>
Can We Break The Cycle? With Guest Joshua Smith
It Is Being Projected That New Cases Of Cancer In The U.S. Will Explode...
Nonprofit Seeks "Default Judgment" After Fani Willis Withholds Public Records...
BREAKING: Trump judge postpones trial date INDEFINITELY
The first reverse microwave in the U.S.: you can have it at home to save energy while cooking
BREAKTHROUGH : Lightsolver Makes Ultrafast Laser Based Computers
$300,000 robotic micro-factories pump out custom-designed homes
$300,000 robotic micro-factories pump out custom-designed homes
Skynet Has Arrived: Google Follows Apple, Activates Worldwide Bluetooth LE Mesh Network
The Car Fueled Entirely by the Sun Takes Huge Step Towards Production
A new wave of wearable devices will collect a mountain on information on us...
Star Trek's Holodeck becomes reality thanks to ChatGPT and video game technology
Blazing bits transmitted 4.5 million times faster than broadband
Today's web browsers are much more powerful than earlier generations of browsers. They're able to manipulate data within both the browser and the computer's local file system. Users can send and receive email, listen to music or watch a movie within a browser with the click of a button.
Unfortunately, these capabilities also mean that hackers can find clever ways to abuse the browsers to trick you into letting ransomware lock up your files when you think that you're simply doing your usual tasks online.
I'm a computer scientist who studies cybersecurity. My colleagues and I have shown how hackers can gain access to your computer's files via the File System Access Application Programming Interface (API), which enables web applications in modern browsers to interact with the users' local file systems.
The threat applies to Google's Chrome and Microsoft's Edge browsers but not Apple's Safari or Mozilla's Firefox. Chrome accounts for 65% of browsers used, and Edge accounts for 5%. To the best of my knowledge, there have been no reports of hackers using this method so far.
My colleagues, who include a Google security researcher, and I have communicated with the developers responsible for the File System Access API, and they have expressed support for our work and interest in our approaches to defending against this kind of attack. We also filed a security report to Microsoft but have not heard from them.
Double-edged sword
Today's browsers are almost operating systems unto themselves. They can run software programs and encrypt files. These capabilities, combined with the browser's access to the host computer's files – including ones in the cloud, shared folders and external drives – via the File System Access API creates a new opportunity for ransomware.