F secure/Ziggo safe online Browser extension can read passwords
Answers
-
Hello,
Sorry for my reply. I'm only an F-Secure user (their home solutions).
Just my own understanding:
When I'm installing the browser protection it says it can read webpage content like passwords. Obviously I don't want my passwords to be stored in any server, does Fsecure/Ziggo safe online (which is by fSecure) store passwords you fill in on like banking websites etc
Perhaps, not. There is no reason for that, and perhaps technical means.
Also, the browser notification about the extension is more "potential" in nature. I mean, it won't, but it could be. And perhaps not something that reads, saves or stores - but has access. In addition, not directly to passwords, but to content on web pages (where, among other things, there may be sensitive information).
Probably this is a generic notification from browser about any addon that should provide extra functionality. With F-Secure Browsing Protection (?) addon - properly block harmful rated pages and show blockpage instead. To show rating pictures about URLs when you use supported Search Engine. And some more.
Some browsers can be with an ability to tune up settings of extension by limiting access to certain websites / using modes or something like that.
In addition, there is F-Secure SAFE privacy policy: F-Secure SAFE privacy policy | F-Secure (f-secure.com)
Sorry for my English.
Thanks!
-
So you say I don’t have to worry?
Yes, something like that. At least, if you trust F-Secure (Ziggo in your case) as a company, as a software, and accept their Terms / Policy.
One cause for concern (or so) is the "very potential" possibility of compromising their addon (by malicious actors). But this applies to any add-on, any software (including the browser itself) and the system (as their internal infrastructure) - if it is compromised - all the power that was used for the good can be used for something tricky. It should not be as such (or if it happened - it will be fixed as soon as possible, mitigated by something and guided to limit any further risks).
Also, just because browser cannot surely know how the extension will use its capabilities - it informs about even if the addon did not do something dangerous (not designed to do so and not intended to do this).
It just has permission to read the webpage because it has to to provide extra security but it won’t store any of the data like passwords and other webpage content? Is this right?
I think so. Yes.
Moreover, it is likely that the pages as such are not inspected for content analysis by F-Secure Browsing Protection addon (that is, collecting something). Thus, for example, can only be "inadvertent" access to sensitive data; with no use any further. And maybe limited to certain pages were inaccurate design of handling passwords (and so). The main point is to determine whether visited URL is known as malicious (or belongs to restricted category) or not. OR to add security logos to Search engine page; And so on. In principle, to be able to do this, you need the ability to the content of the page and so on (which in itself "as an opportunity" can be undesirable if implemented in a bad way).
But this is only my own understanding and opinion.
In principle, the community is read by the official people of F-Secure. Maybe they can bring more clarity. You can also contact technical support (web chat, for example) for clarifications: https://www.f-secure.com/en/home/support/contact
Thanks!
-
Thanks a lot, I guess as F secure (And Ziggo which just gives me the “Ziggo Safe Online” package which is by Fsecure) is a Cybersecurity company the chances of compromision the addon by anyone is very very small? And as long as Fsecure doens’t store any data nothing can’t be leaked right? And passwords I enter through a encrypted connection can’t be read by the extension I assume? I hope official people can provide me answers so that I don’t have to worry anymore. Thanks a lot!
🚩 What Do You Think?
We’d love your thoughts on our fresh look! Quick survey, big impact!