Browser Security Threats Discovered
According to the Catholic University of Leuven in Belgium (KU), every modern browser is susceptible to at least one method of bypassing browser security and user privacy. In an article on the subject, Catalin Cimpanu (of BleepingComputer) reported that new (and as yet unexploited) means of bypassing cookie controls are apparently possible. KU researchers reported their findings to the browser developers and posted their results at wholeftopenthecookierjar.eu.
Don’t expect all browser vendors to solve all browser security issues immediately. Indeed, expect many people to howl about how these vulnerabilities were reported. But regardless of the manner in which the news was delivered, every customer must take it upon themselves to implement multiple layers of protection. A comprehensive approach should (at a minimum) include:
- A safe browser,
- Safe add-ons (or extensions) that include cookie and browser element management (e.g., uBlock Origins, NoScript, and uMatrix)
- A means of reducing (and possibly eliminating) Javascript, and
- Effective blocking of “well-known” malware domains.
Bottom Line
Shrek was right. Ogres are like onions – and so is security. Effective security must include multiple layers. Be an ogre; use layers of security