Sampei.Nihira
4 Followers
About Sampei.Nihira
Recent Profile Visitors
6,076 profile views
Sampei.Nihira's Achievements
698
Reputation
-
Didn't you notice that my first link is written by Raymond Hill? Read and learn if you wish. I will not waste any more time with your useless requests. Period. P.S. Stop calling this vulnerability a virus; it is an exploit. If you don't know the difference....study. -
It is possible to use Hard Mode + TLD'S (protection higher than Medium Mode but lower than Hard Mode) I will include you a table with fairly accurate percentages even in an extension like AdGuard MV3. P.S. The percentages in the table were verified by Kees1958.
-
Here in benefit of dynamic filtering referring only to third-party frame blocking: https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-Benefits-of-blocking-3rd-party-iframe-tags as you can see it is a formidable defense against exploits as well. Those using higher dynamic filtering (Medium Mode or Hard Mode obviously have more protection at the security/privacy level. I use Hard Mode + TLD's Some other opinions Sven Taylor: https://restoreprivacy.com/browser/secure/ ArkenFox user.js: https://github.com/arkenfox/user.js/wiki/4.1-Extensions#small_orange_diamond-️-anti-fingerprinting-extensions-fk-no
-
To stop the chain of events that can lead to the success of an exploit, a few tricks may be sufficient even in unpatched browsers. I have seen exploits rendered harmless with the renderer at IL AppContainer. In my opinion those who have an unpatched browser,listed on the anti-exploit list,and take a number of expedients that at various points can counteract the chain of events that can lead to the success of an exploit,i.e., leverage an unpatched vulnerability in the browser and/or OS can be reasonably safe. Using uBlock Origin with dynamic filtering enabled is considered by all security experts to be a security surplus in the browser.
-
Resuming the transition to Manifest V3
Sampei.Nihira replied to Sampei.Nihira's topic in Web Browsers
If you assume that there is an error in my browser that is not oriented to hard privacy but rather to security (your first error) (,also because you don't know my access needs at all,for example I have significant limitations to accessing government websites where I collaborate) you have to prove it with your browser by a test that of course I will not provide you have to know. Second mistake you are highly OT in this thread And I will not read anything that does not follow the above parameters. So if you want to run various tests with your browser, I suggest you open a new thread. I promise I will gladly read them. Have a nice day. -
Do what you want. Do you consider yourself vulnerable? Too bad for you. I had in mind to advise the members of the forum at least 2 solutions to increase the security of the browser. But I don’t think about your complaints. Period.
-
But what does downloading an image with a webp extension (extension that can be changed) have to do with HD/SSD? The vulnerability, discovered by researchers from Apple Security Engineering and Architecture (SEAR) and the Citizen Lab of the University of Toronto, is present in the libwebp library that allows the rendering (visualization) of webp images. The buffer overflow in the memory area called heap is caused when the user opens an ad hoc created webp image. An attacker can then access the computer and execute infected code.
-
Also the one in my screen is saved in webp (but this has nothing to do with it...do a test) but the website is in jpeg, so there is no vulnerability because the browser does not interest LibWebp. The patch has been applied to LibWebp. P.S. You can see the fundamental difference:
-
Of course it’s not a fix. But it prevents a possible compromise of the Operating System in unpatched browsers. Who needs the fix (I don’t) look for other remedies. Good evening.
-
Even if it seems excessive to me, who believes that their browser has not received the patch or has no confidence in the anti-exploit/malwares installed can insert this rule in my filters in uBlock Origin: ||*.webp^$script,document,important As you well know the parameter "important" prevents any exception, if for you it is too restrictive can be eliminated. P.S. Who wants to take a test: https://developers.google.com/speed/webp/gallery1?hl=en
-
Usually it is the providers of the browsers that have to report whether their browser is vulnerable. So first we need to know if the browser (which seems to me to be closed code) has received the patch. https://www.akamai.com/blog/security-research/guidance-on-critical-chrome-vulnerabilities-libwebp-and-libvpx https://blog.isosceles.com/the-webp-0day/ Browser development was not my area of work,so you have to ask the appropriate people. I once provided a patch to Roytam for Thunderbird OAUTH support to apply to MailNews. But then he was the one who implemented it. Ask here: https://groups.google.com/a/webmproject.org/g/webp-discuss P.S. As I wrote you in the private message I retired.
-
Block Consent Google in Firefox 113.x
Sampei.Nihira replied to Sampei.Nihira's topic in Web Browsers
Definitely. Even with YT I put in uBlock Origin in my favorite browser (Edge) a rule to block cookie consent. To date I have not displayed any ads in YT. But I read about many users who have such problems. -
Resuming the transition to Manifest V3
Sampei.Nihira replied to Sampei.Nihira's topic in Web Browsers
Here's what you requested. You will notice that the experimental flags + Command-Line Switches with "": I will also include a Github link, even if archived, with the Command-Line Switches in question with the correct syntax: https://github.com/melo936/ChromiumHardening/blob/main/flags/chrome-command-line.md