|
|
|
|
|
|
by __MatrixMan__
1578 days ago
|
|
|
You can use CTPH algorithms to fingerprint the function, so you'd need an extension that fingerprints each function before the browser runs it. Or you could man-in-the-middle yourself and patch the malicious code before it gets to your browser. Better still would be to fingerprint the syntax tree, so obfuscators need to change more than just the names of things (Unison does this, Javascript would probably be less friendly). I'd love an app where I could crowd-fund the inevitable game of cat/mouse that would ensue. Like maybe I put $5 in at the beginning of each month and as I browse I curate a list of sites that I'd like tampered with. Better developers than I could then publish patches for the malicious functions, which are applied as I browse. At the end of the month, my $5 gets distributed to the people who fixed the parts of the web that I browsed that month. I'm working on a tool that facilitates collaboration on CTPH-identified blobs of data, but it's more of a `curl shadysite.com | mytool` kind of thing. I'm not sure what would go into integrating it into a browser. |
|
|