OK, its no real secret by now that the WWW is a cesspool of stuff. Its not all /r/aww. As an end user, you don’t see the mountain of (typically javascript) that is executed. Or worse, where it comes from, and how it is maintained. So you don’t act as a ‘push back’ mechanism on the web site owners, voting w/ your feed or wallet to avoid sites that put you at risk. And thus the invisible hand is stayed.
But you, yes you, can be part of the solution. And its not hard, it just involves a coloured emoji. Sign me up you say!
Well, for Chrome (I didn’t test but there is a method for Firefox), you can install this extension. Want to do it from source and see what you are getting? Github is your friend!
So what happens is you surf around. Suddenly a site with some vulnerabilities crops up. O noes, people could steal your deets. The icon changes, you snoop the list (see the screenshot). You then pen a magnificent letter to the ‘admin@’ of the site, they see the error of their ways and update their gruntfile or whatever, and boom, that site has been inoculated. The herd immunity starts to kick in. Soon the web is a delightful place (again) full of ‘under construction’ animated gifs and dancing babies.
The example above is a real one, my wiki. Now I know I need to update my bootstrap and jquery.
Brief, but delightful — such as had not staid long with her destiny — the javascript crook sleeps well
Leave a Reply