Author Topic: Tests and other Media topics  (Read 302138 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #270 on: July 16, 2015, 02:31:53 PM »
Validate your SSL connection strength: https://calomel.org/firefox_ssl_validation.html
You could combine this with the Netcraft extension report.
And of course a Qualys SSL scan: https://www.ssllabs.com/ssltest
or the other tests as given in this thread earlier.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6712
  • Trust only what you test yourself!
Re: Tests and other Media topics
« Reply #271 on: July 21, 2015, 05:40:56 PM »
How fast is your site? You can test here the performance of any of your sites from across the globe.

https://performance.sucuri.net/?utm_campaign=Performance%20Tool&utm_medium=social&utm_source=googleplus
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 44120
  • 60 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #272 on: July 21, 2015, 05:51:05 PM »
How fast is your site? You can test here the performance of any of your sites from across the globe.

https://performance.sucuri.net/?utm_campaign=Performance%20Tool&utm_medium=social&utm_source=googleplus
Thanks :)
Free avast! Security Seminar: http://bit.ly/2N1eaR2  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 10 Pro v1909 64bit, 24 Gig Ram, 1TB SSD, AvastOmni 20.7.xxx, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #273 on: July 28, 2015, 06:15:50 PM »
Here on the avast official support forums various users use all sort of website scan sites.
The results of such scans  may set us at ease or
they may encourage us to just look again or avoid to visit a particular website, url, uri....

As our friend Para-Noid has learned us: "You can only trust what you have tested yourself".

And as his forum friend I'd wholeheartedly agree with this Para_Noid's credo.
It is a home-ringing truth, my dear avast friends,

Now we may ask in all earnesty: "Who can we really still trust online these days?".

We have bookmarklets to detect whether a site has JQuery and what (vulnerable) version.
On this fine page we also find fine vulnerability scanners for WP and Joomla CMS results
on websites and more scans and tools: https://hackertarget.com

Another  interesting website to find out about what technologies are being used to be used
on a particular website can be found here:
http://pagexray.com/site/  x      for  x give in the domain of site you wanna check.

enjoy, my good friends, enjoy,,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #274 on: July 28, 2015, 07:00:29 PM »
Various handy utilities to be found here: http://www.nothink.org/utilities.php

Links presented as is. Only to be used when given pertinent written permission to test
or to test on your own website and scripts.

Never go to websites directly, always know your legal position when using scans, if not certain refrain from using,
like with Dazzlepod scan results or Qualys server scan results. The info gained there is not be used against thos scanned.
Qualys Scan Results are not to be given.

You are never to use info gained by cold reconnaissance third party scanning against a particular website/domain. which you do not own. Sometimes you can give a certain scan link (broken), but are not to give the scan result data.

An intersting example of all you can find at this address: http://www.danstools.com/javascript-obfuscate/
Know that in malware loads of so-called pseudo-script and script-obfuscation is used to mislead detection.
so whenever we experiebce obfuscated script it should be a reason to be alert.
As Para-Noid states: "You can only fully trust, what you have tested yourself".

enjoy, my good friends, enjoy,

Damian
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #275 on: July 29, 2015, 06:18:02 PM »
A nice chrome extension to prevent type-behavioral profiling, Keyboard privacy, one you should have:
https://chrome.google.com/webstore/detail/keyboard-privacy/aoeboeflhhnobfjkafamelopfeojdohk

pol

P.S. Where you need secure connection and it does not matter, your bank website for instance, disable the extension.
So toggle to `on´ when privacy goes over security, `off´ when security goes over privacy.

Keyboord Privacy seems the extension to save Tor users to be de-anonimyzed by their type profile.
The cat and mouse game between protection and monitoring forces goes on and on...


