Oh my God, they killed HPKP!

This week Google went ahead and removed support for HTTP Public Key Pinning (HPKP) from Chromium after some initial stumbles. The change was committed and tagged for Chromium 72.0.x and can now be observed by users of Chrome Canary.

Continue reading

Fake Chrome apps published with Google as the developer name

I’m pretty much done with getting annoyed by all the spam and fake applications populating the Chrome Web Store. But still, once in a while you come across something special that is just too good to pass up.

Continue reading

Chrome Web Store – Your new one stop shop for malware and spam

While installing some apps and extensions from the Chrome web store I noticed that there were a few well known products delivered by developers totally unknown to me (and Google search). LastPass, AVG AntiVirus, Snapchat, Viber and others were available sporting their trademark name and logo, but from publishers without any affiliation with the actual brand.

Continue reading