Login or Sign Up to become a member!
LessThanDot Site Logo

LessThanDot

A Technical Community for IT Professionals

Less Than Dot is a community of passionate IT professionals and enthusiasts dedicated to sharing technical knowledge, experience, and assistance. Inside you will find reference materials, interesting technical discussions, and expert tips and commentary. Once you register for an account you will have immediate access to the forums and all past articles and commentaries.

LTD Social Sitings

Lessthandot twitter Lessthandot Linkedin Lessthandot facebook Lessthandot rss

Note: Watch for social icons on posts by your favorite authors to follow their postings on these and other social sites.

Highly Rated Users

Forum
No Posts Rated

Top 50
Given
Received

Forum Statistics

Users
Members:
1805
Members Online:
1
Guests Online:
37

Total Post History
Posts:
81337
Topics:
18589

7-Day Post History
New Posts:
1
New Topics:
0
Active Topics:
1

Our newest member
hnguyenaa

Other

FAQ
All times are UTC [ DST ]

Google Ads

Hacker Creates Plugin That Trashes Chrome’s Security

Tech stuff we love and want to share
Forum rules
This is where we post about tech related things we find interesting. Only the LTD Team can create threads here, but feel free to post comments on any of the topics.
Please wait...

Hacker Creates Plugin That Trashes Chrome’s Security

Postby SQLDenis on Fri Jul 09, 2010 9:03 pm

We hate to scare you on Friday right before a good weekend, but this story is alarming enough that you need to hear about. Before we proceed, now that this exploit is out in the open, be extra careful when you install any Chrome plugin; you may be at risk.

The exploit, developed by programmer Andreas Grech, employs a plugin coded using jQuery to track users’ login information and have it emailed to himself. He claims that he has tested the plugin, and that it has been successful against Twitter, Gmail, and Facebook. In his own words: http://feedproxy.google.com/~r/TheNextW ... 42JqqS2ZY/
User avatar
SQLDenis
LTD Admin
LTD Admin
LTD Gold - Rating: 3467LTD Gold - Rating: 3467LTD Gold - Rating: 3467LTD Gold - Rating: 3467LTD Gold - Rating: 3467
LTD Gold - Rating: 3467LTD Gold - Rating: 3467LTD Gold - Rating: 3467LTD Gold - Rating: 3467LTD Gold - Rating: 3467
LTD Gold - Rating: 3467LTD Gold - Rating: 3467LTD Gold - Rating: 3467
 
Posts: 21784
Joined: Wed Oct 10, 2007 6:43 pm
Location: Princeton, New Jersey, USA,World, Solar System, Milky Way, Universe and Beyond
Unrated

Re: Hacker Creates Plugin That Trashes Chrome’s Security

Postby traingamer on Fri Jul 09, 2010 9:10 pm

Yeesh - but you do have to install it. :o
Greg

People demand freedom of speech as a compensation for the freedom of thought which they seldom use. Kierkegaard
User avatar
traingamer
Senior Sage
Senior Sage
LTD Bronze - Rating: 233LTD Bronze - Rating: 233LTD Bronze - Rating: 233LTD Bronze - Rating: 233LTD Bronze - Rating: 233
 
Posts: 1489
Joined: Thu Feb 28, 2008 4:13 pm
Location: St. Louis, MO, US
Unrated

Re: Hacker Creates Plugin That Trashes Chrome’s Security

Postby Naomi on Fri Jul 09, 2010 10:33 pm

SQLDenis wrote:We hate to scare you on Friday right before a good weekend, but this story is alarming enough that you need to hear about. Before we proceed, now that this exploit is out in the open, be extra careful when you install any Chrome plugin; you may be at risk.

The exploit, developed by programmer Andreas Grech, employs a plugin coded using jQuery to track users’ login information and have it emailed to himself. He claims that he has tested the plugin, and that it has been successful against Twitter, Gmail, and Facebook. In his own words: http://feedproxy.google.com/~r/TheNextW ... 42JqqS2ZY/


Does it mean I should go back to IE?
Premature optimization is the root of all evil in programming.
Donald Knuth, repeating C. A. R. Hoare
Naomi
Senior Sage
Senior Sage
LTD Bronze - Rating: 231LTD Bronze - Rating: 231LTD Bronze - Rating: 231LTD Bronze - Rating: 231LTD Bronze - Rating: 231
 
Posts: 1744
Joined: Thu Mar 26, 2009 5:46 am
Location: WI
Unrated

Re: Hacker Creates Plugin That Trashes Chrome’s Security

Postby Emtucifor on Fri Jul 09, 2010 10:46 pm

A typewriter would be safest.
God cries a little bit every time someone builds a database.
User avatar
Emtucifor
Guru
Guru
LTD Gold - Rating: 1033LTD Gold - Rating: 1033LTD Gold - Rating: 1033LTD Gold - Rating: 1033LTD Gold - Rating: 1033
LTD Gold - Rating: 1033LTD Gold - Rating: 1033LTD Gold - Rating: 1033LTD Gold - Rating: 1033LTD Gold - Rating: 1033
LTD Gold - Rating: 1033
 
Posts: 2835
Joined: Fri May 30, 2008 9:30 pm
Location: Bellingham, WA
Unrated

Re: Hacker Creates Plugin That Trashes Chrome’s Security

Postby damber on Sat Jul 10, 2010 1:49 am

shock horror - software you actively install on your computer can actually harm you. Maybe I should never install anything ever again.. you know, just in case? :-)

What is this anyway? 1995? Or did I just imagine the last 20 years of computing where installing unknown software from an unknown / untrusted source *may* just put you at risk?

/FUD
a smile is worth a thousand kind words, so smile, it's easy! :-)


CODE: $5
WORKING CODE: $500
PROPERLY DESIGNED & WORKING CODE: Priceless
User avatar
damber
LTD Admin
LTD Admin
LTD Silver - Rating: 661LTD Silver - Rating: 661LTD Silver - Rating: 661LTD Silver - Rating: 661LTD Silver - Rating: 661
LTD Silver - Rating: 661LTD Silver - Rating: 661LTD Silver - Rating: 661LTD Silver - Rating: 661LTD Silver - Rating: 661
 
Posts: 3134
Joined: Tue Oct 09, 2007 1:48 pm
Location: North Wales, UK
Unrated