Comment by geor9e
9 days ago
A tetris PDF could be in a 1 pixel iframe right on this page and you'd never know it. So it doesn't require any user action to download one.
9 days ago
A tetris PDF could be in a 1 pixel iframe right on this page and you'd never know it. So it doesn't require any user action to download one.
That's why you run NoScript along side with UBO
I'm pretty sure noscript will break 90% of the webpages I visit. I just rawdog the internet. If Chrome gets 0day'd then a lot of us are going down - at least I'll have company.
If anything, Google would have the correct incentive to protect itself from a zero-day exploit. I guess they could release a patched version internally only, but I doubt it. I do think they want the image of Chrome to be relatively positive and giant security hole (patched slowed) would do them no favours.
This PDF still runs with JS disabled in both of those, and in Firefox about:config...