The browser sees all the logins we make, with websites, usernames, and passwords in plain text. How do we know it isn’t remembering them and sending them back to the mother ship?
It’s possible someone would inspect the code of open source browsers and make a noise if they found something, but even then most people don’t build from source, so there’s no need for the source to be the same as the downloaded app.
2FA makes it less of a problem, but there are still plenty of juicy pickings for the evil browser.
In: Technology
As others have said, you can’t. Taking it a step further, it’s probably safe to assume that all of your password’s have been compromised. The only thing you can trust in is the fact that you aren’t important enough for those who are harvesting the info to use it. If you aren’t rich and famous enough to be blackmailed or doing work important enough that a nation-state would want to steal it, there’s little risk.
Latest Answers