![]() |
![]() ![]() |
![]() |
Christian J |
![]()
Post
#1
|
. ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: WDG Moderators Posts: 9,755 Joined: 10-August 06 Member No.: 7 ![]() |
https://www.bleepingcomputer.com/news/secur...ver-100k-sites/
Today, cybersecurity company Sansec warned that the polyfill.io domain and service was purchased earlier this year by a Chinese company named 'Funnull' and the script has been modified to introduce malicious code on websites in a supply chain attack. |
pandy |
![]()
Post
#2
|
🌟Computer says no🌟 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: WDG Moderators Posts: 20,777 Joined: 9-August 06 Member No.: 6 ![]() |
And cdn.polyfill.io is yet another library, one assumes?
Hmm. That must be a risk with just about any library that lives on or connects to a remote server. mustn't it? In the wrong hands it can get a whole lot of new "features" all of a sudden... |
Christian J |
![]()
Post
#3
|
. ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: WDG Moderators Posts: 9,755 Joined: 10-August 06 Member No.: 7 ![]() |
Exactly! Same goes for browser extensions and mobile apps, BTW.
![]() |
pandy |
![]()
Post
#4
|
🌟Computer says no🌟 ![]() ![]() ![]() ![]() ![]() ![]() ![]() ![]() Group: WDG Moderators Posts: 20,777 Joined: 9-August 06 Member No.: 6 ![]() |
Yeah, apps are a little scary since one usually know nothing about the people behind the app. And they almost always needs access to a lot of things on the phone.
The same can probably be true for computer programs if they interact with a server in some way. BTW my beloved little FW thingie TinyWall is good for that too. No program that I haven't explicitly allowed can call home. |
![]() ![]() |
![]() |
Lo-Fi Version | Time is now: 16th January 2025 - 07:44 PM |