Posted on

Stop using Chrome, Install Brave Browser! Wikipedia Co-founder Tells You Why

Larry Sanger

User privacy and the risks associated with data leaks should be a priority for today’s globalized society, and Larry Sander, co-founder of Wikipedia, is fully aware of this. In early 2019, Sanders said his new year’s resolution was to protect his cyber-life “(along with getting into shape, of course).”

Sanger explains that security threats from criminals (such as ISIS) and tech giants (such as Facebook and the Cambridge Analytica scandal) are becoming more frequent. However, the second reason that made him opted for “locking his cyber life” is the manipulation of the content that “Silicon Valley behemoths” exert on what users consume in the end:

“The Silicon Valley behemoths have decided to move beyond mere moderation for objectively abusive behavior and shutting down (really obvious) terrorist organizations, to start engaging in viewpoint censorship of conservatives and libertarians. As a free speech libertarian who has lived online for much of my life since 1994, these developments are deeply concerning. The culprits include the so-called FAANG companies (Facebook, Apple, Amazon, Netflix, Google), but to that list we must add YouTube, Twitter, and Microsoft.”

To fight this problem, he devised a “plan” which he updated on March 17 and shared on his personal blog, He explained each of the steps he hopes to take during 2019 to have a safer life:

Goodbye Chrome… Hello Brave Browser

The first step of his “plan” (avoid using Google Chrome) has already been completed. He explains that Brave Browser has had a favorable evolution and that now not only is easier to use but it represents a much better option than Google Chrome:

Stop using Chrome. (Done.) Google collects massive amounts of information from us via their browser. The good news is that you don’t have to use it, if you’re among the 62% of people who do … I’ve switched to Eich’s newer, privacy-focused browser, Brave. I’ve had a much better experience using it lately than I had when I first tried it a year or two ago and when it was still on the bleeding edge.

Brave: The team behind Brave Browser and Basic Attention Token (BAT)

Good News For The Privacy Freaks!

Another of Sanger’s steps was subscribing to a VPN service. In this way, the possibility of IP tracking and information manipulation is avoided. However, for those who do not want to spend money on this service, or configure a VPN in more complex cases, Brave Browser can be of great help:

VPNs solve those problems by making your connection to the Internet anonymous. The big problem with VPNs, and the reason I probably won’t do this, is that they slow down your Internet connection … A nice fallback is the built-in private windows in Brave that are run on the Tor network, which operates on a similar principle to VPNs

Basic Attention Token (BAT) Makes it Possible To Get Paid While Surfing The Web

Mr. Sander explains that in addition to being privacy oriented (which is Sander’s primary motivation) Brave offers the option of paying users for consuming content. The BAT token is the browser’s native cryptocurrency and aims to change the way content distribution industry works, providing a more favorable and comfortable alternative for users and providers:

It also pays you in crypto for using it… There’s absolutely no need to use Chrome for anything but testing, and that’s only if you’re in Web development. By the way, the Brave iOS app is really nice, too.

Brave Browser has been considered one of the safest web browsers available. Basic Attention Token (BAT) is ranked 30th in the global marketcap with a total capitalization of $237,320,762 according to data provided by Coinpricewatch.

Courtesy: Coinpricewatch

The post Stop using Chrome, Install Brave Browser! Wikipedia Co-founder Tells You Why appeared first on Ethereum World News.

Posted on

Google Yanked MetaMask From the Chrome Store, Left a Phishing Scam Up

It was “an interesting wake-up call.”

That was how Kevin Serrano, an employee at ethereum startup and incubator ConsenSys, described the revelation that MetaMask had been removed from Google Chrome’s web store in a recently published blog post.

MetaMask, a Consensys “spoke,” is an ethereum wallet that also serves as a bridge between web browsers and the ethereum blockchain. A little after 10:00 a.m. EDT Wednesday morning, the MetaMask team announced on Twitter that the extension had been removed from the Chrome store.

The team received no explanation for Google’s action, according to Serrano, or even notification that it had happened – though he added that it’s possible the email bounced. The extension was restored to the web store around five hours later. According to Serrano, Google explained that delisting MetaMask had been an “error.”

And in this way, Serrano said it became clear:

“For a product that enables decentralized technology, [MetaMask] has centralized points of failure.”

It’s an issue blockchain entrepreneurs have grappled with since the industry first started testing its ideas.

