ファイルごと...うーんファイルは実行コードでシードフレーズは本物のメタマスクの拡張機能専用のストレージ領域にあり「通常では」偽装アプリからはアクセスできないはず。パスワードが攻撃者に送信されてもシードフレーズは手に入らないし。記事以外に攻撃手法の本題がある気がしているんですがそのファイルの抜き取り方にあるかもしれませんね🤔
これ今の仮説なら私のブラウザなら防げるはずなんですが攻撃手法の核心が見えていなくて気になりまくりです笑(けっきょくダメかも)
コメント欄の質問誰かわかりますか?めっちゃ知りたい
I think backup&restore is important. What operation does it assume when we changes mobilephone?
読んだら米国と欧州は自滅して日本が強いられる選択とは何か教えてください👍(おめでとうございます)
Will change version format. Keeping as firefox as possible.
All right. looking forward it :)
Oh lmao I forgot we need to build for Chrome and Firefox independently, issue added!
https://github.com/FROSTR-ORG/frost2x/issues/7 nostr:note1xqz794ah4q0v9x83jwf26nqrauufwywh2pduhngpp6ufnpw6vq7s6z0xhu
Yeah, firefox has surely compatibility with chrome extension, but "nos2x" doesn't it😥 Thanks!
Unfortunately, not support chrome extensions, so maybe I'll just have to port Frost2x?
TURN YOUR NSEC INTO A ROTATABLE MULTISIG WITH FROSTR
This is a demo of our first two signing clients Frost2x & Igloo converting an nsec into a Frostr keyset and signing a note in nostrudel
FROSTR IS STILL UNDER DEVELOPMENT, ALL CODE IS OPEN SOURCE, PLEASE POKE HOLES IN IT AND BE ADVERSARIAL https://frostr.org
very cool! Does it work even this browser? :)
https://github.com/Browser-for-SSI/gecko-dev-pkg-distributor/releases/tag/v0.5.1mvp-128.7.0esr
My principle around self sovereignty implementation(currently)
- Privacy is SELECTABLE by owners free will
- Security is DETERMINISTIC by systemic design
And it also adds the freedom to take responsibility for your own UX.
Turning reporting settings off by default is one thing, but making it unchangeable is a security consideration, or a violation of selective disclosure? The choice of "No guard" to webapps belongs to security matter or freedom by self responsibility?
The boundaries are very blurry and fluid.
However, without a "mold" we can't discuss it, so let's start by producing it at first😉
v0.5.1 has KAIZENed continuously🔧🏗️
Download
https://github.com/Browser-for-SSI/gecko-dev-pkg-distributor/releases/tag/v0.5.1mvp-128.7.0esr
Disclaimer
- This is an experimental packages for developer preview, so keys should be disposable and the clean install is recommended.
- If using Windows OS, please uninstall "Mozilla Developer Preview" from "Settings > Apps > Apps & features".
- To completely uninstall, please search and delete a file "ssi-store.json".
ま、私のは正規リリースしていないので笑
ちなみにシークレットウィンドウの動作はデフォルトで無効にされるというだけで個別にONにしていくことはたいていできるはずですー
