Justin Schuh, lead engineer of Chrome Security, said ensuring browser security for Chrome users is a balancing act juggling OEM pressures, questionable certificate authorities and quashing third-party software incompatibility issues.
Google paid out $38,000 in bounty rewards tied to flaws it fixed with a Chrome 57 browser update.
Browser extensions have become a standard part of the most popular browsers and essential part of our lives for surfing the Internet.
But not all extensions can be trusted.
One such innocent looking browser add-on has been caught collecting browsing history of millions of users and selling them to third-parties for making money.
<!– adsense –>
An investigation by German television channel
In a move to bolster security for the Chrome browser, Google sets a date for making Certificate Transparency mandatory for website owners.
Five Chrome bug bounty hunters split $14,000 in rewards as Google patches nine security flaws in its browser, four are labeled “high”.
A new prank circulating on Twitter, Facebook and other social media platform could crash your iPhone or iPad completely.
If you come across a link to crashsafari.com, you are advised not to open it on your iPhone, iPad or even Macs. Doing so will cause Safari application to crash, potentially causing your Apple device to restart.
<!– adsense –>
In case, you want to try this out, just
Sounds good, right? Especially in times when you just want to access Netflix U.S. for this one show but can’t because of licensing restrictions; or when everyone might be spying on you. Yes, now is the perfect time for a VPN (Virtual Private Network). Normally you have to pay for the service though. And that’s where Hola comes into play. Hola is a free Chome browser plugin and according to the ratings left on its’ Chrome page VERY popular.
So how come a service like this can afford to stay free? It’s pretty simple really: they sell your bandwidth. “When a user installs Hola, he becomes a VPN endpoint, and other users of the Hola network may exit through his internet connection and take on his IP. This is what makes it free: Hola does not pay for the bandwidth that its VPN uses at all, and there is no user opt out for this,” says Fredrick Brennan, the operator of 8chan in a note on his site. He continues: “Hola has gotten greedy. They recently (late 2014) realized that they basically have a 9 million IP strong botnet on their hands, and they began selling access to this botnet (right now, for HTTP requests only) at https://luminati.io. […] An attacker used the Luminati network to send thousands of legitimate-looking POST requests to 8chan’s post.php in 30 seconds, representing a 100x spike over peak traffic and crashing PHP-FPM.”
This is definitely not cool, but what does it mean for you? Well, if you are using Hola your connection will be used by other users to access pages in your country that are blocked for their IP but are available with yours. This is perhaps annoying, but not all that bad. But what of you IP might be one of those that get abused by people to perform illegal acts online?
Now is probably the best time to rethink using this specific free service.
The post Popular Free VPN Hola Sells Users Bandwidth for Botnets appeared first on Avira Blog.