Page 1 of 1

Scammers Jamming Your Browser

Posted: Sat Feb 10, 2018 1:22 am
by barbaz ... o-a-panic/

Reportedly affects Firefox as well. Can we neuter it with a surrogate script?

Re: Scammers Jamming Your Browser

Posted: Fri Apr 20, 2018 1:37 am
by Thrawn
You could neuter a specific site with a surrogate script, if you can identify critical functions that you can break.

Global neuter...well, I guess it's possible to use a surrogate to globally kill off the relevant file API, but that could break legitimate sites.

Re: Scammers Jamming Your Browser

Posted: Fri Apr 20, 2018 8:27 pm
by GµårÐïåñ
Thankfully so far, my setup is so tightly configured that this has not been an issue for me, I even have voluntarily visited the links in question (when reported to me) on my own production machine and it feel like a thud, but then again my configuration is not the most "user-friendly" and I am comfortable with its "limitations" although I don't see it that way honestly. I can accomplish everything I need and still neuter most access to my system.

Although not recommended, one of the easiest way to defeat such things that check for UA-strings is to have a slightly malformed UA that won't kill your functionality on legitimate sites that sniff it but enough to cripple direct targeting. One of my colleagues has a clever way by which he does this and that is to actually include MULTIPLE browser tags, meaning confuse the sniffers from knowing WHICH browser he is on while giving legitimate sniffers what they need to still accept the browser and function. I take a more minimalist approach, but each has equally been resilient against attacks. Although, I'll admit that my approach tends to have some edge case breakage (3 in the last 18 months), while his has been limited to only 1 in two years.

Re: Scammers Jamming Your Browser

Posted: Tue May 21, 2019 3:19 am
by chrispeddler
You can add an extension like an Ad Blocker to tighten security on your browser. Just a thought.