Sampei.Nihira
Content Type
Profiles
Forums
Events
Posts posted by Sampei.Nihira
-
-
17 hours ago, Dixel said:
Oh! It's becoming more and more interesting. So, you suggested us something you never used yourself!
How then do you know they are "secure"?
Account #2 do you resent me because I consider you stupid?
Disorders.
You post a link with a thread I opened and you didn't even understand what was written in it otherwise you wouldn't be making these idiotic interventions.Get treatment.
0 -
4 hours ago, D.Draker said:
Why? You wrote they are super duper secure and have "Quantum-resistant encryption to protect email".
Because they are made my account #1.
Is it so hard to understand that I have various email accounts including TutaMail but the account that I consider most secure of all is NOT Tutamail or Pronton Mail.I have a colleague who used to teach elementary school if you want I will call him and have him come to this forum and explain it to you to account #2
0 -
9 hours ago, Dixel said:
Oh! It's becoming more and more interesting. So, you suggested us something you never used yourself!
How then do you know they are "secure"?
But where did you read account #2 that I never used what I recommend?
If you want I can recommend a very good psychiatrist.
0 -
I made a simple point of information.
Always wrong conclusions..........
My personal emails in a more private and secure form do not use both ProtonMail and Tutanota.
And of course I will not mention in this thread which email service I use because it does not interest the OP and above all it is info that will remain strictly personal.1 -
Yes you are right,I will delete the not working test (Brave).
0 -
1 hour ago, Amigafever said:
Thanks. I guess this is good news, since removing tracking parameters isn't strictly ad-blocking, right? It's important, yes, but at least we can rest assured for now, that ads won't suddenly start appearing on us and that uBO Legacy still remains extremely effective, notwithstanding running behind the WebExtension.
Update: perhaps we should contact AdGuard to provide compatible filters.
It is a privacy-related feature.
In addition to the list of filters you mentioned @UCyborgother filter lists with these features are those of DandelionSprout (The most famous is Actually Legitimate URL Shortener Tool).
0 -
40 minutes ago, Nokiamies said:
I think you missed my point. Even though you send link trough email it is not standard email anymore as I cant read and answer it using email client of my choice. Tutanota and Proton while internally encrypting all still cant talk to outside world without utilising SMTP which is like sending your email on postcard. Even if over ssl it is just writing message to postcard using some secret language, if someone cracks it can read you message. Also you are relying on their server to be secured and not get compromised and even if they actually would be not storing encryption key on their server like they claim some hacker could just inject malicious javascript to steal your secret key and access all your mails. No system is hacker proof and point you become valuable enough target it is matter of time is hacked. And even if they made is hacker proof you still trust for them to run what they claim on their server. Unless you walked there without warning and scanned all server code you can only take their word for it. Showing server source code wont mean they run it on server side unless can inpsect the servers.
On the other hand PGP I mentioned is standard and decryption key is only stored locally, if you try read email on server there is nothing to read. While there been exploit like Efail for PGP those been since patched and it did not affect Claws mail.
This is clearly stated in the Tuta FAQ.
I recommend that you read them:QuoteTuta does not support the use of third-party email clients or IMAP/POP3/SMTP protocols because we cannot guarantee end-to-end encryption of data
Have a good evening.
P.S.
I don't comment on javascript injection because I still have to eat dinner and I don't want food to get stuck in my stomach.
You are right @NotHereToPlayGames here users have preconceived notions that are difficult to eradicate.............2 -
1 hour ago, Nokiamies said:
Such as thing as secure email does not exist due to email nature. It was never built to be secure in first place. Even if you encrypt SMTP traffic with ssl and only access email using some client with perhaps even ip based blocking it is still not 100% secure. Solutions like that only add bandages into root issue. Point you are sending email outside "secure" provider it is as secure as on any other provider. Even if you use something like deltagon secure mail which many companies uses it does not offer full security as all i need is link for secure email and open it before original recipient does. And that email link is sent to any insecure email server. Even got SMS MFA to view secure messages there are means to intercept text messages (which i cant talk here)
Closest for secure email is to use PGP to encrypt email but I just opt not send anything confidential over the email and treat it like sending postcards.
