Now we have to worry about Ad-blocking software !!
-
After the recent release of information regarding "Superfish" on Lenovo laptops we now yet another vulnerability. [b][i]Ad-blocking software.[/i][/b] According to [url=http://www.bbc.com/news/technology-31586610]BBC News[/url] yesterday morning the latest culprit is a product called PrivDog. [quote]designed to block ads and replace them with ones from "trusted sources"[/quote] To accomplish the software essentially does a Man in the Middle attack, intercepting connections and replacing them with its own then issuing fake certificates to fool your browser into showing those. This process appears to leave computers vulnerable as it now accepts [b]all [/b]https certificates [b]without validation[/b]. Here we are trying to protect ouselves, or trying to make our browsing experience better and what do we get in return from these software vendors? They prey on such users and make them even more vulnerable. Now we just have to find out who else in in that mix (as apparently many types of [b][i]anti-malware[/i][/b] software and [b][i]parental control [/i][/b]software use these methods) and expose them also. (Some of the programs are listed in [url=http://arstechnica.com/security/2015/02/ssl-busting-code-that-threatened-lenovo-users-found-in-a-dozen-more-apps/][color=#0000bb][b]this article[/b][/color][/url] at arstechnica.com.) As security expert Graham Cluley says on the [url=http://blog.lumension.com/9848/whats-worse-than-superfish-meet-privdog-leaving-users-wide-open-to-attacks/?utm_source=GCHQ+-+Graham+Cluley%27s+Security+Newsletter&utm_campaign=b48e1c69f7-GCHQ+-+Graham+Cluley%27s+Security+Newsletter&utm_medium=email&utm_term=0_8106850f4a-b48e1c69f7-58585265][color=#0000bb][b]Lumension blog[/b][/color][/url]: [quote]"How are you supposed to trust the web ever again, if you’re running “a new layer of internet security” that destroys the entire concept of web certificates? A web where every rogue certificate is accepted, where no browser warnings are triggered, and where certificates (bad or not) are replaced by one that the browser will trust."[/quote] Interested in finding out if you are affected? Check the link below, (I trust it): [b][i][u][color=#000000]read the instructions carefully and follow them !![/color][/u][/i][/b] https://filippo.io/Badfish/
-