Not really. Just because it wasn’t meant as a backdoor, doesn’t mean it wasn’t a backdoor. Remote debugging can give you access to the user’s auth tokens and activity, so it could easily be used to compromise the user’s accounts of whatever sites they’re visiting.
The title is wildly misleading
Not really. Just because it wasn’t meant as a backdoor, doesn’t mean it wasn’t a backdoor. Remote debugging can give you access to the user’s auth tokens and activity, so it could easily be used to compromise the user’s accounts of whatever sites they’re visiting.
This is really bad if you’re on a public wifi.
https://github.com/zen-browser/desktop/pull/927
Now this makes more sense, but again, this was months ago. I recommend reading the thread and considering the implications, though.