Election fraud baseless?

ph1l said:
To be able to click on links with less fear, run your web browser in a sandbox (I use the one that comes with the free version of COMODO firewall).
More...

Just curious, are you worried about IP address grabbers? If the connection is encrypted and secure (i.e. https) what methods of attack are there. I run Linux so malware is less of a concern. This is a legit question.

Edit: Found some information on the topic. https://security.stackexchange.com/questions/66355/can-an-https-site-be-malicious-or-unsafe
 
Last edited:
PintoFire said:
Just curious, are you worried about IP address grabbers? If the connection is encrypted and secure (i.e. https) what methods of attack are there. I run Linux so malware is less of a concern. This is a legit question.

Edit: Found some information on the topic. https://security.stackexchange.com/questions/66355/can-an-https-site-be-malicious-or-unsafe
More...

I wouldn't be too concerned about man-in-the-middle attacks on https pages because I think the encryption is fairly secure.

But if your web browser is using extensions such as ad blockers, many extensions have complete access to what your web browser is sending and receiving before https encryption (e.g., login credentials and account information).

To avoid security issues with extensions, I use "Incognito" windows in chrome which disable most extensions for web pages I always want to be secure. For web pages I want to use extensions with but want a more secure login, I use the extension disabler "Disable Extensions and Apps" from the chrome web store, https://chrome.google.com/webstore to toggle blocking other extensions while logging in.

While looking at extension disablers, I remember some of them gave themselves permissions to see your web traffic (but not "Disable Extensions and Apps"), so they weren't as secure as they could be.
 
ph1l said:
I wouldn't be too concerned about man-in-the-middle attacks on https pages because I think the encryption is fairly secure.

But if your web browser is using extensions such as ad blockers, many extensions have complete access to what your web browser is sending and receiving before https encryption (e.g., login credentials and account information).

To avoid security issues with extensions, I use "Incognito" windows in chrome which disable most extensions for web pages I always want to be secure. For web pages I want to use extensions with but want a more secure login, I use the extension disabler "Disable Extensions and Apps" from the chrome web store, https://chrome.google.com/webstore to toggle blocking other extensions while logging in.

While looking at extension disablers, I remember some of them gave themselves permissions to see your web traffic (but not "Disable Extensions and Apps"), so they weren't as secure as they could be.
More...

Awesome great information, I appreciate it!
 
You must log in or register to reply here.
Back
Top