Google Chrome Extension Steals Login Details 155
An anonymous reader sends word of a proof-of-concept Google Chrome browser extension that steals users' login details. The developer, Andreas Grech, says that he is trying to raise awareness about security among end users, and therefore chose Chrome as a test-bed because of its reputation as the safest browser. Grech says he does not doubt that Chrome is a safe browser, but the point is that such an extension could be written for any of them. Grech says he has not uploaded his extension to the Google Chrome repository or anywhere else; but he has published enough details to allow others to reproduce the technique easily.
In other news ... (Score:5, Funny)
... a proof-of-concept Google Chrome browser extension that steal users' login details.
That's nothing. Wait till you see my research on what's possible when you get the user to install a malicious kernel module ...
Re:Sandbox? (Score:5, Funny)
I think you might also risk catching something if you're *thrusting* the author.
Re:How is this different (Score:2, Funny)
NoScript does nothing whatsoever to restrict extensions or plugins.
*gasp* HERETIC!!! This is SLASHDOT, unbeliever! The almighty NoScript and its blessed son FlashBlock are the infallible answers to every single problem you have ever had or will ever have. REPENT! REPEEEEEEENT!!!
Re:How is this different (Score:5, Funny)
Maybe what the browsers need is some sort of vetted App Store for extensions, where all submissions are reviewed by a central authority and approved or rejected?
In another news (Score:2, Funny)
In other News... (Score:1, Funny)
You might lose your valuables if you let a robber into your Home...