Application Security
2/4/2014
01:11 PM
Connect Directly
RSS
E-Mail

Google Sounds Chrome Browser Hijack Alarm

Chrome users also face subtle attacks, including Chrome extensions that inject unwanted advertisements.

Chrome's hijacking alert warning.
Chrome's hijacking alert warning.

Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Federal
50%
50%
Federal,
User Rank: Apprentice
8/18/2014 | 6:03:22 PM
The latest version of this exploit blocks access to settings (so you can't reset)
The latest version of this exploit blocks access to settings (so you can't reset).  It's still an extension, though, so there's a workaround to fix it.  Power down the chromebook then power it back on.  The extensions take a second or so to load and the load doesn't take place until you log in.


Enter your password after the restart but have one finger on the ESC key before you hit enter to log in.  Keep hitting ESC for a few seconds after you click enter to log in.  You have to catch the browser before it loads its settings and extensions but it's pretty easy to do. Now you'll have stopped the browser from loading the extension that sets your session to "anonymous" blocking all access to settings. From here, it's easy to go to settings and either disable the offending extension or just reset the browser settings.
Howard Fried
50%
50%
Howard Fried,
User Rank: Apprentice
2/7/2014 | 9:40:02 PM
Ads do pay the bills, but use some tact
As David mentions, the reality is most of the internet is paid for with ads...so...the real question is, how can you make money with ads, and not be totally obnoxious, annoying and intrusive?

My team is hard at work on a product that intends to be graceful, mostly hidden, and always seek your consent to show ads and offers. Watch for a release later this year of a new kind of browser safety extension (free) from avira.com
Whoopty
50%
50%
Whoopty,
User Rank: Moderator
2/5/2014 | 9:56:26 AM
Re: Ads and security
I miss the days of when using an "alternative" browser like Chrome or Firefox meant there was nothing to fear as nobody made viruses for anything but IE. I imagine Apple users feel the same way. 
David F. Carr
50%
50%
David F. Carr,
User Rank: Apprentice
2/5/2014 | 9:12:30 AM
Re: Ads and security
Ads still pay the bills, unless you operate like NPR
Lorna Garey
50%
50%
Lorna Garey,
User Rank: Ninja
2/4/2014 | 4:50:27 PM
Favorites?
Does resetting wipe out favorites along with cookies, tabs, etc?
Thomas Claburn
50%
50%
Thomas Claburn,
User Rank: Moderator
2/4/2014 | 4:05:47 PM
Ads and security
There's a fundamental problem here: Ads, as content injected from a third-party domain, represent a threat vector. Playing whac-a-mole with malicious extension providers is one approach. Blocking ads entirely is another.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2595
Published: 2014-08-31
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which all...

CVE-2013-2597
Published: 2014-08-31
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that lever...

CVE-2013-2598
Published: 2014-08-31
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory ...

CVE-2013-2599
Published: 2014-08-31
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption pas...

CVE-2013-6124
Published: 2014-08-31
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary fil...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.