New
#10
From the article, you would need to download a malicious Add-On that would then exploit your already installed add-ons . So not much danger unless you download crap add-ons without reading reviews or otherwise get informed.
Ars Technica calls it "proof of concept," too. These "proof of concept" articles are always amusing...;) Ever notice how the hackers who who develop these "concepts" (and so give the bad guys new ideas) are called "security researchers," while the guys who actually develop the hacks that the "proof of concept" publicizes are called "malicious hackers"? I see little difference between the two groups. They are all hackers.
But anyway, as with most "proof of concepts" it is highly unlikely this kind of thing might ever work well because so many elements have to be precisely aligned--elements over which the hacker has no control. There is no "safe" list, etc., because there exists no threat...;) No one has been exploited by this particular concept and may never be, so atm everything is "safe."
Agree with the second part, but can't with the first.
Of course they (good and bad guys) are both hackers. I see your point, but security researchers are not making direct money with security holes they find. This can be some of the most brilliant scientist in their field. They have to publish papers and have to attend conferences. If they don't ... they loose position.
But security breach that is published is no real threat anymore. Company can fix it. So, there exists both, good and bad guys (hackers).
Of course, just my opinion :)
I think the bad and good hackers are interchangeable really.
Plenty of black hats get employed by system security companies and become white hats. I must also assume that white hats could also change their colour to black for reasons only known to themselves.
For now I'm continuing to use Firefox as my main browser until some concrete evidence comes out about extensions.