Chrome VPN Extension With 100k Installs Screenshots All Sites Users Visit
(cyberinsider.com)
from IHeartBadCode@fedia.io to technology@lemmy.world on 20 Aug 17:15
https://fedia.io/m/technology@lemmy.world/t/2588624
from IHeartBadCode@fedia.io to technology@lemmy.world on 20 Aug 17:15
https://fedia.io/m/technology@lemmy.world/t/2588624
FreeVPN.One, a verified Chrome extension with over 100k installs on the Chrome Web Store, is taking screenshots of sites users visit.
threaded - newest
Am I the only one that sees this shit and thinks:
We are entering an age of very, very inefficient software, which is like a new layer to enshitification.
Inefficient? That’s downright intrusive and misleading, at best
Fully agree, but also on a macro economic level, we are gonna waste sooo much resources not even for the profit motive, just because they don’t want to make quality software
Bruh, we entered that age like a decade ago. It’s just a lot more commonplace now.
Andy and Bill’s law 2.0, let’s go
That’s spyware, not inefficient
Chrome Vpn = virulent prying nuisance
Chrome = virulent nonsense at this point
When they changed the behavior of the android version to only allow either google password manager or a third party manager (not both, as it was before), they lost my interest completely (and they were already on the cliff’s edge because of the adblocker bullshit).
Exported all of my gpass passwords and switched fully to vaultwarden and Firefox mobile.
The internet is steadily regressing.
With China, UK and afaik US (at least some states) attitude to regulation, a VPN is turning more into a necessity to browse the open internet rather than a tool for people who value privacy though
I’ve been trying to plan a hiking trip and the number of sites, even those without any nsfw or user generated content, that just geoblock the UK because it’s not worth dealing with their government’s shit is impressive
And this is why I am so obnoxious any time someone says “I found this plugin to block fandom wikis” or “I have this plugin to fix youtube embeds”.
Code is only as safe as the people you trust to review it. And no, being open source doesn’t matter in that regard. Yes, it theoretically increases the number of eyes on but how many of those eyes who ACTUALLY look at the code are doing it with every release AND understand how to spot a vulnerability or a… whatever this is.
Same with VPNs. NEVER trust a VPN. And sure as fuck never use a free one for anything remotely sensitive. Understand what your risk of exposure is and that, at the best of times, you are trusting a company to be telling the truth that they aren’t keeping a log of every single thing you nutted to.
And before someone says “That is why I do everything over tor!”: Maybe also understand the concept of digital fingerprints and WHY it is that Google is able to know someone is pregnant even before they are late.
Understand the risks and consequences of every action you take and act accordingly. And understand that there really is no one size fits all solution.
I think ProtonVPN might might be an exception here. They’re pretty trustworthy as far as I know, and have some free servers.
But my go-to is Mullvad, mainly for the flat pricing. I hate how most only have good prices if you buy a full year or so.
proton was the only good free VPN, but apparently the CEO was recently praising trump and shit so that’s obviously caused a lot of users to stop using it and telling others to not use it.
+1 for mullvad
I used Anonine (Sweden based) for 10yrs and never had a single problem visiting any site… I use a VPN 24/7 because I value my privacy and don’t want every fucker tracking my everymove and that includes my ISP.
Recently switched to Proton because streaming from legal sites like iplayer and netflix had become impossible unless it was turned off. Proton actually works with them.
The only exception to this is IMO ones that have been proven in court to keep NO logs, like they claim. The only one I know of that has been tested is PrivateInternetAccess, which is why they’re the only VPN I’ve used for like 10 years.
You mean the court case from almost ten years ago?
Yeah, that sounds safe. I mean, Google is still all about Do No Evil, right?
You think they’ve started lying and keeping logs since then?
Again, how many companies say one thing one quarter and another the next? Let alone a decade later.
I am not saying to go uninstall your PIA stuff right now. I am saying to act with the understanding of what your risks are if they are compromised and how important you would be in the event that they are.
Because companies are not our friends. We may have aligned interests but you have to always operate under the understanding of what capitalism IS and what their interests actually are. And while it is fun to aggressively define yourself by what you consume? To play on a fairly misogynistic “joke”: PIA isn’t gonna fuck you no matter how hard you stan for it.
Wow that’s really something of a reply lol. No one is “stanning” for anything. Who is defining themself by what they consume?
Homie. Your response to “don’t trust companies. Take precautions” is “Well ackshually trust this one” and, upon being reminded that other companies used to have good marketing and even practices, was to double down.
Word it however you want. Either way: Don’t stan for corporations and protect yourself.
If you don’t trust the VPN you use then why do you even use a VPN?
Again - no one is doing any “stanning”. I never said don’t take precautions. One precaution is to thoroughly investigate the VPN company that you choose to use. The entire point of PIA is privacy. If they started lying not only would they get sued beyond belief, but they wouldn’t exist anymore.
Because, again, it is about managing risk.
Pickpockets and muggers are a thing. Depending on how worried you are, you might consider only carrying just enough cash for the day but… good luck functioning on holiday in a foreign land without your phone. So you take precautions. You avoid the giant masses of tourists but you also avoid the super dark alleys. And you always keep a hand on your valuables.
Same thing here. There are plenty of activities where just having a layer of VPN is a great protection (all those linux ISOs, for example…). But I am also aware that were I to do anything where being identified is a serious risk to my safety? I am using alternative methods. And so forth.
So when someone says
And you reply
You are actively giving bad advice and leading to the kind of shit this thread is about. People who didn’t do basic research who thought they were safe and… hopefully are just at a bit higher risk of getting a letter in the mail from the MPAA.
Oh are we just making up quotes now? Fun! Why did you say this?
No one is at risk of turning into a newt, witches aren’t real! You silly billy!
If we stick to just what people actually said though, you’d see that I said that the ones you can trust to not keep logs and as such actually keep you safe from tracking are who you should use.
Malicious VPN is FreeVPN.One
Maybe shouldn’t be trying to save people clicks, but I would have appreciated this in a top comment.
I feel like browser extensions are one of the worst things to have come to the internet in terms of security. People just install them like they’re nothing, assuming they’re safe and secure because they’re on the extension store - not a terrible assumption for the average person, tbf.
Basically every single extension you install is like “hey give me access to everything you type and everything you click on and every site you visit, and I’ll change every instance of the word “Elon” to “fElon” for you. Sound fair?”, and everyone just goes “Hell yeah! Let’s do it!”.
If you really want privacy, use Tor which is free-as-in-speech-and-beer
Look… if you’re the sort of person who still uses chrome and thinks a vpn chrome extension is the bees knees… well… that’s on you.
P.S. Microsoft have the perfect tool for you too… it’s called ‘recall’