Watch out for Chrome's new WebUSB and WebBluetooth features: The programs Web browsers use more and more APIs for more functionality.
But this is not always good.
Two recent additions to Chrome, with the WebUSB and WebBluetooth APIs, allow sites to interact with devices connected to the computer running the browser.
This can be very useful, but sometimes the procase new features has unintended consequences.
The WebUSB and WebBluetooth APIs, for example, leave security holes that allow highly sophisticated phishing attacks. These attacks could bypass authentication devices two devices that use USB Ports, such as the Yubikey device.
Security researchers have recently shown that Chrome browser WebUSB functionality can also be used to communicate directly with two-factor authentication devices, not just the Google U2F API.
Η attack it bypasses any protection offered by two-factor authentication devices.
Chrome displays a prompt when it encounters a page that tries to use the WebUSB or WebBluetooth API. The user should allow the login request and type or paste the username and the code of his account on the page he wants to link to.
Users should pay attention to the dialogues that appear and ask for permissions. Websites designed for attacks could provide assurances and prompts that the rights they request are necessary for better functionality of the external device.
So if you want to disable the two features from the Chrome you're using, you'll need to install the extensions Disable WebUSB and Disable WebBluetooth .
The two add-ons block APIs in the browser.
So if you don't use WebUSB and WebBluetooth features, these extensions are a temporary solution until Google fixes security issues.
____________________________________
- Made from artificial intelligence. None of these people exists
- uBlock Origin is the popular ad blocker in Chrome?
- New law Right to repair. What it means;