Damian
« Last Edit: July 30, 2015, 09:38:09 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #276 on: July 29, 2015, 06:27:24 PM »
Create your own bookmarklets using JQuery: http://benalman.com/code/test/jquery-run-code-bookmarklet
and http://benalman.com/projects/run-jquery-code-bookmarklet/

A fine javascript bookmarklet generator is to be found here: http://mrcoles.com/bookmarklet/

To check a webpage for JQuery, look for it here and drag onto the bookmark bar: http://www.learningjquery.com/2009/04/better-stronger-safer-jquerify-bookmarklet

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6712
  • Trust only what you test yourself!
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #278 on: July 30, 2015, 12:58:53 PM »
For VPN users of Chrome, prevent leaking non-public IP addresses with this extension: https://chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia
Another protection against this read-out via javascript methods is the use of NoScript, uMatrix, and Tor-Guard.
To diable it in the Google Chrome browser settings, give in in the address bar: "chrome://flags/" and set "Disable WebRTC device enumeration" to on. In firefox in the address bar give in "about:config" and then set "media.peerconnection.enabled" to "false". Or as said use the versatile overall protection of the NoScript extension in firefox, and uMatrix in Google Chrome.

polonus
« Last Edit: July 30, 2015, 01:06:30 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #279 on: July 30, 2015, 02:14:32 PM »
Interesting about what your browser knows about you:
https://isc.sans.edu/forums/diary/Psst+Your+Browser+Knows+All+Your+Secrets/16415/

link article author = sally Vandeven

Curious ->  just open a command prompt and run:

set SSLKEYLOGFILE=c:\sslKeyLogFile.txt

Know that Bitdender products may  ruin "SSL" through installing an all purpose root certificate, so one can no longer see the validation path and it also is not checking for revocation.
This can be disabled by locally deleting the root CA and disabling the SSL scan option, so Bitdefender can no longer interfere,
but for users that want to enforce SSL (like with https: everywhere) this is no option.
Forum users that use Bitdefender, and I know some here that are, should be aware of such facts.

Avast has a far better SSL-scanning feature  ;D as we know from avast team members here.

We know Mozilla NSS has mentioned feature, MS might have it also,
but then  if it was/is the feature never was known to the public.
Info-credits go to Secu_jay.

polonus
« Last Edit: July 30, 2015, 03:46:23 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #280 on: July 30, 2015, 03:14:15 PM »
Is Microsoft's Edge browser as safe as the Google CXhrome browser?
Trend Micro says yes, both Edge and Chrome are more secure than firefox is.
Re: http://blog.trendmicro.com/trendlabs-security-intelligence/windows-10s-new-browser-microsoft-edge-improved-but-also-new-risks
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #281 on: July 30, 2015, 06:07:50 PM »
Whenever you have privacy concerns try this free solution, Tails, https://tails.boum.org/
Why you should do this: https://tails.boum.org/
Why: http://arstechnica.com/gadgets/2013/10/googles-iron-grip-on-android-controlling-open-source-by-any-means-necessary/

polonus

P.S. Tails is better protected from type profiling yp de-anonimyze tor users with the keyboard privacy plug-in.

D
« Last Edit: July 30, 2015, 09:45:49 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
« Last Edit: July 30, 2015, 09:46:27 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #283 on: August 04, 2015, 02:37:36 PM »
Coalition annoucing new DNT standards: : https://www.eff.org/press/releases/coalition-announces-new-do-not-track-standard-web-browsing - The new DNT standard is not an ad- or tracker-blocker, but it works in tandem with these technologies.
As it is a voluntary measure your privacy is depending on what certain parties honor and what not. I even suspect ABP to be more commercially inclined (showing "unobtrusive" ads they were paid to let through) then purely being a tracking blocker.

Nowhere I read about new tracking procedures like canvas printing tracking for which I use a special extension.
In my option the new DNT standards do nothing against malvertising and SEO Spam (Google cannot even stop it with a big hidden team of experts trying to stem i in,, it is an endless excercise that does not seem to work somehow).
I rather use uBlock Origin then ABP and I use Anti-Adblock Killer 8.2.

