Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Windows 10 might start sharing your web history with other apps

Image Description

Microsoft's Windows 10 might soon be sharing more on your online habits than you might be comfortable with.

An early development release of the Edge web browser spotted online reportedly has a toggle that will allow it to share your browsing data with other Windows 10 services.

While this could very well just be laying the groundwork for extending the sync service that shares browser data across devices, in the absence of a detailed explanation it does seem to have all the makings of a privacy intruding feature.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Privacy intrusion

The setting labelled Share browsing data with other Windows features is accessible from under the Settings > Profiles in the Edge browser in the Canary stream.

“When turned on, Microsoft Edge will connect local browsing data from this profile with the rest of Windows. Turning this feature on will help you find information from your history, favorites, top sites, and recent tabs more easily using features such as the Windows Search box,” reads the description of the new setting.

At first glance, the setting does seem to be a convenience feature that will allow users to return to their favourite websites, directly from the desktop. However, Windows Search box is only used as an example of the services that will have access to your Edge browser data. 

Other Windows 10 features such as Cortana involve ferrying information to Microsoft servers, which could rile up privacy advocates no end. Similarly, it isn’t clear if the feature allows Microsoft to display targeted advertisements directly on the desktop of the users, which could be annoying and embarrassing in the least, to outright dangerous if exploited by unscrupulous advertisers to deliver potentially unwanted programs (PUPs).

From the screenshots it isn’t clear whether the setting will be enabled by default or not. The absence of a data retention policy and how it will work across multiple devices raises further concerns.

Via: Techdows

Date

22 Mar 2021

Sources


Share


Other Blog

  • Massive Bitcoin selling spree causes cryptocurrency traffic jam

    The price of Bitcoin fell through the floor over the weekend, with many investors attempting to abandon ship.

    Read More
  • Major security issues found in top Linux program for embedded devices

    Cybersecurity researchers have discovered 14 critical vulnerabilities in BusyBox, marketed as the Swiss Army Knife of embedded Linux.

    BusyBox is one of the most widely used Linux software suites, and many of the world’s leading operational technology (OT) and Internet of Things (IoT) devices run BusyBox.

    Some of the threats could have resulted in denial of service (DoS) attacks in exploited, and in rarer cases, could also lead to information leaks and possibly remote code execution.

    TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    >> Click here to start the survey in a new window

    “These new vulnerabilities that we've disclosed only manifest in specific cases, but could be extremely problematic when exploitable. The proliferation of BusyBox makes this an issue that needs to be addressed by security teams,” the team noted.

    Assessing the damage

    To assess the threat level posed by these vulnerabilities, the researchers inspected JFrog's database of more than 10,000 publicly-available embedded firmware images.

    Their experiment revealed that 40% of the images contained a BusyBox executable file that was linked with one of the affected applets, leading them to conclude that the vulnerabilities are extremely widespread among Linux-based embedded firmware.

    That said, the researchers shared several reasons that lead them to believe that the discovered vulnerabilities would likely not pose a critical security threat.

    For starters, the researchers say that even though the DoS vulnerabilities are trivial to exploit, their impact can usually be mitigated by the fact that the affected applets almost always run as a separate forked process.

    Similarly, the use-after-free vulnerabilities may be exploitable for remote code execution, but the researchers didn’t not attempt to create a weaponized exploit for them. Finally, the information leak vulnerability is nontrivial to exploit. 

    The researchers note that all 14 vulnerabilities have been fixed in BusyBox 1.34.0 as they urge companies to upgrade their BusyBox deployments, or at least ensure that they aren’t using any of the affected applets.

    Prevent information leaks with the help of one of these best firewall apps and services, and ensure your computers are running these best endpoint protection tools to add another layer of defense against cyber-attacks.

    Read More
  • Google's 'Search On' event will focus on AI

    Google is holding a "Search On" virtual event on October 15, and the spotlight will be on the latest improvements to Google Search and harnessing the power of AI.

    Read More
  • World of Warcraft: Shadowlands heralds a more LGBTQ+-inclusive future for the game

    World of Warcraft Shadowlands, along with the tie-in media leading up to its launch, is going to start working in a lot more LGBTQ+-friendly elements, and Blizzard is just getting started.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us