One of the fundamental merits of blockchains and the decentralized applications built on top of them is that no single party can take down or censor them. Yet, this theoretical quality is frequently rendered moot, however, where blockchain networks meet the legacy web or financial system.

Centralized exchanges, where fiat currency is converted into cryptocurrencies, are the most commonly cited example of where censorship-resistance and decentralization fail in practice.

But this incident has highlighted another such choke point: app stores.

Making the app available to users, Serrano continued, requires “placing our trust in browsers, GitHub and the people deploying in order to keep the system working.”

Phishing frenzy

It’s not only the trust required to keep the extension open to the most users (sufficiently technically savvy users could have still downloaded it on Chrome), but also the fact that the action opened up opportunities for scammers – an endemic problem in the cryptocurrency space.

With MetaMask proper removed, Serrano wrote, “What was left when one searched the term ‘MetaMask’ on the store was a few re-branded MetaMask forks and one ambiguously branded lookalike.”

Indeed, the situation presented the risk of phishing, in which attackers trick would-be users into downloading fake files that contain malware.

At one point Augur, another ethereum project, tweeted a warning not to download an extension called “MetaMask by,” which was available in the Chrome store (it has since been removed). The app “is a fake, phishing app,” the Augur team wrote, attaching an image:

metamask phishing chrome

Serrano told CoinDesk in an email that attempts to steal from users were also present on Telegram, a messaging platform popular with cryptocurrency enthusiasts, where attackers were “posing as an alternative support desk.” It appears that some users were affected by this scam, he said, as well as an unrelated one on the Google Play Store, which lists apps for Google’s Android operating system.

A Google spokesperson declined to comment on these phishing attempts.

While MetaMask continued to work on other browsers – Brave, Opera and Firefox – and those who had already downloaded the Chrome version were still able to use it, the team is looking into more decentralized alternatives such as IPFS, Serrano said.

The team also published a guide to installing the extension manually.

Fish hooks image via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Posted on

MetaMask Google Extension Suddenly Gets Dropped From The Chrome Store

As per a tweet from the official MetaMask team, its popular Ethereum interfacing application was suddenly removed from the Google Chrome web store.

For the uninitiated, MetaMask is an innovative plugin that allows its users to run and interact with Ethereum decentralized applications (DApps), requiring nothing but your browser and an internet connection. Many DApps and Ethereum-based consumer platforms or games utilize MetaMask as the main interface. For example, a decentralized exchange like IDEX allows you to sign in using your MetaMask account, utilizing the extension for ease-of-use in exchange transactions.

The extension can also be used as a secure wallet, allowing users to manage multiple “identities” (wallets) through its easy-to-use system.

The team behind the piece of software put it best when they stated:

Our mission is to make Ethereum as easy to use for as many people as possible.

However, as aforementioned, it was revealed that the application had been delisted from the Chrome web store, with the MetaMask team noting that they weren’t too sure why this had occurred. Issuing a PSA on the matter, the MetaMask team wrote:

PSA: MetaMask has been delisted from the Chrome Web Store. We are unsure of why this is the case and we will update everyone as we get more information. All other browsers are unaffected.

According to a tweet following the PSA, those who have the extension installed should not be affected by the Chrome delisting, with this change only affecting users who are or were looking to download MetaMask.

However, the team made it clear that they are trying to resolve this issue, most likely working with their in-house and Google Chrome developers to restore the plugin to the web store of the largest web browser in the world.

It is also important to note that the MetaMask extension is still available for users of the Firefox, Opera, and the crypto-centric Brave browsers.

MetaMask Removal Met With Confusion And Outrage

Due to the fact that this extension is used by thousands, if not tens of thousands of users, the announcement was quickly met with confusion and outrage aimed at Google Chrome.

One Twitter user said “It is time for revolution,” garnering a lot of community support in the form of tweet likes. This level of support indicates that many see this move as a hand-picked move taken against a cryptocurrency-related piece of software in a bid to beat down the crypto industry.

While another user, while not being as cynical as the other user, believed that this was an automated process that banned MetaMask due to keywords that affiliate it with crypto mining add-ons, which are banned by the Chrome web store.

For now, Chrome users looking to download MetaMask will need to stick to an alternative method proposed by the startup, requiring users to undertake some technical steps to add the extension to their browser.


