Jump to content
MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. ×

Sampei.Nihira

Member
  • Posts

    983
  • Joined

  • Last visited

  • Days Won

    30
  • Donations

    $0.00 
  • Country

    Italy

Everything posted by Sampei.Nihira

  1. @XPerceniol 12 Insecure Cipher Suites are excessive, remove at least the 4 Camellia. My Firefox but also Chrome is like this: No problem.
  2. You can replace the DDGo Privacy Essentials extension with the following list in UBO: https://blokada.org/blocklists/ddgtrackerradar/standard/hosts.txt
  3. I purchased a 4G LTE router and an 80 GB/month sim at a cost of 7.99 euros/month. For my needs they are more than enough. The ping is high but does not affect my browsing habits especially with chrome-based browsers: The monthly cost of the fiber is too high, although probably the costs in my country are more modest than in other countries.
  4. Yes, it's the latest fad............ Although it looks like Chrome will back off after user complaints. Nowadays you have to do a lot of work even in chrome-based browsers to set the best possible settings.
  5. Xubuntu 21.10 (PC my daughter) Strong password enabled Quad9 DNS UFW Firewall - enabled Google Chrome --disable-webgl --cipher-suite-blacklist=0x0035,0x002f,0xc014,0xc013 Javascript blocked for HTTP://* Privacy Sandbox + FLoc disabled Clears cookies and data from sites when you close Search Engine and Home web-page DuckDuckGo Always HTTPS DNT enabled Chrome://flags - Enabled: Block scripts loaded via document.write Strict Extension Isolation Strict-Origin-Isolation HTTPS-First Mode Setting Privacy Review Smooth Scrolling Parallel downloading Reduce User-Agent request header Extensions: UBO - Hard Mode - with TLD by Kees1958 Decentraleyes Trace - (Only enabled) - Google Header Removal + Alternate Error Page + Webform Autofill + SafeBrowsing Extended Reporting Stream Recorder VideoDownloadHelper I eliminated the 4 categories of insecure chipher suites TLS 1.0/1.1/1.2 I removed the flag "Anonymize local IPs exposed by WebRTC" because it is not necessary.
  6. Chrome is the browser, at least in their latest versions, that is more lacking than the other browsers regarding the blocking of trackers. With Chrome I would recommend to match in your adblocker to the "disguised" list the "Adguard Tracking Protection" List.
  7. The list contains over 13,000 rules. The || tag means you can omit http https so for that alone you would have over 26,000 rules. Also there is the ^ tag which includes the subdomains.......
  8. Yes indeed, Chrome-based browsers do not have the ability to scan CNAME records. So they need a list,Adguard's list is well maintained, with a considerable number of rules. Another possibility is the use of AdGuard DNS:
  9. @to all I would like to give some advice to all MSFN members regarding trackers. I would advise you to put a list in UBO dedicated for blocking CNAME trackers: https://raw.githubusercontent.com/AdguardTeam/cname-trackers/master/combined_disguised_trackers.txt Which unfortunately are not stopped even by the latest versions of browsers. https://github.com/AdguardTeam/cname-trackers
  10. I gave you a tip in that thread.
  11. @XPerceniol Hi, XP does not have Integrity Levels, so enabling Appcontainer works with an OS from Vista onwards. In chrome-based browsers a setting with flags alone would not be sufficient, you would have to use Command Line Switches as well. https://peter.sh/experiments/chromium-command-line-switches/ P.S. The Trace functions are also interesting: https://absolutedouble.co.uk/trace/
  12. I had to replace Firefox with Chrome because my daughter complained about its slowness. Test Spedometer 2.0 (Firefox) = 34.4 (Chrome) = 53.7 ____________________________________________________________________ New security/privacy configuration: Xubuntu 21.10 (PC my daughter) Strong password enabled Quad9 DNS UFW Firewall - enabled Google Chrome --disable-webgl Javascript blocked for HTTP://* Privacy Sandbox + FLoc disabled Clears cookies and data from sites when you close Search Engine and Home web-page DuckDuckGo Always HTTPS DNT enabled Chrome://flags - Enabled: Anonymize local IPs exposed by WebRTC Block scripts loaded via document.write Strict Extension Isolation Strict-Origin-Isolation HTTPS-First Mode Setting Privacy Review Extensions: UBO - Hard Mode - with TLD by Kees1958 Decentraleyes Trace - (Only enabled) - Google Header Removal + Alternate Error Page + Webform Autofill + SafeBrowsing Extended Reporting Stream Recorder VideoDownloadHelper
