Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: What's the worst thing that could happen if I click on an unknown link
11 points by canergl 4 days ago | hide | past | favorite | 8 comments
1- suppose any random link that you encounter in public internet

2- you click on the link

3- a new tab opens in your browser

4- you don't download anything but close the tab

now what is the worst thing that could happen after this moment?






There's no theoretical limit. That's what the concept of a "zero day" is all about. It's entirely possible that some undiscovered vulnerability allows an attacker to remotely hijack your entire PC, steal all passwords, and completely ruin your life just by opening a webpage. Is it likely? No. But in terms of the "worst thing possible" there's really no upper bound.

reply


It might not be as easy as it used to be, but when I did remote PC tech support ca. 2008-2010, all day every day was almost nothing but removing infections of rogue (fake) antiviruses and their supporting rootkits that people got via "driveby download" -- no stupid mistakes needed (unless you count browsing without an ad blocker).

reply


When I was younger I used to believe that nothing serious could happen because I don't use Windows and "I was smart enough" to not execute malware (yeah, I didn't care on downloading it; how wrong I was).

Someone already mentioned zero days but let me elaborate a bit on what can happen when visiting a website:

- Without zero days involved, you are already disclosing digital information, ip address, browser fingerprint, precise location access could be granted with relaxed browser settings, etc.

- As a dev, you may have services running locally, let's say, postgres, web servers, etc. -sometimes we install stuff and forget about it- the malicious website could access these.

- It could try using your sessions for other websites.

- It can also interact with your browser extensions, many of these do not take precautions for this.

- It can also try using your hardware, camera, microphone, bluetooth, we now even have webusb.

- It can also try to use your CPU/network for cryptocurrency mining or attacking other servers, it could even use you as a proxy while you are on the website.

- With zerodays, it could do just anything.

reply


Well, the front could fall off. [1]

[1] https://www.youtube.com/watch?v=3m5qxZm_JqM

reply


> 4- you don't download anything but close the tab

Does your browser show anything in this thought experiment or are you so quick to close the tab the browser hasn't even connected to the server? If it shows anything you have downloaded something. That is how it is shown in the browser. With a malicious payload you cannot know what might happen as uejfiweun says.

reply


Believe it or not, jail

reply


how

reply


One thing that could happen is that you could have seen a truly horrible image.

reply




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: