AdBlock news

Content-filterin ad-blocking software.

World latest news

Adblock Plus Exploit allows threat actors to read Gmail and other Google services

Independent security researcher Armin Sebastian discovered a vulnerability in Adblock Plus which can allow hackers to read a victim’s Gmail and look into other Google services. Adblock Plus is the world’s most popular free advertisement blocker with millions of users and extensions that run in all the major web browsers including Chrome, Edge, Firefox, Opera and Safari. The vulnerability allows the threat actor to inject malicious code into several Google services   including Gmail, Google Images and Google Maps in attacks that are difficult to detect, according to an April 15 blog post. The flaw was introduced when a new version of Adblock Plus was released on July 17, 2018  which came with a new filter option for rewriting requests but Sebastian found that under certain conditions, the $rewrite filter option enables filter list maintainers to inject arbitrary code in web pages. “The $rewrite filter option is used by some ad blockers to remove tracking data and block ads by redirecting requests,” Sabastian said in the post. “The option allows rewrites only within the same origin, and requests of SCRIPT, SUBDOCUMENT, OBJECT and OBJECT_SUBREQUEST types are not processed.” The affected extensions have more than 100 million active users, and the feature is trivial to exploit in order to attack any sufficiently complex web service, including Google services, while attacks are difficult to detect and are deployable in all major browsers, Sabastion said. In order for a web service to be exploitable using this method the page must load a JS string using XMLHttpRequest or Fetch and execute the returned code, the page must not restrict origins from which it can fetch using Content Security Policy directives, or it must not validate the final request URL before executing the downloaded code. In addition, the origin of the fetched code must have a server-side open redirect or it must host arbitrary user content. To run arbitrary code on Google Maps, a user must install either Adblock Plus, AdBlock or uBlock in a new browser profile, visit the options of the extension and add the example filter list to simulate a malicious update to a default filter list, and then navigate to Google Maps. After a few seconds an alert with “www.google.com” should pop up. In order to mitigate the vulnerability users should whitelist known origins using the connect-src CSP header, or by eliminating server-side open redirects. The researchers also said ad blocking extensions should consider dropping support for the $rewrite filter option. “Users may also switch to uBlock Origin,” the post said. “It does not support the $rewrite filter option and it is not vulnerable to the described attack.” The post Adblock Plus Exploit allows threat actors to read Gmail and other Google services appeared first on SC Media.
SC Media

Adblock Plus Creators Enlist Blockchain To Fight ‘Fake News’

Adblock Plus creators eyeo are out to put an end to misleading and false information online. Their new ‘Trusted News’ browser extension is aiming to take advantage of blockchain technology to create a decentralized database that classifies the integrity of information on the web. The Era Of ‘Fake News’ The past few years on the internet have been a tumultuous roller coaster ride which has ushered in waves of innovation and mass adoption around the globe. As of December 2017, more than 54 percent of the world’s population has access to the internet in some form. Unfortunately, there will always be some who will take advantage of others. In most recent times, those who browse the internet have to constantly be aware of advertisements and information that is biased, misleading, or completely untrue. This advent of deceptive and false information on the internet has caused huge rifts amongst entire populations, especially in the political sector. Fighting The Good Fight Software developing company eyeo, creators of the popular web browsing tool ‘Adblock Plus’ is stepping up to the plate once again — this time to try and curb the amount of false information that is plaguing the internet by identifying and classifying it. The beta chrome extension, ‘Trusted News’ will use a rating system that will sort websites into categories like ‘trusted,’ ‘satire,’ ‘biased,’ ‘malicious’, and ‘unknown.’ The initial version of ‘Trusted News’ will use existing fact-checking websites such as ‘Politifact,’ ‘Snopes,’ and ‘Wikipedia’ in the classification process. Eyeo will also be teaming up with MetaCert Protocol — an anti-URL fraud web developing company, to compile and maintain a decentralized database. A Case For Blockchain? With the huge influx of blockchain based companies and products, it can be hard to determine the most legitimate use cases. ‘Trusted News’ wants to incorporate feedback from its users by running the program on the Ethereum network and rewarding users’ submissions with MetaCert tokens. Later in the roadmap, eyeo plans to create a system where users can award tokens to those giving substantial feedback and information, similar to the Steemit system. Ben Williams, the company’s director of ecosystems, says: What we want to do, and where the blockchain comes in, is we want to move that over to incorporate users’ feedback as well. He continues: So initially what we’re going to do in a few weeks is incorporate something where users can just provide feedback through the extension. And they can dispute something. They can say ‘hey I don’t feel like this site should be listed as biased because whatever’. And we’re going to use that feedback to make the product better. Will there be a strong demand for this particular use case of blockchain technology? Can it objectively and properly classify websites? Let us know what you think in the comments below! Images courtesy of Pixabay, Trusted News The post Adblock Plus Creators Enlist Blockchain To Fight ‘Fake News’ appeared first on Bitcoinist.com.
Bitcoinist
More news sources

