- cross-posted to:
- libre_culture
- cross-posted to:
- libre_culture
A recent update to an ad block filter list now allows the uBlock Origin extension to block most of the known sites that perform port scans of your local Windows computer: https://www.bleepingcomputer.com/news/security/ublock-origin-ad-blocker-now-blocks-port-scans-on-most-sites/
Good. Why do websites even need the ability to port scan stuff?
I’ve seen stuff about “loss prevention” but I’m inclined to believe that that’s BS.
Loss of what? I don’t see how port scanning the user’s devices factors into that.
That was my thought line too. There’s no real need that I can see for this sort of thing.
IMO, system-level features like port scanning should at least require a browser-generated permissions prompt like sensible browsers have for camera and microphone access, if not non-existent from the APIs available to websites.
I can’t think of a use-case where a third-party website would ever need to see what ports I have open on my machine.
Exactly. Same with what extensions I have installed and most other information listed in the fingerprinting section of Panopticlick.
It’s for browser/device fingerprinting and basically nothing else.
It’s an unintended side-effect.
And it should be fixed in the browsers; but it’s hard to do in a backwards-compatible way.
Because some sites have legitimate reasons to connect to localhost, e.g. when they work through an additional demon installed there.
Perhaps an explicit permission in browsers for localhost / local network addresses (per-site) would make more sense.
One idea I have is to have the browser ask for permission from the user, and just return null, undefined or some other way of representing the lack of data if the user doesn’t allow it.