Google says that its Chrome browser will soon block internet websites from querying and interacting with devices and servers located inside local private networks, citing security reasons and past abuse from malware operations.
5 hilabete

deleted by creator
0urte bat

Hmm. Will this affect say a web3 wallet talking to hardware wallet?
1urte bat

I would like to pose a question. Will I still be able to setup or visit FTP servers?
urte bat

Being a network security specialist, I’ll ask these basic questions:

  • what’s the universal definition of a private network?
  • does this measure make sense in IPv6 within the global scope?
  • is it the responsibility of the browser to secure against DNS rebinding?

My answers to these questions are:

  • there is no universal definition, so this approach is doomed by design
  • no
  • heck, no; that’s the job of the webserver, by avoiding the so-called default virtual host. The Host/:authority header should always be verified, and this is sufficient to counter all forms of DNS rebinding.
2urte bat

I thought this was something that they already patched. Good on Google this time

There is pretty much no legitimate reason that a site from the internet should access the local network.

The only exception I’ve seen to this is Synology having a NAS finder webapp where it searches your local network for a Synology device and tells you the IP address. But that’s a tiny niche use case and there are other ways of finding it that doesn’t involve a website (the device broadcasts its identity and has a hostname FFS). Any open source IP scanner will find it instantly, or in many networks you can just type in the hostname into your browser like a domain.
3urte bat

It’s about time, attackers can extract quite a bit of data about the local network via the browser. It’s pretty easy to identify appliances and home routers given someone stays on a site long enough.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 14 users / day
  • 20 users / week
  • 70 users / month
  • 244 users / 6 months
  • 14 subscribers
  • 2.01K Posts
  • Modlog