There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

fedi.simonwillison.net

ZILtoid1991 , to technology in Google Chrome ships a default, hidden extension that allows code on *.google.com access to private APIs, including your current CPU usage

How long until it will be used as a backdoor to hack womeone’s PC?

rottingleaf ,

Negative number.

ILikeBoobies ,

Seems google has already done that

gencha ,

Chrome is the backdoor and you already installed it

trolololol , to technology in Google Chrome ships a default, hidden extension that allows code on *.google.com access to private APIs, including your current CPU usage

This that and the article are very light on details, but I couldn’t find an article deeper in details

My laptop, that I own and runs Linux that I installed, has chrome in it. I’m order to log into Gmail for work, it installs an extension that is capable of telling Gmail if my disk is encrypted. I know because you get an error message until my disk was actually encrypted. It was a big surprise to me, and I wonder if this is done by the same piece of code.

Btw would there be a way to do virtualization through perhaps docker or flat pack or chroot that can isolate chrome in a sandbox and prevent it from a) reading and writing files anywhere on any disk and b) get other data such as CPU, disk encryption etc?

Andromxda OP ,
@Andromxda@lemmy.dbzer0.com avatar

My laptop, that I own and runs Linux that I installed, has chrome in it. I’m order to log into Gmail for work, it installs an extension that is capable of telling Gmail if my disk is encrypted. I know because you get an error message until my disk was actually encrypted. It was a big surprise to me, and I wonder if this is done by the same piece of code.

That’s strange, I’ve never heard of that before

Btw would there be a way to do virtualization through perhaps docker or flat pack or chroot that can isolate chrome in a sandbox and prevent it from a) reading and writing files anywhere on any disk and b) get other data such as CPU, disk encryption etc?

There are some isolation mechanisms on Linux like Firejail or Bubblewrap. The latter is used by Flatpak to sandbox applications. These are rather weak though, and Flatpak weakens the security of bwrap further. By default, Flatpak application permissions are also set in a Manifest file, which is created by the maintainer of the package. To get more control over your Flatpak sandbox, you need to use an application like Flatseal.

Docker (or containers in general) aren’t meant for isolation/sandboxing, but this approach would also work. I would create a container using Distrobox or toolbx, and install Chrome inside the container.

This will not prevent Chrome from getting your CPU information though. To protect against that, you would have to use a virtual machine (and spoof the your CPU model if you want to hide that from Chrome).

beeb ,

Sounds easier to switch to another browser at that point

Andromxda OP ,
@Andromxda@lemmy.dbzer0.com avatar

OP apparently needs Chrome to log into an enterprise GSuite account, which has specific requirements, that are enforced by Chrome’s enterprise policy system. I don’t think this works in Chromium.

beeb ,

Oh I didn’t catch that my bad. I hope they get a work computer where this kind of stuff doesn’t interfere with private life!

fin , to technology in Google Chrome ships a default, hidden extension that allows code on *.google.com access to private APIs, including your current CPU usage

“Don’t be evil”

atrielienz ,

Not anymore.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • lifeLocal
  • goranko
  • All magazines
    •