Can a website access my local network/learn about the existence of other devices without installing malware? (lemmy.ml)

submitted 2 months ago by GolfNovemberUniform@lemmy.ml to c/privacy@lemmy.ml

30 comments fedilink hide all child comments

Basically title. Recently I saw a new option in Chromium website permission settings called "allow access to local network" or something like that and I know some antiviruses on Windows that can list all devices connected to the same WiFi network. I'm usually using Firefox based browsers that obviously don't have the option to disable or enable that access. So can some really invasive websites mine data about my local network, connected devices etc? And if so, what can I do to prevent it except for just disconnecting everything else when visiting such websites?

you are viewing a single comment's thread
view the rest of the comments

[-] makingStuffForFun@lemmy.ml 32 points 2 months ago* (last edited 2 months ago)

There is a Firefox extension that blocks port scanning from websites, and the prime example is eBay. If you block eBay with this extension, you cannot log in. eBay specifically requires a port scan of your machine or it won't let you log in. So based on just that alone, I would say that yes, there is a risk.

[-] ironsoap@lemmy.one 24 points 2 months ago

What in the world are they digging for?

[-] GolfNovemberUniform@lemmy.ml 16 points 2 months ago

Anything that can help advertisers. In this case they can get data about your wealth and also assume that the nearby devices belong to the same person or family. That's some very useful data for unethical advertisers.

[-] AtHeartEngineer@lemmy.world 10 points 2 months ago

Interesting, I didn't know about that. Bleeping computer has a good write up on it (I'm assuming they broke the story) https://www.bleepingcomputer.com/news/security/ebay-port-scans-visitors-computers-for-remote-access-programs/

[-] ArcaneSlime@lemmy.dbzer0.com 9 points 2 months ago

According to Nullsweep, who first reported on the port scans, they do not occur when browsing the site with Linux.

HA!

[-] sunzu@kbin.run 2 points 2 months ago* (last edited 2 months ago)

Is this related to how Linux does permissions?

[-] nickwitha_k@lemmy.sdf.org 4 points 2 months ago

Probably useragent check. They likely suspected that they'd get caught quicker if they scanned Linux users.

[-] GolfNovemberUniform@lemmy.ml 1 points 2 months ago

Hmm ok thanks for the information. I'll look into that.

this post was submitted on 18 Jul 2024

42 points (97.7% liked)

Privacy

31514 readers

380 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS