After several years of warning after warning after advisory after advisory and calls to repeatedly update or remove and NOT USE CHROME by the Department of Homeland Security, it should be inconceivable that anyone does - but they do.
Sometimes these are patched with automatic updates before horrific and catastrophic results occur, sometimes not. To be frank, part of the problem stems from the fact that Chrome is the largest attack surface out there where browsers are concerned, but notwithstanding it being the fav target are also serious privacy concerns that aren't shared by other chromium based browsers.
To be fair, many exploits are indeed shared by other chromium based browsers, but not most, while some are related to other browser capabilities, like WebRTC, but it's still best to just ditch Chrome and never look back.
Here's more coverage on vulnerabilities issued less than a month ago. It took 3 seconds to bring this up, and no, not using Google, which didn't reveal this when I tried that search engine in a subsequent search, lolz. Why would they return SERPs that poo poo their own product?
This one did come up in a google search
There's truly only one way to ensure safety - unplug. But there's a lot of simple things you can do to exact a reasonable level of security, so why not observe some of those best practices? It's not like it will cramp your style.
Anyway, that's my two cents. h/t to @darnell for raising awareness of this latest brokewell. Make sure you take the time to visit the link he's provided for you too.
There are plenty of #Browsers that run on #Android (to name a few, alphabetized):
- Brave Browser
- Chromium
- DuckDuckGo
- Firefox
- Kiwi
- Vivaldi
IMO, No one should be running Chrome - Desktop or otherwise. It's a privacy nightmare even when there aren't CERT warnings circulating.
#tallship #brokewell #zero_day #CISA #CERT #DHS
⛵
.
RE: https://one.darnell.one/users/darnell/statuses/112371221294882180
@darnell
Hacker News
RedPacket Security
Habr
tallship
曖昧ナ犬