Jump to content

Sampei.Nihira

Member
  • Posts

    1,363
  • Joined

  • Last visited

  • Days Won

    30
  • Donations

    0.00 USD 
  • Country

    Italy

Everything posted by Sampei.Nihira

  1. Or use network filtering of a secure DNS + a browser such as Opera for cosmetic filtering done with native trackers/ads blocking.
  2. In the opinion of some of my former colleagues.....not too long. MV2 extensions would be disabled anyway. As is the case for any dangerous extensions. Of course, this is all to be proven.
  3. Chrome 127 stable will be released on July 23. Before this date I would like to advise all MSFN members to check for MV2 extensions installed in their Chromium-based browsers. That they should (if they want to survive) shortly upgrade to MV3. It is possible to carry out this control by 2 methods,the simplest one shown in the image below: All your extensions installed with Inspect views identical to the red arrow will be MV2. Extensions showing Inspect views like the blue arrow will be MV3. Those who want to follow a more "complicated" method can see the above using: chrome://extensions-internals MSFN members who want to check extensions in Firefox (but obviously this is less important) can use the debug extensions: Extensions installed with the blocked background script highlighted by the blue arrows will be MV3. The others highlighted by the red arrow MV2:
  4. If you want to check whether DEP protection is up and running for browsers, you can also use the old HPA test tool: http://dl.surfright.nl/hmpalert-test.exe obviously only DEP would be (from my point of view) just enough for the security of browsers: https://sendvid.com/wp52v128 in the video above my old anti-exploit protections in Windows XP applied to browsers. But I am digressing,have a good evening.
  5. Certainly It can be. Has anyone checked whether DEP is enabled -permanent with Process Explorer? P.S. Enabling DEP for all programs (EXE) and not just system processes if I remember correctly is an easy thing to do.
  6. Hi to all. In my opinion guys,you are giving too much importance to flags. Those who seek security should also look elsewhere. For example, has anyone using XP enabled DEP (Data Execution Prevention) for Thorium?
  7. I understand. I see that only the installable software is up to date,not the extensions whose development is stopped at 2023. I have a mindset geared toward IT security. I never add third-party softwares for functionality that can be done natively by browsers because the increase of especially third-party code in the system statistically implies an increase that is directly proportional to the vulnerabilities. I also follow the same reasoning for extensions. I use as few extensions as possible.
  8. Brave Url's tracking test is working again: https://fmarier.github.io/brave-testing/query-filter.html Although the test website (old) reports that you need to use private browsing it is recommended to use normal browsing. It is possible to verify that r3dfox passes some tests (without the need to use uBlock Origin or uBlock Origin lite),because it has partial blocking functionality of urls tracking parameters. In Chromium-based browsers (excluding Brave), however, the tests passed by r3dfox fail if only the browser is used.
  9. When you download a file, the browser with the parallel downloading feature enabled will divide the file into small packets and download those small packets simultaneously. Because of this, the download speed will increase. network.http.max-persistent-connections-per-server The default value is (in my opinion) insufficient when compared to the downloading speed of a Chromium-based browser.
  10. I did a test between uBlock Origin Lite vs uBlock Origin to see which of the two extensions makes the browser faster. I used the lists of filters I prefer in each extension. Considering that uBlock Origin works better in Firefox: https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox I considered the filter list specific to CNAME-uncloaking. Effectively uBlock Origin Lite speeds up browser response compared to uBlock Origin. @K4sum1 I would like to recommend increasing the parallel downloading of the browser. I am trying 14.
  11. Hmmmmm........ MV2 extensions were allowed to create background pages. These pages allow running JavaScript code and keep state like variables for the whole browser session. Migration to stateless or non-persistent background pages is needed for MV3. Not counting service workers. The operation of an MV2 extension differs from an MV3 extension. P.S. However, switching or modifying (I understand although in my opinion it will be unnecessary) extensions from MV2 to MV3 is not the purpose of this thread.
  12. The only question here is whether MSFN members are able to verify whether their extensions are already at MV3 or are always at MV2. Those who can verify it as I did,the better for them. The switch that will allow a disabled MV2 extension to be rehabilitated will be short-lived. If an MV3 extension is not chosen that will be offered as a replacement. Of course I personally do not care about all of the above.
  13. Today I checked how many extensions I have installed in Edge (4) already use MV3. uBlock Origin - MV2 Video DownloadHelper - MV3 Stream Recorder - MV3 SwiftDial - MV3 With Firefox, I installed only one extension (uBlock Origin Lite), which by its nature is exclusively MV3.
  14. @ to all Can you do this without extensions? If you can't,I'll write you a rule for uBlock Origin that might be quite aggressive (depends on many factors) but the test is passed.
  15. Try these filter lists: https://raw.githubusercontent.com/DandelionSprout/adfilt/master/LegitimateURLShortener.txt https://raw.githubusercontent.com/DandelionSprout/adfilt/master/ClearURLs for uBo/clear_urls_uboified.txt
  16. If you use uBlock Origin I can recommend adding 2 filter lists in addition to AdGuard URL Tracking Protection (which should be enabled by everyone). Although the main advice for MSFN members who are more privacy-oriented remains to try r3dfox.
  17. Mozilla will continue to support MV2 extensions but certainly not indefinitely: https://blog.mozilla.org/addons/2024/03/13/manifest-v3-manifest-v2-march-2024-update/#comments I assume that Mozilla will disable MV2 extensions by June 2026.
  18. This will be the notice of disabling MV2 extensions:
  19. Probably not. You should check if you don't have this flag: chrome://flags/#extension-manifest-v2-deprecation-warning I for example in Edge do not have the flag above. Although they will probably implement it in future versions. P.S. Those who will use Thorium/Supermium will have available the company policy in the browsers inserted by the developers themselves: https://github.com/Alex313031/thorium/issues/677
  20. https://blog.chromium.org/2024/05/manifest-v2-phase-out-begins.html?m=1
  21. MSFN members considering a client-hints problem might try r3dfox. Although HTTP User-Agent is obviously visible.
  22. I have read that some MSFN members use the browser with the native sandbox. Obviously those using Windows XP will be aware that the Chromium sandbox works worse than => Windows Vista. Not only for I.L. Also for TCP/IP: TCP/IP socket security in Windows 2000 and Windows XP (but not in Vista) is effectively null. Even those using FAT32 Volumes in this case the security descriptor on them is effectively null. https://chromium.googlesource.com/chromium/src/+/refs/heads/main/docs/design/sandbox.md These are the differences with Mozilla-sandbox: https://wiki.mozilla.org/Security/Sandbox Therefore, it would be very interesting to see whether for the same operating system the Mozilla sandbox or the Chromium sandbox is more efficient. To check the level of the sandbox of r3dfox : about:support
  23. I also use a “reinforcement” called NIST-P384 algorithm TLS Kyber Confidentiality. I have no problem with it. The problem you brought to attention (even then for clients) is due to a bug in the servers: https://tldr.fail/
×
×
  • Create New...