Try Tutamail.
By default (but you then change) it uses password encrypted email sending.
In order for the recipient to read the email and possibly open attachments, they must know the password you chose during sending.
The recipient of course is informed (via client-email) that he or she has received an email.Obviously all this assumes that you have a browser (the email is read using the web-mail method) set up reasonably well from a security/privacy standpoint.
In the image the email received.
Without a password it cannot be read.1 -
Yes, almost everyone uses the same e-mail they have in their smartphone (Gmail).
I include 2 more secure email services:It is possible to register a free account.
1 -
My interest in scripts is specifically for security/privacy.
So I block all HTTP website scripts in the browser.
Almost all links to malwares content are HTTP.
But with a simple rule in uBO you can do the same.1 -
On 4/21/2024 at 9:34 PM, Calista said:
Ich habe Win 11 24H2 installiert..... leider wurde das Setup von Win 11 abgebrochen .. wegen unkompatiebel .. !
Wer kann helfen ?
--
I installed Win 11 24h2 ..... unfortunately the Win 11 setup was canceled .. because of uncompatible ..!
Who can help ?
Check if you are in this situation:
to check the CPU you can use CPU-Z which must be started from administrator account:
0 -
14 hours ago, FranceBB said:
Yeah... it still baffles me to see phishing websites getting a perfectly valid certificate from Let's Encrypt. I mean, what's the point of having Certificate Authorities at this point if scammers can just get their ways around it...
If any MSFN members want to test.
Warning:
The link in the image is an active phishing website (at the moment).
So be careful and do not enter any data.0 -
18 hours ago, NotHereToPlayGames said:
Chrome/Chromium has used an internal cert store in addition to the OS cert store since v105 and it has been enabled by default since v108.
To the best of my knowledge, I do think that Official Chrome, Official Ungoogled Chromium, Supermium, and Thorium all fetch these as opposed to them being "bundled".
I'll concede to anyone much more in-the-know.
My only intent was to demonstrate that the same EXACT browser in XP will not have the same level of security as it does in 10.
ECC cert shortcomings in XP has been known for a VERY long time.
It is nice to see the backport cited a few posts ago, so that SHORTCOMING is being addressed.
XP cert store cannot "do" ECC. But as demonstrated, Mypal only performs this because it is not using the XP cert store.
How Supermium is performing this is a NIGHTMARE to figure out, it is simply UNSTABLE and pegs my CPU at 100%, crashes too often, et cetera, for me to have the patience to even ATTEMPT to sort it out.
Correct.
But even in W.10/11 in many malicious websites with (HTTPS) phishing content (this is not often the case for websites with malware content) the certificate is valid and nothing prevents the browser (at a given initial instant of time) from opening the malicious web page without any problem.P.S.
In fact, I would be curious to see how your browsers (on W.XP) would treat these web pages,but the test should be done quickly after I put in the phishing link.
3 -
Although very dated might I suggest this test to evaluate the better/worse intrinsic security of Thorium vs Supermium?
Perhaps the score is identical:2 -
You are certainly protected if only your Custom filter list uses more Network rules and Cosmetic rules than all my filter lists.
But I use UBO in Hard Mode + TLD's.
An advanced mode of use compared to the protection provided by filter lists alone.2 -
Hi to all.
In addition to ads you should also consider trackers.
Here is why UBO should be used for its wide-spectrum blocker capabilities:https://github.com/gorhill/uBlock/wiki/Blocking-mode
0 -
I have made only 2 posts referring to @XPerceniol.
You, on the other hand, certainly wrote more posts than I did even in response to other MSFN members who did not have MyPal 68 as their topic.So try to be more sympathetic to the answers other MSFN members give to help others.
