person cannot co-exist with a serious affection for another. Everybody knows that this is untrue. . . ~ Bertrand Russell
|
|
|
|
Antony Stone
I would suggest that more people click on links to arrive at a web page than
toggle quoted message
Show quoted text
type in the address themselves. This is how phishing attacks work - you receive a plausible-looking email claiming to be from Amazon, eBay, your bank, an airline, etc. telling you there's a problem with your account (or perhaps making you a special offer), and giving you a link to click on. The site you land on looks almost identical to the real one. Such sites then typically invite you to log in, maybe buy something, then present an error message, redirect you to the real site, and take your credentials (and possibly credit card details too, if they got you to go that far) and do whatever they want with them. So, in my opinion, anything which disguises the real web address from users is a very bad thing. It conceals potentially important information, and it treats people as though they don't understand the web, which encourages people not to understand the web and be vulnerable as a result. Antony. On Wednesday 12 September 2018 at 16:49:26, Brian Vogel wrote:
Tempest in a teacup. The end user is responsible for entering the web --
This email was created using 100% recycled electrons. Please reply to the list; please *don't* CC me. |
|
|
|
Ervin, Glenn
Very few of these fool me, but if I am unsure of one, I copy the link and paste it into notepad and inspect it.
toggle quoted message
Show quoted text
Those fishing links will have a URL totally not related to the name of what they say they are for. But I think mouse-happy people often click on things without thinking of the message, and how this company would have their eMail. Glenn Glenn -----Original Message-----
From: nvda@nvda.groups.io <nvda@nvda.groups.io> On Behalf Of Antony Stone Sent: Wednesday, September 12, 2018 10:13 AM To: nvda@nvda.groups.io Subject: Re: [nvda] A security change in Chrome you would be wise to correct I would suggest that more people click on links to arrive at a web page than type in the address themselves. This is how phishing attacks work - you receive a plausible-looking email claiming to be from Amazon, eBay, your bank, an airline, etc. telling you there's a problem with your account (or perhaps making you a special offer), and giving you a link to click on. The site you land on looks almost identical to the real one. Such sites then typically invite you to log in, maybe buy something, then present an error message, redirect you to the real site, and take your credentials (and possibly credit card details too, if they got you to go that far) and do whatever they want with them. So, in my opinion, anything which disguises the real web address from users is a very bad thing. It conceals potentially important information, and it treats people as though they don't understand the web, which encourages people not to understand the web and be vulnerable as a result. Antony. On Wednesday 12 September 2018 at 16:49:26, Brian Vogel wrote: Tempest in a teacup. The end user is responsible for entering the web-- This email was created using 100% recycled electrons. Please reply to the list; please *don't* CC me. |
|
|
|
Gene
The article I linked to specifically cites
instances where, if the beginning is omitted, the site address will look exactly
the same. Security experts have been complaining about this. I don't
consider this to be meaningless. the user should be able to see the full
address. and as far as not seeing what you are used to, scammers are
becoming increasingly adept at making sites look like the real site. and
what if you haven't been to this site before or very seldom?
This has nothing to do with the user being able to
leave off the prefix information when typing an address. It has to do with
the user being able to see the address when on a site. The two are
completely unrelated.
Maybe you will take a more detailed article on
Bleeping Computer more seriously:
Gene ----- Original Message -----
From: Brian Vogel
Sent: Wednesday, September 12, 2018 9:49 AM
Subject: Re: [nvda] A security change in Chrome you would be wise to
correct Every modern web browser has allowed the end user to omit the www for some years now and inserts that in most cases when necessary. If you, for any you, aren't taking a quick look around a page after it loads, and saying "hmmmmm?," if you're not encountering what you're used to, the display of the address is the last issue to worry about. Just go back to the address bar and enter the corrected address. -- Brian - Windows 10 Home, 64-Bit, Version 1803, Build 17134 The psychology of adultery has been falsified by conventional morals, which assume, in monogamous countries, that attraction to one person cannot co-exist with a serious affection for another. Everybody knows that this is untrue. . . ~ Bertrand Russell
|
|
|