How To Enable Gaming Mode on Android 12

Back in Februry, folks at XDA had spotted an unreleased Gaming Dashboard in the works for Android 12. But up until now, there were no clear...

Tuesday

Users need to be wary as scheme flooding is on the rise

Posted by   on


These browsers are vulnerable to scheme flooding


Even though new security measures, features, and updates are applied all the time, Firefox, Chrome, Safari, and Tor are the four browsers that are vulnerable to this sort of exploits.


Senior software engineer and researcher Konstantin Darutkin spoke about this phenomenon and warned users worldwide about the potential implication that such actions could have.


These operations have been dubbed “scheme flooding” by the group of researchers, because of the fact that the attackers are able to use the browsers’ built-in custom URL scheme against us.



The scheme flood vulnerability allows for targeted advertisement and user profiling without user consent. The list of installed applications on your device can reveal a lot about your occupation, habits, and age. For example, if a Python IDE or a PostgreSQL server is installed on your computer, you are very likely to be a backend developer.



By using this technique, our devices are flooded with URL scheme requests used for acknowledging the presence of popular apps like Spotify, Zoom, Slack, Telegram, Discord, Steam, Xcode, Microsoft Word, NordVPN, or Hotspot Shield.


The more disconcerting news is that this can happen even if the users switch between browsers or try using a VPN, or incognito mode.



A combination of CORS policies and browser window features can be used to bypass the safety mechanisms.



According to the researchers, this manner of virtual intrusion can also be successfully used on other browsers, such as Brave, Microsoft Edge, and Yandex.


Although this issue didn’t just emerge overnight, it seems that the developers of the browsers above mentioned have not yet grasped the magnitude of the situation.



This vulnerability has been possible for more than 5 years and its true impact is unknown.


No comments:
Write Comments

Hello Friends, welcome to autobloginc.blogspot.com we Hope You'll like it - COntact US
!!THANK YOU FOR YOUR SUPPORT!!