P.S.
Discussion closed.
If you post anything OT in any thread from now on I will be there to point out this rule of yours broken by yourself.2 -
On 4/15/2024 at 12:25 PM, AstroSkipper said:
That depends on which country you live in and how data protection is organised there. Your statement certainly applies to the USA, but not to Germany, for example. Here is a link to a provider with no-logging policy that I would trust and whose server can be used even as a normal DNS resolver: Freifunk München
I would use this service if I didn't trust my local provider. But in my country, data protection is a valuable asset. So I just use my local provider with own DNS resolver. But I could increase safety considerably if I wanted to. All inside my country. And if I were also to use one of my paid VPN services with a no log strategy outside my country, then ... 
Right.
This OT you wrote doesn't seem to me to be relevant to MyPal68,and moreover you intruded on a reply that N. was giving to a fellow countryman.
So your rules apply to everyone but yourself?2 -
50 minutes ago, AstroSkipper said:
Actually, it doesn't matter who has started going off-topic. Such discussions are simply misleading for readers of this thread because they might think that Mypal 68 could have such technologies as ECH, which of course is not the case at all. And I don't understand what you actually mean by "the multiple accounts".
That also seems to me to be quite incomprehensible and off-topic.
ECH is not available in MyPal.
But this is not important because 99.99% of websites do not use it.
And that's what I wrote to @XPerceniol
No misleading or dangerous advice as usual the multiple acconts would have you believe (who are clueless as usual).
2 -
33 minutes ago, AstroSkipper said:
This thread is about Mypal 68. I don't understand at all why technologies are being presented here that are aimed at much more modern browsers.
To put it simply, I think such comments are off-topic and should be done in a thread related to an appropriate topic.
I did not start in this thread to discuss the Cloudflare test.
I just wrote (between the lines) that it doesn't matter if the last test is failed.Moreover, I quoted another user,so my assistance is directed exclusively to this user.
You guys can also ignore my interventions.
Try you and the multiple account (which I don't even respond to because it is useless now) to call others out as well when they go OT in a topic.
Avoid replying because I will not respond to other interventions.2 -
As I used to tell my students, a picture is worth more than 100 words.
In my ECH browser it is always on.In the website below ECH is active.
Sites like this are in the minority.
In the website below, ECH is not active.
99.9% of websites are in this situation.
1 -
I read that there is much confusion regarding DOH and ECH.
Read:https://blog.mozilla.org/security/2021/01/07/encrypted-client-hello-the-future-of-esni-in-firefox/
https://wiki.mozilla.org/Security/Encrypted_Client_Hello
Unfortunately, even if you have ECH enabled in your browsers, almost no websites make it usable for client browsers.
MSFN does not use ECH.Instead, ECH is enabled in the website under:
I hope you understand this difference.
2 -
17 hours ago, NotHereToPlayGames said:
I'm on Win10. Both here at home and at work. Work would be a much newer version of Win10. Work is also Pro and not Enterprise. I'm actually "backwards" and use Enterprise at HOME versus at work.
If you want to access the advanced encryption features, you have to enable both in the smartphone browser and in the browser in W.10/11 also Secure DNS.
If secure DNS is disabled QUIC will not work.
Try a test.
0 -
1 hour ago, NotHereToPlayGames said:
Perhaps it's your ISP? I cannot find a QUIC connection anywhere, at home or at work. I've done nothing to disable QUIC in the test profile.
Maybe for my Windows 10 PC.
But what to think for the smartphone?W.10 and W.11 have native QUIC support.
Do you use either of these OSes for your tests?Unfortunately, MSQUIC is also supported by recent operating systems.
0
Why is e-mail the master key to everything?
in General Discussion
Posted
It is not insulting it is the evidence of facts,you are stupid trolls.
Everyone in this forum knows that.
And now I'll say goodbye because I have more to do than to be talking to a psychopath.
Today I was sad and with you I had a lot of laughs,thank you.
