Jump to content

Sampei.Nihira

Member
  • Posts

    1,393
  • Joined

  • Last visited

  • Days Won

    30
  • Donations

    0.00 USD 
  • Country

    Italy

Everything posted by Sampei.Nihira

  1. It is a privacy-related feature. In addition to the list of filters you mentioned @UCyborg other filter lists with these features are those of DandelionSprout (The most famous is Actually Legitimate URL Shortener Tool).
  2. This is clearly stated in the Tuta FAQ. I recommend that you read them: Have a good evening. P.S. I don't comment on javascript injection because I still have to eat dinner and I don't want food to get stuck in my stomach. You are right @NotHereToPlayGames here users have preconceived notions that are difficult to eradicate.............
  3. Try Tutamail. By default (but you then change) it uses password encrypted email sending. In order for the recipient to read the email and possibly open attachments, they must know the password you chose during sending. The recipient of course is informed (via client-email) that he or she has received an email. Obviously all this assumes that you have a browser (the email is read using the web-mail method) set up reasonably well from a security/privacy standpoint. In the image the email received. Without a password it cannot be read.
  4. Yes, almost everyone uses the same e-mail they have in their smartphone (Gmail). I include 2 more secure email services: https://proton.me/mail https://tuta.com/ It is possible to register a free account.
  5. My interest in scripts is specifically for security/privacy. So I block all HTTP website scripts in the browser. Almost all links to malwares content are HTTP. But with a simple rule in uBO you can do the same.
  6. Check if you are in this situation: https://www.ghacks.net/2024/04/23/windows-11-24h2-wont-boot-if-the-pc-does-not-support-this-cpu-feature/ to check the CPU you can use CPU-Z which must be started from administrator account: https://www.cpuid.com/softwares/cpu-z.html
  7. If any MSFN members want to test. Warning: The link in the image is an active phishing website (at the moment). So be careful and do not enter any data.
  8. Correct. But even in W.10/11 in many malicious websites with (HTTPS) phishing content (this is not often the case for websites with malware content) the certificate is valid and nothing prevents the browser (at a given initial instant of time) from opening the malicious web page without any problem. P.S. In fact, I would be curious to see how your browsers (on W.XP) would treat these web pages,but the test should be done quickly after I put in the phishing link.
  9. Although very dated might I suggest this test to evaluate the better/worse intrinsic security of Thorium vs Supermium? Perhaps the score is identical: https://browseraudit.com/
  10. @Felipefpl You are certainly protected if only your Custom filter list uses more Network rules and Cosmetic rules than all my filter lists. But I use UBO in Hard Mode + TLD's. An advanced mode of use compared to the protection provided by filter lists alone.
  11. Hi to all. In addition to ads you should also consider trackers. Here is why UBO should be used for its wide-spectrum blocker capabilities: https://github.com/gorhill/uBlock/wiki/Blocking-mode
  12. I have made only 2 posts referring to @XPerceniol. You, on the other hand, certainly wrote more posts than I did even in response to other MSFN members who did not have MyPal 68 as their topic. So try to be more sympathetic to the answers other MSFN members give to help others. P.S. Discussion closed. If you post anything OT in any thread from now on I will be there to point out this rule of yours broken by yourself.
  13. Right. This OT you wrote doesn't seem to me to be relevant to MyPal68,and moreover you intruded on a reply that N. was giving to a fellow countryman. So your rules apply to everyone but yourself?
  14. ECH is not available in MyPal. But this is not important because 99.99% of websites do not use it. And that's what I wrote to @XPerceniol No misleading or dangerous advice as usual the multiple acconts would have you believe (who are clueless as usual).
  15. I did not start in this thread to discuss the Cloudflare test. I just wrote (between the lines) that it doesn't matter if the last test is failed. Moreover, I quoted another user,so my assistance is directed exclusively to this user. You guys can also ignore my interventions. Try you and the multiple account (which I don't even respond to because it is useless now) to call others out as well when they go OT in a topic. Avoid replying because I will not respond to other interventions.
  16. @XPerceniol As I used to tell my students, a picture is worth more than 100 words. In my ECH browser it is always on. In the website below ECH is active. Sites like this are in the minority. In the website below, ECH is not active. 99.9% of websites are in this situation.
  17. @XPerceniol I read that there is much confusion regarding DOH and ECH. Read: https://blog.mozilla.org/security/2021/01/07/encrypted-client-hello-the-future-of-esni-in-firefox/ https://wiki.mozilla.org/Security/Encrypted_Client_Hello Unfortunately, even if you have ECH enabled in your browsers, almost no websites make it usable for client browsers. MSFN does not use ECH. Instead, ECH is enabled in the website under: https://tls-ech.dev/ I hope you understand this difference.
  18. If you want to access the advanced encryption features, you have to enable both in the smartphone browser and in the browser in W.10/11 also Secure DNS. If secure DNS is disabled QUIC will not work. Try a test.
  19. Maybe for my Windows 10 PC. But what to think for the smartphone? W.10 and W.11 have native QUIC support. Do you use either of these OSes for your tests? Unfortunately, MSQUIC is also supported by recent operating systems.
  20. For users who do not like to use QUIC,another caveat is for mobile devices. Opera Android has no flags to enable or disable QUIC which seems to be active by default: The forum in the image obviously uses QUIC. Can any forum members verify what happens with Firefox mobile?
  21. @NotHereToPlayGames Another important fact to know is that the website can use QUIC before any login and afterwards switch to a TLS1.3 connection. NextDNS works like this. Probably more users would be satisfied by such a choice.
  22. @NotHereToPlayGames Thank you for your test. The conclusion is that any user who does not want to use QUIC should test with their browser's development tools.
  23. @D.Draker Everything I write for you to learn is always Off Topic. Are you aware that in Chromium-based browsers you have to select "disabled" to not use (client-side) the QUIC protocol? It is not enough to leave the "default" setting. So there are millions of users in the World using QUIC in chromium-based browsers without any security problems. Because server-side when a website uses QUIC ( example Amazon) has implemented it anyway. With this post my intervention is definitely concluded. Good luck for your poll.
  24. @D.Draker The person who wrote the article is a Mozilla engineer. Are you aware that in Firefox,the QUIC protocol is enabled by default?
×
×
  • Create New...