bookwyr.meChrome VPN Extension With 100k Installs Screenshots All Sites Users Visit
IHeartBadCodecyberinsider.com/chrome-vpn-extension-with-100k…
FreeVPN.One, a verified Chrome extension with over 100k installs on the Chrome Web Store, is taking screenshots of sites users visit.
27 Comments
Comments from other communities
A. Stop using Chrome
B. If you dont pay money for.your VPN you pay with your data.
C. Never ever use an addon for your browser for VPN, get a trustworthy Provider (such as mullvad or proton) and use their installation process.
Why are people still using chrome? I don’t think anyone in this house had it past 2012.
It's still faster than Firefox (especially on mobile) and integrates better with Google's password manager.
In any case this is an issue with a Chrome extension, not Chrome itself. Nothing stops bad actors doing the same with Firefox extensions.
__反いじめ戦隊It affects any 🕸️browser ðt accepts FreeVPN.One’s CRX. So 𐑿 can infect 𐑿rself 𐑪 çromium just fine.
What are the meanings for these non-ascii symbols?
Apologies. I had misread Șavian was ASCII all ðs time. I’ll make my [contraction] dictionary soon.
Kissakidistinct from the Latin alphabet to avoid the impression that the new spellings were simply misspellings.
Ŝan • 𐑖ƨɤÞe Ŝavian (and derivative) contractions are fascinating. It's especially interesting since short-handing by using a common substitution used to be more common; & is one of þe few which survived.
Do you write Shavian long-hand, or only typing?
typŋ⌨️. I plan o makŋ fuθr contracș, since I use gregg @work mor.
ideally, I v my isp, n mak m gregg font.
Huh. I þink most of þe glyphs aren't rendering for me. Is þis what you see?
Are you also trying to resist ai scraping like @Sxan@piefed.zip does by replacing "th" with þ?
Depends. Aru ya ganta help?
Just wondering if i should also obfuscate my comments too.
Always. It doesn't even have to be anti-AI; could be out of sheer cussedness.
moopetOr if you simply hate people who use screen readers.
Funny that they did all that push to Manifest v3 because 'muh security' yet this bullshit still works.
...almost as if it was never about security at all....huh....
Exactly. My favorite extension doesn't work anymore because the owner (rightfully) doesn't have time to deal with this shit. So some scammer now published a version of it which requires more permissions, probably mining your data or some shit. Fuck Google
Am I the only one that sees this shit and thinks:
We are entering an age of very, very inefficient software, which is like a new layer to enshitification.
Inefficient? That's downright intrusive and misleading, at best
Fully agree, but also on a macro economic level, we are gonna waste sooo much resources not even for the profit motive, just because they don’t want to make quality software
Bruh, we entered that age like a decade ago. It's just a lot more commonplace now.
That's spyware, not inefficient
Andy and Bill's law 2.0, let's go
And this is why I am so obnoxious any time someone says "I found this plugin to block fandom wikis" or "I have this plugin to fix youtube embeds".
Code is only as safe as the people you trust to review it. And no, being open source doesn't matter in that regard. Yes, it theoretically increases the number of eyes on but how many of those eyes who ACTUALLY look at the code are doing it with every release AND understand how to spot a vulnerability or a... whatever this is.
Same with VPNs. NEVER trust a VPN. And sure as fuck never use a free one for anything remotely sensitive. Understand what your risk of exposure is and that, at the best of times, you are trusting a company to be telling the truth that they aren't keeping a log of every single thing you nutted to.
And before someone says "That is why I do everything over tor!": Maybe also understand the concept of digital fingerprints and WHY it is that Google is able to know someone is pregnant even before they are late.
Understand the risks and consequences of every action you take and act accordingly. And understand that there really is no one size fits all solution.
I think ProtonVPN might might be an exception here. They're pretty trustworthy as far as I know, and have some free servers.
But my go-to is Mullvad, mainly for the flat pricing. I hate how most only have good prices if you buy a full year or so.
proton was the only good free VPN, but apparently the CEO was recently praising trump and shit so that's obviously caused a lot of users to stop using it and telling others to not use it.
+1 for mullvad
I used Anonine (Sweden based) for 10yrs and never had a single problem visiting any site... I use a VPN 24/7 because I value my privacy and don't want every fucker tracking my everymove and that includes my ISP.
Recently switched to Proton because streaming from legal sites like iplayer and netflix had become impossible unless it was turned off. Proton actually works with them.
The only exception to this is IMO ones that have been proven in court to keep NO logs, like they claim. The only one I know of that has been tested is PrivateInternetAccess, which is why they're the only VPN I've used for like 10 years.
You mean the court case from almost ten years ago?
Yeah, that sounds safe. I mean, Google is still all about Do No Evil, right?
You think they've started lying and keeping logs since then?
Again, how many companies say one thing one quarter and another the next? Let alone a decade later.
I am not saying to go uninstall your PIA stuff right now. I am saying to act with the understanding of what your risks are if they are compromised and how important you would be in the event that they are.
Because companies are not our friends. We may have aligned interests but you have to always operate under the understanding of what capitalism IS and what their interests actually are. And while it is fun to aggressively define yourself by what you consume? To play on a fairly misogynistic "joke": PIA isn't gonna fuck you no matter how hard you stan for it.
Wow that’s really something of a reply lol. No one is “stanning” for anything. Who is defining themself by what they consume?
Homie. Your response to "don't trust companies. Take precautions" is "Well ackshually trust this one" and, upon being reminded that other companies used to have good marketing and even practices, was to double down.
Word it however you want. Either way: Don't stan for corporations and protect yourself.
I feel like browser extensions are one of the worst things to have come to the internet in terms of security. People just install them like they're nothing, assuming they're safe and secure because they're on the extension store - not a terrible assumption for the average person, tbf.
Basically every single extension you install is like "hey give me access to everything you type and everything you click on and every site you visit, and I'll change every instance of the word "Elon" to "fElon" for you. Sound fair?", and everyone just goes "Hell yeah! Let's do it!".
1) People who value their privacy (or "have something to hide") have a need of a service that provides anonymity
2) This turns said service in the ideal place to start any and all surveillance because your subjects have already self-selected for being "interesting" (especially if you intend to go after low hanging fruit)
3) Therefore I must conclude that people using VPNs and TOR, no matter how legitimate their reasons, are in fact advertising that they have something to hide which current status quo is very interested in knowing...
With China, UK and afaik US (at least some states) attitude to regulation, a VPN is turning more into a necessity to browse the open internet rather than a tool for people who value privacy though
I've been trying to plan a hiking trip and the number of sites, even those without any nsfw or user generated content, that just geoblock the UK because it's not worth dealing with their government's shit is impressive
Chrome Vpn = virulent prying nuisance
Chrome = virulent nonsense at this point
When they changed the behavior of the android version to only allow either google password manager *or* a third party manager (not both, as it was before), they lost my interest completely (and they were already on the cliff's edge because of the adblocker bullshit).
Exported all of my gpass passwords and switched fully to vaultwarden and Firefox mobile.
The internet is steadily regressing.
Look... if you're the sort of person who still uses chrome and thinks a vpn chrome extension is the bees knees... well... that's on you.
P.S. Microsoft have the perfect tool for you too... it's called 'recall'
If you really want privacy, use Tor which is free-as-in-speech-and-beer