I’ve never seen any website cause a firewall permission request
Word of caution, if you have been browsing successfully until now, it could be a malicious javascript app or malware loaded from that website that is attempting to scan your network or do other things. In other words if this is a new firewall request above and beyond the standard one librewolf needs to function, proceed with cation.
Could you also proceed with anion?
+/-
In theory, that shouldn’t even be possible with JavaScript. There’s such a thing as same-origin policy for that exact reason…
Have you really never heard of malware from JavaScript? Buffer overflows and sandbox escapes are almost all JavaScript, still, hasn’t changed in the last decade. Sometimes it’s a random font parser library or something, but almost always it’s JavaScript. And now that browsers are auto-updating and they have fully staffed security teams behind them that get word of a vulnerability being secretly exploited before the general public, most people don’t get hit just because they browsed to a random website. But it’s still possible, and especially likely that a shady torrent site could be hosting malware or get ““hacked””.
Malicious javascript seeks to bypass security controls. It’s one of the reasons NoScript is a thing. It could be a malware loaded from an ad. Biggest reason for adblockers imo.
Check out this link for learning about this stuff.
https://heimdalsecurity.com/blog/javascript-malware-explained/
I’ve read that article. It is complete garbage and doesn’t explain anything at all. It’s just standard cookie cutter fear mongering to sell some random antivirus software.
That article is for lay-persons and really an awareness article I surmise. If you’re technical you are likely already aware of the security concerns with jacascript.
That’s what I’m thinking, it happened when i tried to load their streaming player for the first time which historically have pop unders on streaming websites
This isn’t a website asking for permission. It’s the browser exe itself.
This seems like the bare minimum permissions for a web browser.
Windows asks for this permission when a program needs to accept unsolicited incoming network requests. Not something a browser normally requires.
Unless you’re doing a P2P video/voice call.
Too bad this windows firewall dialog is really sparse on details. We really have no way have telling whether that is normal permissions or not.
Ive never gotten this request before though and ive been browsing for a while. I didn’t accept it and the browser continues working fine. Doesnt seem standard
when my browser asks me for a firewall pass and i haven’t directly and intentionally prompted that to happen i click “no”
Do the dev tools show anything interesting? Networking calls, etc?
Im not really knowledgeable enough to be able to spot whats interesting.
Although something strange about it is if I try to stream something on ext.to with Inspect Element open it automatically closes the stream player and refreshes the page every time. So its impossible to view the networking tab and see what the player causes to show up
deleted by creator
Seems as safe as mostly any public torrent site to me. Use ublock and it should be fine, provided you aren’t downloading and running a random .exe labelled as Avatar 3 or something