AdBlock news by Finrazor

Trending

Hot news

Hot world news

Bitcoin Struggles As BAT And ETC Lead The Charge

The cryptocurrency market has somewhat stabilized, presenting a predominantly green landscape as Bitcoin struggles to stay above the psychological $10,000 marker.   Cryptocurrency Market Situation. Source: Coin360   Sentiment for Bitcoin has seen a moderate improvement towards a strongly neutral outlook.   Bitcoin Sentiment Chart by theTIE.io   Despite this overall lukewarm performance, proponents of Bitcoin’s store of value potential have reason to rejoice today. According to a report by Digital Asset Data, BTC is increasingly gaining correlation with the broader asset markets – positively with gold, and negatively with the stock market. With a recession looming on the global economy, Bitcoin could fulfill the role of a “safe haven asset,” to which investors flock during uncertain economic times. Altcoins see recovery with ETC and BAT leading The rest of the cryptocurrency market is seeing strong corrections from yesterday’s fall, with two strong outliers making significant gains. Basic Attention Token is strongly reacting to its new listing on Kraken, a popular exchange part of Weiss Ratings’ Real 10 index of platforms reporting true volume. BAT has gained more than 15% on yesterday’s price, while curiously its partner-in-listing WAVES has registered a much more modest 4%. The stark difference can be explained by the contribution of other fundamental drivers, with BAT recently launching the much-anticipated online tipping feature in its browser.   BAT Recent Price Trend. Source: CoinMarketCap   The other outlier is none other than Ethereum Classic, which after an against-the-grain rally on Tuesday has continued today with a 14.6% gain. The total 7-day performance is a solid +21%, by far the highest in the top-50. As before, it’s difficult to give a meaningful explanation of the rally. The upcoming ETC Atlantis hard fork is scheduled in about 22 days, too far ahead to justify any price action, though the final confirmation was released on Monday. The run is likely to be due to a combination of factors, including possible whales entering ETC positions. The rest of the altcoin market is seeing moderate recoveries, with IOTA, TRON and Cardano gaining 8%, 6.32% and 6.42% respectively as the rest average on 3-4%.   The post Bitcoin Struggles As BAT And ETC Lead The Charge appeared first on Crypto Briefing.
CryptoBriefing

