Why are there no modern web browsers that allow extension access to SSL information about the site you are browsing?

In all my Googling, I found one version of FireFox that allowed it temporarily a long time ago, it has been discussed on the Chromium development forums for years, but yet, as of today, there is still no way for an end user to view and/or … Continue reading Why are there no modern web browsers that allow extension access to SSL information about the site you are browsing?

Firefox add-ons: Which permission(s) govern the ability to make additional network requests?

I’m considering installing a Firefox add-on (browser extension) which requests the permission Access your data for all websites. This add-on is not on the list of Mozilla’s "actively monitored" add-ons.
Since it’s reasonable for … Continue reading Firefox add-ons: Which permission(s) govern the ability to make additional network requests?

How to mitigate against malicious browser extensions that rely on rtkit-daemon and dbus for remote control?

I lately noticed that my web browser (latest Firefox) is acting strange: form field content is getting deleted, text randomly marked and the system suddenly crashes as if the device is remotely controlled and overloaded.
Checking my system… Continue reading How to mitigate against malicious browser extensions that rely on rtkit-daemon and dbus for remote control?

How to protect against malicious code execution of unethical browser extensions? [closed]

Due to the Covid crisis everyone in my company works remotely from home.
Most company systems are accessed via the browser and the following browser extension is used for user authentication:
https://docs.centrify.com/Content/Applications/… Continue reading How to protect against malicious code execution of unethical browser extensions? [closed]

Does moving webAuthn API from browser to OS improves security of registration process?

Usually, for all types of authentications, we trust the registration process and assume there is no attack is happening Like in the case of FIDO2 registration. However, as the registration process is built within the browser and can be com… Continue reading Does moving webAuthn API from browser to OS improves security of registration process?

Can I curb Honey’s grab for my data by only using it within a separate profile?

I’m interested in getting a coupon code for an online purchase and to this end Honey is nice, but when it comes to protecting my data Honey is really invasive. Can I curb Honey’s hunger for my whole browser interaction by only using it wit… Continue reading Can I curb Honey’s grab for my data by only using it within a separate profile?