geor9e 8 days ago

A tetris PDF could be in a 1 pixel iframe right on this page and you'd never know it. So it doesn't require any user action to download one.

1
sexy_seedbox 8 days ago

That's why you run NoScript along side with UBO

2 replies
geor9e 8 days ago

I'm pretty sure noscript will break 90% of the webpages I visit. I just rawdog the internet. If Chrome gets 0day'd then a lot of us are going down - at least I'll have company.

1 reply
throwaway2037 8 days ago 

    > If Chrome gets 0day'd then a lot of us are going down
If anything, Google would have the correct incentive to protect itself from a zero-day exploit. I guess they could release a patched version internally only, but I doubt it. I do think they want the image of Chrome to be relatively positive and giant security hole (patched slowed) would do them no favours.

grgergo 6 days ago

This PDF still runs with JS disabled in both of those, and in Firefox about:config...