The browser sees all the logins we make, with websites, usernames, and passwords in plain text. How do we know it isn’t remembering them and sending them back to the mother ship?
It’s possible someone would inspect the code of open source browsers and make a noise if they found something, but even then most people don’t build from source, so there’s no need for the source to be the same as the downloaded app.
2FA makes it less of a problem, but there are still plenty of juicy pickings for the evil browser.
In: Technology
This is actually a pretty good question. Bottom line is, you can’t. Most browsers are closed source, so you can’t “know”. But there are security researchers who are always watching what software and how it communicates looking for unexpected behavior. There’s also the risk to the company. If one instance were confirmed of the software doing something like that, it could totally ruin the whole company.
Latest Answers