Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
deleted by creator
Hmm. Will this affect say a web3 wallet talking to hardware wallet?
I would like to pose a question. Will I still be able to setup or visit FTP servers?
Being a network security specialist, I’ll ask these basic questions:
My answers to these questions are:
:authorityheader should always be verified, and this is sufficient to counter all forms of DNS rebinding.
I thought this was something that they already patched. Good on Google this time
There is pretty much no legitimate reason that a site from the internet should access the local network.
The only exception I’ve seen to this is Synology having a NAS finder webapp where it searches your local network for a Synology device and tells you the IP address. But that’s a tiny niche use case and there are other ways of finding it that doesn’t involve a website (the device broadcasts its identity and has a hostname FFS). Any open source IP scanner will find it instantly, or in many networks you can just type in the hostname into your browser like a domain.
It’s about time, attackers can extract quite a bit of data about the local network via the browser. It’s pretty easy to identify appliances and home routers given someone stays on a site long enough.