316
Brave appears to install VPN Services without user consent
(www.ghacks.net)
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
You still need to manually enable the service. The configuration of the service has zero effect on its activation or lifecycle.
Huh? Any script can create a service, enable it and then start it. What would make you think the brave package (or just the application itself) can't do this?
Not possible to start or enable a created service without user intervention. You don't know what you are talking about.
OK.. challenge accepted. Maybe you don't know about systemd user services.
Content of
mytrojan.sh
:Content of
myscript.sh
:Now run the script (
mytrojan.sh
) and check service status after that:You failed. This requires the user to run a script aka manual intervention.
Now imagine that the script is set to run as part of the brave installation - you type "yes" please download brave, brave installs brave and runs this script. Linux isn't immune to malware as you seem to think.
You would need the power of root to do all these aforementioned things (run a VPN service).
And am not saying that Linux is immune to malware, just that it's not out of the norm to have package managers install services crucial for operation during installation. Since Windows doesn't have package managers, I'm gonna replace package managers with packages in this reasoning.
I thought that you only were ignorant, but no, you're more than that!
Maybe am ignorant but at least I understand the questions before I answer them.