Posted on

MyEtherWallet Gets Hit By CyberAttack From Google Chrome Store Hackers

MyEtherWallet (MEW), one of the most well-known services for managing Ether wallets, recently took to social media to relay an urgent message about a potential cyber attack. According to the Tweet, the Hola VPN extension was in a hacked state for five hours, allowing for the hackers to monitor the activity of some MyEtherWallet users through the extension.

Ironically enough, the VPN service meant to secure your online experience has slipped up again, with this most recent situation being Hola’s second case of bad press.

The wallet service advised that MEW users who had the Hola extension installed should immediately move their funds to a secure wallet, ensuring that the risk of attack is mitigated.

Unlike many other traditional third-party wallets, MEW takes a ‘you are your own bank’ approach, encouraging its users to take control over their own private keys. Although the MEW service has been lauded for the decentralized aspects it offers, the private key system increases the risk of fund loss/mismanagement on a user-to-user basis.

Hola VPN, a free virtual private network (VPN) service with almost 50 million users, later released a report, giving their take on the situation. The blog stated:

Yesterday our deployment team discovered that the Hola Chrome extension which was live for a few hours was not the one that our development team uploaded to the Chrome Store. After initial investigation, we found that our Google Chrome Store account was compromised, and that a hacker uploaded a modified version of the extension to the store.

The post went on to say that the version has since been taken down, and the Chrome Store account has been resecured. After ensuring that the fraudulent version was taken down, the Hola team set out to investigate the intent of the out of the blue attack.

After a few hours of investigative efforts, Hola determined that MEW users were the specific target for this attack. The cyber attack consisted of injected lines of JavaScript that allowed for the hackers to phish MEW account information, by re-directing MEW users to the hacker’s clone website.

Once figuring out the intent of the attack, Hola quickly contacted MEW and Google, making sure that the phishing website was unavailable to access.

The wallet’s team told TechCrunch that the attack seemed to originate from “Russian-based IP addresses.”

The most recent attack had some users think back to a similar situation which happened in April. Earlier this year, hackers hijacked “a couple of Domain Name System registration servers” that were linked to MEW, re-directing users to a phishing site. With this attack, the hacker was able to transfer over 215 Ethereum from unsuspecting users to his/her account.

It is still unclear how many users fell victim to the most recent attack, but one Reddit user noted that he/she lost 6000 VEN, worth around $12,000 at the time of press. MEW reaffirmed their commitment to the security and safety of its users, noting:

The safety and security of MEW users is our priority. We’d like to remind our users that we do not hold their personal data, including passwords so they can be assured that the hackers would not get their hands on that information if they have not interacted with the Hola chrome extension in the past day.


Posted on

Google Bans Crypto Mining Browser Extensions from Chrome

Google has banned cryptocurrency mining browser extensions from the Chrome store.

The U.S. tech giant announced its decision on Monday, and said that in July it will start removing existing browser extensions that facilitate mining. Other blockchain-related extensions are still allowed.

Google previously permitted Chrome mining extensions as long as they were solely dedicated to mining and explicitly informed users of their purpose. But that policy wasn’t enough to deter or keep out noncompliant add-ons.

Forum posts from The Chromium Projects – an open-source initiative started by Google to furnish source code for Chrome – show that developers have been concerned about mining extensions since last autumn.

According to Wired, Google decided to implement Monday’s ban because the majority of mining extensions submitted to the Chrome Web Store failed to comply with its sole-usage policy.

“The key to maintaining a healthy extensions ecosystem is to keep the platform open and flexible,” James Wagner, Google’s extensions platform product manager told Wired. “This empowers our developers to build creative and innovative customizations for Chrome browser users.” He explained further:

“This is why we chose to defer banning extensions with cryptomining scripts until it became clear that the vast majority of mining extensions submitted for review failed to comply with our single purpose policy or were malicious.”

The mining extension ban comes less than a month after Google announced its plans to ban cryptocurrency-related advertisements.

Clandestine cryptocurrency mining has become increasingly common in recent months, with governments and major companies alike suffering from attacks.

In February, for example, electric vehicle maker Tesla’s cloud was compromised by mining malware. U.K. government websites were also exploited by mining malware around the same time.

In January, cybersecurity firm TrendMicro discovered that Google itself was a victim, and that its DoubleClick Ads were used to distribute crypto mining malware.

Google Chrome app image via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.