this post was submitted on 29 Jun 2023
45 points (97.9% liked)

Technology

73833 readers
4331 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
45
The Brave browser will take action against websites that snoop on visitors by scanning their open Internet ports or accessing other network resources that can expose personal information. (arstechnica.com)
submitted 2 years ago by PopBobert@lemmy.world to c/technology@lemmy.world
29 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] WhoRoger@lemmy.world 1 points 2 years ago (3 children)

But re 1) I'm so confused, how does the browser have access to such information, never mind an addon?

I get that browsers can do way more than tcp port 80 these days, but I didn't know it can do so much, man.

Or is that sniffing so closely related to the web site itself, i.e. is the actual web server doing it? I would expect that if someone would want to snoop on my network, they'd be using something else than a web server.

Guess I need an eli10 for modern browsers.

[–] perviouslyiner@lemmy.world 4 points 2 years ago (1 children)

The screenshot in the article shows Websocket connections from the browser, which I think is the only non-HTTP connection that web pages can make?

Websockets always seemed a confusing technology, as they just kinda ignore the same origin policy that has been a fundamental part of JavaScript security since JavaScript's creation!

[–] WhoRoger@lemmy.world 1 points 2 years ago

Yea I've always been weirded out by it. Thx

[–] jimmyjazx@kbin.social 3 points 2 years ago

https://blog.nem.ec/2020/05/24/ebay-port-scanning/ this explains it pretty well, but not eli10

[–] demonsword@lemmy.world 1 points 2 years ago (1 children)

There are legitimate reasons to scan/connect to ports at localhost, the article even lists some (e.g AVs)

[–] WhoRoger@lemmy.world 0 points 2 years ago

Hm, but browser addons?

I guess I'm mainly confused because the abilities of browser extensions have been so heavily eroded over time. Can't make an extension to manage bookmarks anymore and lots of other things. So I'm surprised it could do such things.