Casa Unveiled Node Monitor Service to Leapfrog Bitcoin Network Health

Coinspeaker Casa Unveiled Node Monitor Service to Leapfrog Bitcoin Network HealthA famous crypto startup firm recognized as Casa that offers primary management service, and Bitcoin node machine has launched a node monitor as well as accompanying reward program to develop Bitcoin network health.The firm revealed the latest innovation in an official website article on Aug. 21. Per the announcement, the node monitor known as Node Heartbeats depends on creating a brief relationship between the server of Casa plus, an internet synced and Tor-activated node owned by a user. The rewards program enables Casa node subscribers to earn 10,000 SatsBack weekly in exchange for operating 5 Node Heartbeat checks weekly, on separate days.SetBack can reportedly be converted for Bitcoin (BTC) just once per day on Keymaster app for Casa, as long as a consumer has garnered a minimum of 50,000 SatBack points. According to the report, Casa is firmly convinced that it`s hectic for consumers to keep up with the trend on their node`s uptime as well as security. By offering an inducement program to leapfrog node health, the firm reportedly expects to enhance the overall health of the Bitcoin network.How the Node Heartbeat OperatesTo verify that node is online, the company makes a concise link from their server to the users Casa Node. For this to be manageable, the user`s node must be synced, online, and with Tor activated. But with Tor, that indicates the node Heartbeat secures user`s privacy.Speaking of privacy, the Node Heartbeat only utilises the connection code of the consumer-the same code that is already existing in explorers and that which the consumer release to others who are willing to launch a channel with them. Sats App automatically submits the code for the users when they send a Heatbeat to saves them from the agony of looking it up.Guess Who Is The Latest Casa Investor?Charlie Lee, Litecoin (LTC) founder revealed just three days ago that he has heavily invested in Casa. He went ahead to praise Casa for spearheading BTC acceptance, indicating:“I have the same feeling about Casa today as I had about Coinbase when I joined in 2013 as the 3rd hire. Casa is making Bitcoin easy to use, and that is extremely important for this space. Looking forward to great things!”New Node Monitor by Lightning LabsAs initially reported by Cointelegraph that the designer of the high-speed transaction protocol Lightning Network, Lightning Labs recently unveiled an alpha version of a node monitor. The invented device, called Indmon, allegedly enables nodes operators to supervise node functions in real-time. Network cases this year reportedly influenced the developers to design a tool for preemptively detecting network and node issues.Casa Unveiled Node Monitor Service to Leapfrog Bitcoin Network Health
Coinspeaker

Gemini Exchange Launches In Australia in Effort to Expand its ‘Crypto Needs Rules’ Brand

One of the most prominent exchanges, Gemini which is owned by Winklevoss Twins is now available for Australian crypto users. “Cryptocurrency is the future of money, and we're committed to building a bridge to that future in Australia.” – @tylerwinklevoss We are thrilled to announce that starting today, we are operational in Australia 🇦🇺 Read […]
Bitcoin Exchange Guide

Tether to Launch RMB Stablecoin "CNHT"? CryptoNews

Tether is rumored to launch RMB Stablecoin. Such a move could land crypto in serious trouble in China as the RMB is tightly controlled and regulated. Binance Venus is also on its tails. Ukranian miners accidentally leak sensitive Nuclear Powerplant data. #Cryptocurrency #crypto #Tether RMB Stable Coin https://boxmining.com/tether-to-issue-rmb-cnht-stable-coin-rumor/ https://www.asiacryptotoday.com/tether-to-make-a-chinese-rmb-pegged-token-called-cnht https://cointelegraph.com/news/ukraine-crypto-miners-arrested-for-compromising-nuclear-plant-security https://www.coindesk.com/bitcoin-miners-halt-operations-as-rainstorm-triggers-fatal-mudslide-in-china 👍🏻Subscribe to Boxmining for Cryptocurrency Insight and News: https://www.youtube.com/c/boxmining 🔒Hardware Wallet: http://boxmining.co/ledger 👍🏻Brave Browser: http://boxmining.co/brave 📲Enjin Wallet: http://boxmining.co/enjin 👍🏻Unstoppable Domain: http://boxmining.co/unstoppable 📲Binance Exchange : http://boxmining.co/binance #Bitcoin #Ethereum #Cryptocurrency ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● Telegram groups (Discuss Crypto with us!) Telegram Discussion Group: https://t.me/Boxdatamining Telegram Announcements: https://t.me/boxminingChannel ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● ♨️Social (Add me on Social Media!) Instagram: https://www.instagram.com/boxmining/ Twitter: https://twitter.com/boxmining Facebook: https://www.facebook.com/boxmining Steemit: https://steemit.com/@boxmining ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬● I'm not a professional financial adviser and you should always do your own research. I may hold the cryptocurrencies talked about in the video. ●▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬●
Boxmining

Kraken To List Basic Attention Token (BAT) and Waves

Kraken has announced they will be listing BAT and WAVES, with pairs denominated in USD, EUR, BTC, and ETH. Trading commences at 13:30 UTC on August 22, 2019, and deposits will take 30 and 10 confirmations before being credited to users Kraken balances for BAT and WAVES, respectively, August 21, 2019. Kraken Expands Altcoin OfferingsRead MoreRead More. The post by Ashwath Balakrishnan appeared first on BTCManager, Bitcoin, Blockchain & Cryptocurrency News\
BTC Manager
By continuing to browse, you agree to the use of cookies. Read Privacy Policy to know more or withdraw your consent.