New browser extension checks leaks

Firefox and Google Chrome extension checks for hacked accounts

 

Firefox released a browser extension in November 2018 which connects to the HaveIBeenPwned.com site to check if the site you are on has been involved in a breach of username and passwords. If you have never seen an alert of this sort then it will notify you of any site that has been breached in the previous twelve months and then it will only alert you to sites that have been breached in the last two months. This is to not over burden you, the user, with too many alerts and to not be unfair to sites that take and have made provisions to protect user data since a breach.

Google has now released its own extension for Chrome that actually goes a bit further. Using their own copy of the database of breached username (email addresses) and passwords, they will check every time you enter a username and password to see if the combination has been seen in a breach at all and inform the user if it is found.

Both companies are trying to inform users and not overburden them with warnings. The biggest issue is that people re-use passwords over and over again on different sites. Hackers are now taking these lists of usernames and passwords and trying them on other sites to try to gain access to user accounts. You can of course go to the Have I Been Pwned site yourself and check to see if your username or password exists there but we would recommend that everyone get a secure password manager, such as ConnectID, our own password manager which comes free with all our Cloud accounts. It will keep your usernames and passwords stored away and even log you straight in to the site when you arrive so you don’t have to remember your usernames and passwords, which means that you can use more complex passwords and keep your data and account safer.

Stay Safe

CritchCorp Computers Ltd

Microsoft Edge moves to Chromium

Microsoft is giving up and changing their Edge browser over to the Chromium base. This means that in the new year Edge will be completely redone based on the Chromium project, which many browsers are; most notably Google Chrome. There has always been a choice of Chrome, Firefox, Microsoft Internet Explorer and then Edge, Opera and a few others. Most of the others have already converted over to the Chromium project base, including Opera, so Microsoft is not alone in this move. Going forward it will have the same code base as Google Chrome and many others reducing the real number of options.

What does that mean?

Well, to the average person, probably not a lot, it in fact might be a good thing as you will be able to get many of the add-ons that work in Chrome on the Microsoft Edge browser and there will be many more possibilities for themes. To large corporate businesses it may be a pain as they have only just got many of the group policies for Edge that they have needed.

Internet Explorer was a fairly good and certainly well-established browser due to it being built-in to the operating system, which is why it is still there as it is part of Windows. It was made this way to avoid problems with competition laws. “Sorry your honour we can’t remove it because it is an integral piece of Windows” was their response to the European Court of Law in the early 2000s. That’s why we then had a pop up after installing Windows to show you that there were alternate browsers that could be downloaded.

The good thing about IE is that it could be configured to be secure, it was just a little, difficult for the average user but it could be done using group policy, keeping everyone in an organisation safe.

Edge, the replacement for Internet Explorer has never managed to gain the foothold that IE did. Google Chrome and Firefox are far bigger now. That is one reason why they are moving to the Chromium base for Edge. This move does have pros and cons. It means that it will have the sane code base as Google Chrome and so many of the features that are available in Chrome will be available in the new Edge (if they keep the name), that also means that Microsoft will have to start again with the Group Policies, needed for corporate administrators to be able to lock it down as they require.

If they do manage to claw back some of the market share then the other issues is that any bugs or exploits found in the code base will be present in Chrome and Edge, this gives a wider attack surface to exploit from a single flaw.

In any case time will tell and I personally am sure it will be an improvement over the current Edge browser

Keep Safe

CritchCorp Computers Ltd