Author Topic: What's Avast SafeZone response against XSS attacks?  (Read 3816 times)

0 Members and 1 Guest are viewing this topic.

Hermite15

  • Guest
What's Avast SafeZone response against XSS attacks?
« on: March 05, 2011, 08:36:53 PM »
... just what the title of the thread says, how does the SZ protect the user against Cross Site Scripting attacks? XSS being probably the worse and the most expected form of online attack when login in to a bank account for instance, the SafeZone being expectedly a safe zone, what's the deal, you can't install any extension in the safe zone browser, and anyway the existing script protection extensions for Chrome are poor and don't match NS for Firefox, so again, how safe is the safe zone? thanks.

ps: there use to be an "XSS auditor" feature in the experimental section of Chrome (about:flags), was supposed to send warnings against XSS, and they removed it, so there's nothing now. edit: just found that was enabled by default now.

edit: taking of course into account the fact that disabling javascript completely is no solution, obviously.

edit again: I'm adding that it's not clear at what stage bad code is injected to allow XSS, if it's on the original server that you use to access (online banking etc...), on a web site you've visited before going to your bank website etc... there seem to be several possible scenarios. And really, again, I'm wondering what the SafeZone can do about it...
« Last Edit: March 05, 2011, 11:16:24 PM by Logos »

Hermite15

  • Guest
Re: What's Avast SafeZone response against XSS attacks?
« Reply #1 on: March 05, 2011, 09:02:12 PM »
just to add that of course I've been thinking of the script shield, but first it doesn't work with Chromium, and second I never heard that it had anti-XSS abilities.

Hermite15

  • Guest
Re: What's Avast SafeZone response against XSS attacks?
« Reply #2 on: March 06, 2011, 04:17:04 PM »
anyone?

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: What's Avast SafeZone response against XSS attacks?
« Reply #3 on: March 06, 2011, 05:10:07 PM »
anyone?

The devs have to answer that, but I'm intersted in the answer, as well. ;)
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0