You are viewing a single comment's thread from:
RE: DOGE Reddit TipBots Creator Stole Funds from Users (impossible to happen on STEEMit!)
Well, Steemit Inc could in theory start stealing people's private keys with javascript.
You could have a browser extension which automatically checks for code changes, but I don't think anyone is using such a thing right now.
Yeah not sure how to prevent that or how thats exploitable. Maybe something that INC or other good coders here should address
It's perfectly preventable, there are browser extensions which protect against the same thing for other websites involving client side privacy/encryption. But people have to actually use the extension..
In the early years at least, the biggest protection are savings accounts and Steem Power, so that you don't lose everything instantly ust because you were hacked. The account recovery process can help with it too as long as the sponsorship of signups becomes more decentralized as well.
And of course while Steemit Inc holds a bunch of Steem Power, they'd only be destroying their own wealth by doing something like that. But it could be done by a rogue employee.
If you have em handy please share - ill get into this and i msure other users will benefit too. Maybe even make a post about it for awareness
The extensions I'm thinking of are custom made for the specific websites. I don't think it's a serious concern for now.
Gotcha, ill test this though for some fun https://chrome.google.com/webstore/detail/scriptblock/hcdjknjpbnhdoabbngpmfekaecnpajba?hl=en