single message about this few months ago... can somebody explain? so someone is taking over the wallet...right? and it works by transfering user rights? can it be that user doenst even know about it? he just clicks on an add and boom?
No, it's a transaction that requires confirmation in wallet (like any transaction). But it's a different matter that user may confirm it without understanding what was confirmed.
thats what i am thinking... but isnt there an option to turn this asking off? or that only possible, when marked as trusted site? i can remember that it was possible to turn the dialog window off...but was a while ago... then scamming would be damn easy....
Don't remember for sure, there might have been auto-sign option(s), but if user uses them, it's their choice, not default behavior. But yeah, not sure that transactions initiated by random phishing site would be automatically confirmed in any case, need to review how it works currently.
indeed you speak what i am thinking. Auto signing was there for sure. The question is, can i be manipulated by misleading webpage or some malicious software... the same point is f.e. an manipulated webpage, where yes means no in reality... i guess here we have only some list of trusted sites as prevention... because if you klick no and you mean no but it goes yes...and the user doesnt know it, there is no protection...
When confirmation in wallet pops up, that means that site has already requested signing transaction. Wallet can't protect users from themselves in all cases, for this case they may implement extra warning for transactions that change account permissions.
Обсуждают сегодня