FBI warning against Windows 7 use.

[D.Draker]

On 12/6/2020 at 7:34 AM, ZaPbUzZ said:

Through these ad serving corporations hackers are found and even rogue government employed hackers but china's hackers are ugly as hell just block china if your not Chinese. same as Russians. They use methods such as tricking kernels with simulated hardware errors to pry into the system security layers. Such crap causes hardware failures sometimes fatal and expensive. Don't go thinking meltdown and Spectre are anything new age. Older less depth style hacks have been emerging from government agencies since Cavalari core was invented only governments can craft that level of hack intelligence.

Golden words , like . The only minor thing left , explain it to many others on here , that use yandex [!] , yes living in United Kingdom , for example , and yet using yandex .

As for me , I just block tons of china-russia IPs with firewall. The same goes to google, yahoo , etc. 

[siria]

D.Draker said:

Try to use NoScript here , for example . You won't even be able to leave a comment .

Here - MSFN? Luckily I can, without JS, and grateful it's still possible. Or would probably have to leave. Uploading attachments does need scripts, but posting still works. Although only with the simplified box at page bottom.

I'm not bothering with complicated stuff like NoScript either, and there's also an ongoing war by tricky page authors to circumvent it. Sneaky stuff like scripts inside noscript tags etc...
My personal preference has always been to just block JS globally, and toggle shortly On/Off when needed. Just one button click away in K-Meleon.
Also crucial for security: iframes can be blocked with a simple pref (permissions.default.subdocument=1/2/3)
Have seen there are similar basic addons for FF too, guess "Content Block", PrefBar, QuickJava or similar. Edited December 11, 2020 by siria

[Gansangriff]

It's about picking the right servers, where scripts should be allowed.

addictive-ads.com
spyonyou.info
soundsfine.com
soundslikeenglish.com
soundslikespam.com
a0a0202.cloudfront.com
local-newspaper.com
cdn-network.com

Being presented with that kind of list, my users think: Now how do I have to decide? What is a "content delivery network"? I've read they offer me spyware! What is "Cloudfront"? The big numbers in front of it look like a hacker attacks me now! "Soundsfine.com", well that does sound fine, doesn't it?

These quesitons are very dificult, I know. On a short-term, this configuration gives you headaches, having to configure NoScript for every site and look up every single thing, what it is and what it does. But on the long-term, once you have everything set up, browsing the web actually makes fun again. Of course some scripts are doing a fine job, like here on MSFN (from my point of view). It performs well on the old Pentium 3.

12 hours ago, D.Draker said:

Just install a fresh Linux and see the connections it's making right away . 

It's true, that there are internet connections happening on a fresh Linux machine. Some distributions definetly do much more than giving you updates and syncing the time over the network. Especially if you look at what Ubuntu has done. The free software man Richard Stallman knows, why he points at them (https://www.gnu.org/philosophy/ubuntu-spyware.en.html).
But other Linux distributions are different. My Salix installation doesn't say a word by itself to the outside world (after I've configured it)! It's like with Windows XP basically, although I don't think that you can configure a Windows XP machine on it's own to block all connections, that you didn't ask for. For example the Hosts-file is being circumvented for Microsoft servers (https://www.blabley.org/windows-10-ignoring-the-hosts-file-for-specific-name-resolution/). That's why I use a "hardware" non-Microsoft firewall, the configurable router, which has filters for these cases.

But not all web connections are bad! The users would have to update their system by themselves, which they don't want, they just want to use their computer. It's convenience.

 

[Dixel]

8 hours ago, Gansangriff said:

"content delivery network"?

Is a spy , better to avoid it . Don't you think ?

[D.Draker]

3 hours ago, Dixel said:

Is a spy , better to avoid it . Don't you think ?

I have many of it blocked, yes there are some downsides , some sites load slower. But I prefer to block it.

[InterLinked]

22 hours ago, D.Draker said:

A simple addon ? It's not simple for modern day users , blocking scripts ? Well good luck with that , all those modern bloated websites simply won't work , even if user knows what he's doing. Try to use NoScript here , for example . You won't even be able to leave a comment . And the majority of users won't bother themselves with figuring out what went wrong , they will simply uninstall this extension . I think the devs of  NoScript really should make it more simple-user friendly , add some templates for example , like light / mid / heavy privacy.

Even though I like your comment in general , I don't think Linux is a "user-friendly" system. And it's bloated with spying as well . Just install a fresh Linux and see the connections it's making right away . 

Well, Linux, quite frankly, sucks as a workstation OS in general. It's often impractical to use anything other than Windows for a variety of reasons. I love Windows in general, I just hate the most recent releases of it.

[D.Draker]

4 hours ago, Dylan Cruz said:

Well, Linux, quite frankly, sucks as a workstation OS in general. It's often impractical to use anything other than Windows for a variety of reasons. I love Windows in general, I just hate the most recent releases of it.

I wasn't the one who suggested linux )))))))) And I'm with you on this . I also think we should you use Windows , but everything after Vista sucks , it's my opinion and I don't want to argue, k ?

[Gansangriff]

14 hours ago, Dixel said:

Is a spy , better to avoid it . Don't you think ?

Once I've hunted every connection down, that had CDN in it's name and dared to enter my network. But what kind of content is the CDN server actually delivering? Could be some pictures, but could be a tracker or an advert, too.

There is no easy solution for this. It always depends on the case. But to be honest, 95% of them are just garbage and slow your internet browsing down. I can say, that on the old Pentium 3 and on slow mobile connections, this saves a lot of bandwidth on plenty of "bigger" websites.

[D.Draker]

On 12/11/2020 at 10:24 PM, Gansangriff said:

Once I've hunted every connection down, that had CDN in it's name and dared to enter my network. But what kind of content is the CDN server actually delivering? Could be some pictures, but could be a tracker or an advert, too.

There is no easy solution for this. It always depends on the case. But to be honest, 95% of them are just garbage and slow your internet browsing down. I can say, that on the old Pentium 3 and on slow mobile connections, this saves a lot of bandwidth on plenty of "bigger" websites.

Just search for Cloudfare MITM attack . And yes , it is quite easy for those without "Pentium 3" , just block tons of their IPs .

[TrevMUN]

On 10/1/2020 at 3:27 AM, Gansangriff said:

Also consider that something like Windows XP got more secure over time, as less and less people were using it. Windows 7 is still a very attractive target for mean hackers with circa 15% market share (2020).

Speaking of that, has anyone seen MattKC's video where he deliberately tries to infect Windows 98 with viruses? He went into it expecting to get viruses immediately, but got more and more frustrated that he couldn't no matter what he did.

Granted, Nostalgia Nerd was able to mess up Windows 10 with DOS-era viruses, 7,000 of them, ultimately. Though unlike MattKC he actually went and deliberately downloaded a huge bunch of "zoo viruses" rather than just trying to be a particularly careless about his Internet habits.

Either way, it does show that there is an element of security through obscurity for the older OSes. I don't rely on that alone, of course, but I didn't give into the FUD when tech journalists heralded the impending "XP Zombie Apocalypse" in 2014 and I don't intend to do so now.

[JacobCl1989]

Same old arguments. Whatever the current version of Windows OS is, it's the best thing since sliced bread. Whatever the former version of Windows OS is, it's flawed, lacks security, puts user data at risk, blah, blah, blah. As if that were not true for ALL versions of Windows OS, including the most current. I view this as just another scare to coerce users to Windows 10; which is a horrible OS.