Starting in version 1.54, [the browser] Brave will automatically block website port scanning, a practice that a surprisingly large number of sites were found engaging in a few years ago. According to this list compiled in 2021 by a researcher who goes by the handle G666g1e, 744 websites scanned visitors’ ports, most or all without providing notice or seeking permission in advance. eBay, Chick-fil-A, Best Buy, Kroger, and Macy’s were among the offending websites.
this raises my antennae way up but i have to admit, although being probed makes my skin crawl, i don’t actually understand what bad actors can do. it seems bad but that could be fud.
more distressing is the wall of shame; if even slightly true, this is hideous. typing just obvious things i know from just one screenful of a 700±line document: state farm, lending tree, citibank, glassdoor, iberia. for some reason financial firms are heavily represented here.
anyone have any knowledge in this domain? and if it’s an actual problem, what’s the best way to put a ring around it? the actor is inside your browser, so the usual firewall tricks don’t apply.
In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.
This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.
You can subscribe to this community from any Kbin or Lemmy instance:
Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!
Want to get involved? The website is open-source on GitHub, and your help would be appreciated!
This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.
Moderation Rules:
Additional Resources:
My guess is fraud detection - detecting when an account is being accessed from the machine of a customer that a phone scammer talked into installing remote access software. It’s of course not 100% but can be used to e.g. increase a risk score.
Unusual transaction + no other risk factors? Allow. Unusual transaction + other risk factors? Block or require 2FA or similar.
Ah that would make sense, thank you