![]() ![]() With over a decade of writing experience in the field of technology, Chris has written for a variety of publications including The New York Times, Reader's Digest, IDG's PCWorld, Digital Trends, and MakeUseOf. Chris has personally written over 2,000 articles that have been read more than one billion times-and that's just here at How-To Geek. Hopefully, the browser extensions are being developed by a different team and the real experts are working on the antivirus software itself-but that's a good example of how those antivirus browser extensions can go from useless to harmful.Ĭhris Hoffman is the former Editor-in-Chief of How-To Geek. ![]() Not only did AVG ship a browser extension with obviously broken, shoddy, insecure code, but AVG's developers couldn't even fix the problem without having their hands held by a Google security researcher. The fix restricts the functions to two specific AVG domains, but, as Ormandy noted, the websites on those domains have their own flaws that opens users up to attack. ![]() As Ormandy wrote: "AVG submitted an extension with a "fix", but the fix was obviously incorrect." He had to provide instructions for how to fix this flaw, and AVG issued an updated patch a day later. "I hope the severity of this issue is clear to you, fixing it should be your highest priority."įour days after it was reported, AVG had a patch. "My concern is that your security software is disabling web security for 9 million Chrome users, apparently so that you can hijack search settings and the new tab page," he wrote to AVG. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |