nicolaasjan Posted September 1, 2021 Posted September 1, 2021 (edited) 58 minutes ago, RainyShadow said: And now they've done it for the normal extensions on the PM site. I haven't checked the basilisk site yet, but expect it to be the same. Same thing on the basilisk site. I wonder if the addon authors are aware. Workaround: general.useragent.override.addons.palemoon.org ---> Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Goanna/4.8 Firefox/68.0 PaleMoon/29.4.0.2 Before: After: But there's a real possibility that they come up with something more "clever" (JavaScript?). Edited September 1, 2021 by nicolaasjan 4
RainyShadow Posted September 1, 2021 Posted September 1, 2021 Thanks, @nicolaasjan, i already got the needed UA for both sites. In the meantime though, i have put in there a little "greeting" for the next time that garden gnome checks the site stats 1
cmccaff1 Posted September 1, 2021 Posted September 1, 2021 @nicolaasjan - Wow! Thank you for the tip! @roytam1 - No worries! I'll do my best to stay on top of the latest releases, even if we have to use a little ingenuity to get the links (in the event of any confusion or uncertainty, I'm sure good samaritans will do their best to help). Thank you for all of your efforts over the years...I've said it before, but I can't say it enough, because you've been at this for a long time and I appreciate all that you do. 1
nicolaasjan Posted September 1, 2021 Posted September 1, 2021 8 minutes ago, cmccaff1 said: @nicolaasjan - Wow! Thank you for the tip! My pleasure! But maybe extensions have to be downloaded first and then you have to edit the `install.rdf` file in it? 1
cmccaff1 Posted September 1, 2021 Posted September 1, 2021 It's quite possible...honestly, I don't use any extensions, with one exception: the last fully working build of QuickJava (2.0.4.1). As the PM website doesn't host this version, I'll be happy to share a direct link: http://web-old.archive.org/web/20191029202435/https://legacycollector.org/firefox-addons/1237/quickjava-2.0.4.1-signed.xpi
nicolaasjan Posted September 1, 2021 Posted September 1, 2021 1 minute ago, cmccaff1 said: honestly, I don't use any extensions, But...,but..., how do you cope with all the ads?
cmccaff1 Posted September 1, 2021 Posted September 1, 2021 13 minutes ago, nicolaasjan said: But...,but..., how do you cope with all the ads? Turning off JavaScript and animated images makes a big difference towards making the overall web experience faster...while some sites don't work properly without JS, the ones that are excessively JS-heavy are in most cases not really worth visiting, to me anyway. 1
NotHereToPlayGames Posted September 1, 2021 Posted September 1, 2021 Agreed! I don't use "ad blocking" extensions (most send user data to the creator of the extension, I do not condone such behavior!) Using NoScript + uMatrix is really all I've ever needed to make my browsing experience free of debri. I don't even allow "all" JS on my own banking and credit card sites and only shop Amazon with a THIRD of the JS they try to execute. JS is not "all-or-none", you can be selective. I actually used to go so far as use a web proxy called Proxomitron where I could rewrite the JS on-the-fly, before the browser even receives it. 1
Nokiamies Posted September 1, 2021 Posted September 1, 2021 2 hours ago, RainyShadow said: And now they've done it for the normal extensions on the PM site. I haven't checked the basilisk site yet, but expect it to be the same. Same thing on the basilisk site. I wonder if the addon authors are aware. That snake Trollbin going at it again... Well child part on their name defines developers mental age very well. That is very low 1
kitaro1 Posted September 1, 2021 Posted September 1, 2021 18 hours ago, kwisomialbert said: Youtube Mobile mode: http://m.youtube.com/?persist_app=1&app=m Desktop mode: http://www.youtube.com/?persist_app=1&app=desktop How to disable Youtube desktop? No quality options, no information for nerds, no PPM menu.
nicolaasjan Posted September 1, 2021 Posted September 1, 2021 7 minutes ago, ArcticFoxie said: I don't use "ad blocking" extensions (most send user data to the creator of the extension, I do not condone such behavior!) I use uBlock Origin/uBlock-for-firefox-legacy (and uMatrix/eMatrix), which don't have that shady behaviour. I fully trust the maintainers of these.
Nokiamies Posted September 1, 2021 Posted September 1, 2021 13 minutes ago, ArcticFoxie said: Agreed! I don't use "ad blocking" extensions (most send user data to the creator of the extension, I do not condone such behavior!) Using NoScript + uMatrix is really all I've ever needed to make my browsing experience free of debri. I second this. Noscript for clickjacking and XSS protection and Umatrix (nmatrix on me) for rest. Umatrix is also good way learn how web works. 15 minutes ago, ArcticFoxie said: I don't even allow "all" JS on my own banking and credit card sites and only shop Amazon with a THIRD of the JS they try to execute. My bank needs only main site and subsite js to be enabled. Rest like google stuff is useless. And I wonder why in world does bank use third party provider scripts that can cause major security issue if vendor gets compromised. If js is not blocked malicious script can steal password or even do transactions in theory 1
henry18th Posted September 1, 2021 Posted September 1, 2021 cmccaff1 Thanks very much for your input and help for the recommendations for NM 27 and 28!!! 1
NotHereToPlayGames Posted September 1, 2021 Posted September 1, 2021 5 minutes ago, Mr.Scienceman2000 said: I second this. Noscript for clickjacking and XSS protection and Umatrix (nmatrix on me) for rest. Umatrix is also good way learn how web works. My bank needs only main site and subsite js to be enabled. Rest like google stuff is useless. And I wonder why in world does bank use third party provider scripts that can cause major security issue if vendor gets compromised. If js is not blocked malicious script can steal password or even do transactions in theory How so very true! One of my credit cards tries to load scripts from SIX domains, only TWO of which belong to the credit card. I've often wondered why anybody would just blindly trust all SIX to load or how many people even actually notice it in the first place. 1
Nokiamies Posted September 1, 2021 Posted September 1, 2021 31 minutes ago, ArcticFoxie said: How so very true! One of my credit cards tries to load scripts from SIX domains, only TWO of which belong to the credit card. I've often wondered why anybody would just blindly trust all SIX to load or how many people even actually notice it in the first place. would be nice to see "secure" sites like bank and cc sites to do same as proper darkweb sites. Blocking access if js is enabled telling you disable it and requiring no js to work. That would increase security of them a lot and courage others drop js too. Js is not as bad as Webassembly or activex but it is still security risk and has no place on any secure site. And claim js blocks bots is false. New bots can read js only sites too. 1
Recommended Posts