Sampei.Nihira

@Mathwiz _________________________________________ I usually use NM28 with XP. But having multiple browsers installed is always advisable. For example with NM28 I cannot access the advanced configuration of some routers. For the model below: https://www.amazon.it/TP-Link-TL-MR6400-Monitoraggio-Traffico-Alternativa/dp/B017IGEPWW I have to access only with I.E.8 from my pc with XP. Sorry for the OT,

General spoofing is not necessary. Set a specific rule for the problematic website. As I wrote elsewhere the website below is not accessible with Windows XP: https://app.agyo.io/ I entered a specific string for that website in NM28. If anyone is interested I can write the string in this 3D. With FF52ESR it is possible to do the same

https://forum.palemoon.org/viewtopic.php?f=46&t=21666

Use this test page: https://cc.dcsec.uni-hannover.de/

What version of uMatrix did you install to make that failed test? The switch: "Forbid web workers" is available from version 1.2.0.

I will never,never,never,install Chrome/Chromium on my PC running Windows XP. Almost certainly your problem is not due to the OS but to the version of uMatrix or uBlock Origin. Installing the latest versions these extensions should be possible. I installed the latest version of UBO in my FF 52 ESR: I certainly will not be doing this test.

Hi. I tried with the rule in uBlock Origin and your situation is not playable in my Chrome. The rule works as shown in the image below: With uMatrix it would be the same: https://www.wilderssecurity.com/threads/new-browser-attack-lets-hackers-run-bad-code-even-after-users-leave-a-web-page.413876/#post-2812330

With uMatrix the general rule to insert is: no-workers: * true you can enter exceptions for any problematic websites in an easier way. With uBlock Origin, here is the general form of the exception: *$csp=worker-src 'none',domain=~example.com

Excellent analysis, good.

*$csp=worker-src 'none' Enter the rule and repeat the test: https://html5workertest.com/

With Chrome, you can block Service Workers as long as you block even the Web Workers. It can be done with the uMatrix extension. But even with the uBlock Origin extension you only need to set up a rule.

Windows Exploit Suggester. https://github.com/bitsadmin/wesng

For those who want to take a more detailed test: https://www.wilderssecurity.com/threads/new-browser-attack-lets-hackers-run-bad-code-even-after-users-leave-a-web-page.413876/#post-2812242 With Firefox / Pale Moon / New Moon / Basilisk, you do not need to install the extension, you can test directly.

Some info in the articles below: https://www.zdnet.com/article/new-browser-attack-lets-hackers-run-bad-code-even-after-users-leave-a-web-page/ https://www.ghacks.net/2019/02/26/marionet-attack-lets-hackers-control-your-browser-even-after-you-leave-the-attack-page/ To check if the Service Workers is active in your browser: https://browserleaks.com/features Pale Moon and Basilisk by default does not support Service Workers. Also I.E.8 does not support Service Workers: