Jump to content

Sampei.Nihira

Member
  • Posts

    1,041
  • Joined

  • Last visited

  • Days Won

    30
  • Donations

    $0.00 
  • Country

    Italy

Everything posted by Sampei.Nihira

  1. @XPerceniol It's not weird. Chrome-based browsers are structurally "weaker" than firefox-based browsers. In various privacy/security focused tests: https://browseraudit.com/ with firefox-based browsers you will always get higher scores (seemingly easily) than chrome-based browsers. This doesn't mean that you can't get good scores with chrome-based browsers, it's that you have to work hard to get the best possible scores from the browser you use. P.S. It's not just a matter of flags, although with my Edge I have 10 flags set differently than the default.
  2. Firefox in the pc of my daughter is configured in a less restrictive way in comparison to my Edge, and with deactivated UBO I obtain 15 red. So it is only necessary to configure better Firefox.
  3. I disabled UBO and repeated the test. With Edge I have 15 reds as you can see from the image: Considering that with UBO active I get only 3 reds the difference is 12 reds attributable exclusively to UBO. So out of a total of 38 tests, 26 are NOT red due to the browser.
  4. The editor of the article is wrong. Instead, it is possible to fix these vulnerabilities while maintaining good (not great) website usability. There is no doubt that as usual more privacy/security implies less website usability. But it is certainly easy to solve. Again, Firefox outperforms chrome-based browsers. With Firefox and a less restrictive setting of my Edge I get only 2 critical vulnerabilities. To see if your browser needs fixing you have to test it. https://www.wilderssecurity.com/threads/xsinator-xs-leak-browser-test.442622/ As a security extension I only use uBlock origin in Hard Mode. It is no coincidence that even wat0114 who uses the same extension as me in hard mode gets identical results to mine.
  5. You are right I am OT in this thread and I publicly apologize. But as you may have noticed my original post was referring to @msfntor and I even quoted it. In my Country it is not customary to insert oneself into discourse between others in an arrogant manner. If you don't like what I wrote, don't read it. And with that I am done, avoid answering because you will not have the satisfaction of reading a counter-response from me. Good evening.
  6. @NotHereToPlayGames OK. __________________________ p.s. I don't have Firefox installed in W.10.
  7. This may be the exception that proves the rule. My result with Edge: with Firefox I have only 2.
  8. It is in January 2023 that Chrome stops running manifest v2 extensions: https://developer.chrome.com/docs/extensions/mv3/mv2-sunset/ It's not my area of expertise, but one solution is to implement blocking at the DNS level. But in this case, cosmetic filtering would be missing. Raymond Hill writes that he currently has no solution to the noop rule which is currently unworkable. Very useful to start decreasing the filters used in UBO. At the moment in Edge I have: 41406 network filters 37824 cosmetic filters
  9. A group of German researchers from the Ruhr University (Bochum) and the Hochschule Niederrhein have discovered 14 types of XS-Leaks attacks that affect all major browsers. Cross-site attacks are not new, but the academic researchers showed how many types of XS-Leaks are still unclassified and unresolved. https://xsinator.com/
  10. @D.Draker Google Trackers. I can view them with Edge blocking them of course with my personal settings. Probably, if they are blocked by the browser, they are not blocked by UBO. But I use few lists, so you have to investigate with your browsers.
  11. Instead, I prefer, whenever possible, to get security directly in the browser. Let's consider the usual javascripts as an attack vector. Only with MS Edge 96 is it currently possible for renderer processes: https://blogs.windows.com/msedgedev/2020/09/30/microsoft-edge-multi-process-architecture/ to lower the default level which is "Untrusted" to IL AppContainer. Currently with Process Explorer you will always see an IL "Untrusted" because the function is disabled and to enable it you have to insert a registry key. If I remember correctly Firefox has a "Low" IL.******* It is obvious that a sandbox-escape will have a probability of success that is much lower in Edge (hardened): https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-policies#rendererappcontainerenabled than in Firefox. P.S. ******* https://wiki.mozilla.org/Security/Sandbox/Process_model
  12. It depends on how you blend into the crowd. If you use a common browser completely to default like the greater part of the mass you are yes, camouflaged but very vulnerable in safety. If instead you use a hardened browser with purpose the safety + values more commonly used for the fingeprinting falsified you are equally camouflaged because even if you are visible you usufruite of a visibility fake.
  13. https://www.ghacks.net/2021/11/24/mozilla-bans-the-fvd-speed-dial-extension-from-firefox/ The extension is for now regularly featured in Edge/Chrome Web Store
  14. https://puppylinux.com/ https://antixlinux.com/download/ https://q4os.org/ Try these distros.
  15. I think the browsers I use are the first defense against trackers: then there are the specific lists I use in UBO,and probably DNS. This last aspect is more important in the smartphone.
  16. Appears the first time Firefox is started. In a tab next to the home. The promo occurs also in Private Browsing.
  17. Firefox 94.x also advertises its VPN. To disable the ad make the changes as in the image below:
  18. I assume therefore yes. Just check the list "AdGuard URL Tracking Protection". With UBO Legacy this rule does not work. TH.
  19. Hi to all. A colleague would like to know if UBO installed in 360 is able to use the rule "removeparam=" Thanks to whoever will answer me.
  20. I instead as someone has already noted in favor of Firefox. To eliminate or mitigate the problems of privacy it is enough to use the optimal Arkenfox user.js: https://github.com/arkenfox/user.js/blob/master/user.js For those who want to do everything by themselves and do not push in an extreme way the search for privacy, some ideas in the excellent article below: https://chrisx.xyz/blog/yet-another-firefox-hardening-guide/ Pale Moon is not able to reach the security of Firefox, think of Total Cookie Protection: https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/ o Site Isolation = Fission: https://www.ghacks.net/2021/11/02/firefox-94-0-release-here-is-what-is-new-and-changed/ By the way who uses Firefox 94.x especially in a Linux OS should check the actual enabling of Fission: "fission.autostart" set to true "gfx.webrender.all" set to true As I've already written I don't think Firefox is the safest browser in a modern Windows OS, but this is OT with the topic of the excellent thread opened by @Mr.Scienceman2000
  21. HTTP websites with malware content discovered daily on the web outnumber HTTPS websites. In addition, HTTPS websites stay online for a shorter time. It is the same for phishing websites: https://phishtank.org/phish_search.php?valid=y&active=y&Search=Search You don't need to work in IT Security, you just need to know how to count.


×
×
  • Create New...