  13. You can enable the renderer in appcontainer as the Microsoft documentation explains: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#rendererappcontainerenabled If you use an administrator account you must go to the registry path: HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge Enter a new DWORD value (32): RendererAppContainerEnabled and assign it the hexadecimal value 1. If you use a Standard account, it may happen that you don't see the "Edge" key at the above location. In this case the "Edge" key must be created. This change makes the setting shown in the image unusable: It would be possible to overcome this inconvenience with the insertion of 2 more registry keys proposed by Kees1958. But this is not contemplated in the Microsoft documentation so I refrain from suggesting it to MSFN members. The effect of all this is obviously greater security than the untrusted ILs highlighted in Process Explorer or other similar software:
  14. @VistaLover It happened to me a few months ago too so I can imagine your frustration. My pc was 16 years old. Your pc is about 12/13 years old. I don't know if it deserves to have the pc repaired by an external technician. If possible do it yourself. Otherwise evaluate the possible cost of repair (which in Italy would certainly be high) compared to buying a new PC. Good Luck !!
  15. https://forum.palemoon.org/viewtopic.php?f=5&t=27682 https://www.ghacks.net/2021/12/17/pale-moon-project-announces-change-of-direction/
  16. As you will notice the test website is grey (so allowed) and javascripts are allowed: (Too easy to disable javascript).
  17. @XPerceniol It's not weird. Chrome-based browsers are structurally "weaker" than firefox-based browsers. In various privacy/security focused tests: https://browseraudit.com/ with firefox-based browsers you will always get higher scores (seemingly easily) than chrome-based browsers. This doesn't mean that you can't get good scores with chrome-based browsers, it's that you have to work hard to get the best possible scores from the browser you use. P.S. It's not just a matter of flags, although with my Edge I have 10 flags set differently than the default.
  18. Firefox in the pc of my daughter is configured in a less restrictive way in comparison to my Edge, and with deactivated UBO I obtain 15 red. So it is only necessary to configure better Firefox.
  19. I disabled UBO and repeated the test. With Edge I have 15 reds as you can see from the image: Considering that with UBO active I get only 3 reds the difference is 12 reds attributable exclusively to UBO. So out of a total of 38 tests, 26 are NOT red due to the browser.
  20. The editor of the article is wrong. Instead, it is possible to fix these vulnerabilities while maintaining good (not great) website usability. There is no doubt that as usual more privacy/security implies less website usability. But it is certainly easy to solve. Again, Firefox outperforms chrome-based browsers. With Firefox and a less restrictive setting of my Edge I get only 2 critical vulnerabilities. To see if your browser needs fixing you have to test it. https://www.wilderssecurity.com/threads/xsinator-xs-leak-browser-test.442622/ As a security extension I only use uBlock origin in Hard Mode. It is no coincidence that even wat0114 who uses the same extension as me in hard mode gets identical results to mine.
  21. You are right I am OT in this thread and I publicly apologize. But as you may have noticed my original post was referring to @msfntor and I even quoted it. In my Country it is not customary to insert oneself into discourse between others in an arrogant manner. If you don't like what I wrote, don't read it. And with that I am done, avoid answering because you will not have the satisfaction of reading a counter-response from me. Good evening.
  22. @NotHereToPlayGames OK. __________________________ p.s. I don't have Firefox installed in W.10.
  23. This may be the exception that proves the rule. My result with Edge: with Firefox I have only 2.
  24. It is in January 2023 that Chrome stops running manifest v2 extensions: https://developer.chrome.com/docs/extensions/mv3/mv2-sunset/ It's not my area of expertise, but one solution is to implement blocking at the DNS level. But in this case, cosmetic filtering would be missing. Raymond Hill writes that he currently has no solution to the noop rule which is currently unworkable. Very useful to start decreasing the filters used in UBO. At the moment in Edge I have: 41406 network filters 37824 cosmetic filters

×
×
  • Create New...