Charlie Belmer (som jobbar på DuckDuckGo):
In the past I have worked on security products that specifically worried about port scanning from employee web browsers. Attack frameworks like BeEF include port scanning features, which can be used to compromise user machines or other network devices. So, I wanted to be able to alert on any port scanning on machines as a potential compromise, and a site scanning localhost might trip those alerts.
On the other hand, it’s been reported on a few times in the past as banks sometimes port scan visitors, and I have heard Threat Matrix offers this as a customer malware detection check.
I was given the example of ebay as a site that includes port scanning, but when I initially navigated there I didn’t see any suspicious behavior. I thought they might use some heuristics to determine who to scan, so tried a few different browsers and spoofed settings, without any luck.
I thought it might be because I run Linux, so I created a new Windows VM and sure enough, I saw the port scan occurring in the browser tools from the ebay home page.
Detta är inte bara djupt oroande utan också närmast kriminellt.