On 2023-01-23 18:01:05 Duncan wrote:
> Duncan posted on Mon, 23 Jan 2023 19:21:17 -0000 (UTC) as excerpted:
> > Consider the possible security side-effects. As an example, consider a
> > browser password dialog (say for firefox's master password, if you have
> > it setup). Often you want it raised so you see it and can enter the
> > password, but the browser folks ultimately had to change their behavior
> > a bit because bad sites were trying to trigger popups without browser
> > chrome and setup to appear just like the default password dialogs, in
> > ordered to steal people's passwords.
>
> Realized on reading that as posted that it implies the browser folks had
> to change their behavior regarding raising the password dialog. That
> wasn't intended and (AFAIK) isn't necessarily accurate (I unintentionally
> made a statement I can't initially verify one way or the other).
>
> What I /intended/ to say was that in my chosen example, they had to change
> both password dialogs and their general web-page-popup behavior, primarily
> web-page-popup appearance, to ensure that web-page-popups were distinct
> enough from system dialogs (password and other, browser and not) that
> there was no confusion, and that while raising and focus behavior may in
> the abstract be different from that, be careful that any changes to focus
> behavior rules you make, don't inadvertently neutralize behavior they may
> have instituted due to security concerns that might be unrelated to the
> particular example I named.
>
> IOW, just be aware that a browser is arguably the most security exposed
> sensitive app most people commonly run, and that any changes you make to
> its default behavior, including apparently security-unrelated changes, may
> have unintended consequences in terms of its security posture. With that
> awareness and assuming a reasonable security sense that unfortunately many
> folks don't seem to have (but just the fact that someone's posting/reading
> here suggests a higher likelihood they do, due to self-selection meaning
> the least security-aware wouldn't be here in the first place), proceeding
> cautiously should be reasonable, but be particularly alert for unusual or
> unexpected behavior for awhile after that, just in case.
Maybe the browser folks could provide a way for the user to replace e..g. an icon on such
sensitive popups, with their own custom image, that couldn't be matched by malware?
Leslie
--
Platform: Linux
Distribution: openSUSE Leap 15.4 (x86_64)