With DuckDuckGo I do not see Avast Online Security info, I do not see Bitdefender TrafficLight info, DrWeb URL cheker info (I can scan that url seperately, but that is not what I want), I only see WOT results. n with DuckDuckGo Extended running from Tampermonkey I haven't the same functionality as on the Google Searchpage or Ixquick or startpage. With these alternatives I miss the so-called "road signs" what destinations to avoid. Allthough I participate on WOT as "luntrus" having only these results shown on a search page is a bit meagre to my liking.

I think the whole thing is purely cosmetic camouflage, why they have no deal on blocking ads from Windows gadgets for instance or using adblockers on Google's Android OS. There personalized ad-targeting has won and we see EEF's full compliance, at least I haven't heard a word of protest as there we cannot even stop tracking nor protect/block when such ads get malvertised. Malvertising campaigns is the main and only reason polonus want to be able to block all ads.
It would be better if they could have made a model where users pay to surf absolutely ad-free.

The best solution so far is using script blockers like NoScript and RequestPolicy in firefox to toggle what you wanna block per se. In Google Chrome I have uMatrix where I canb selectively block cookie, css, picture, plug-in, script, XHR, frame, others- here on this page for avast.com and for the present domain with avast.com, google-analytics com  and www.google-analytics com. I can block 9 cookies, 6 images, 2 scripts from running. In Chrome I also have the StopTracking extension running.

polonus


P.S. What is funny that on a link where the new DNS policy was discussed. e.g. http://webwereld.nl/markttrends/87656-adblock-en-duckduckgo-brengen-echte-do-not-track# I had to block a link to -http://track.adform.net/
and encountered this: http://toolbar.netcraft.com/site_report?url=http://script.leadboxer.com

How could they come to DNT when all of the Internet is just about this one activity, is beyond me. First you totally surrender and then you start to scream no-one respects your privacy anymore.  :(

Damian
« Last Edit: August 04, 2015, 05:27:00 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5416
  • Spartan Warrior
Re: Tests and other Media topics
« Reply #284 on: August 04, 2015, 07:40:08 PM »
Coalition annoucing new DNT standards: : https://www.eff.org/press/releases/coalition-announces-new-do-not-track-standard-web-browsing - The new DNT standard is not an ad- or tracker-blocker, but it works in tandem with these technologies.
As it is a voluntary measure your privacy is depending on what certain parties honor and what not. I even suspect ABP to be more commercially inclined (showing "unobtrusive" ads they were paid to let through) then purely being a tracking blocker.

Nowhere I read about new tracking procedures like canvas printing tracking for which I use a special extension.
In my option the new DNT standards do nothing against malvertising and SEO Spam (Google cannot even stop it with a big hidden team of experts trying to stem i in,, it is an endless excercise that does not seem to work somehow).
I rather use uBlock Origin then ABP and I use Anti-Adblock Killer 8.2.

With DuckDuckGo I do not see Avast Online Security info, I do not see Bitdefender TrafficLight info, DrWeb URL cheker info (I can scan that url seperately, but that is not what I want), I only see WOT results. n with DuckDuckGo Extended running from Tampermonkey I haven't the same functionality as on the Google Searchpage or Ixquick or startpage. With these alternatives I miss the so-called "road signs" what destinations to avoid. Allthough I participate on WOT as "luntrus" having only these results shown on a search page is a bit meagre to my liking.

I think the whole thing is purely cosmetic camouflage, why they have no deal on blocking ads from Windows gadgets for instance or using adblockers on Google's Android OS. There personalized ad-targeting has won and we see EEF's full compliance, at least I haven't heard a word of protest as there we cannot even stop tracking nor protect/block when such ads get malvertised. Malvertising campaigns is the main and only reason polonus want to be able to block all ads.
It would be better if they could have made a model where users pay to surf absolutely ad-free.

The best solution so far is using script blockers like NoScript and RequestPolicy in firefox to toggle what you wanna block per se. In Google Chrome I have uMatrix where I canb selectively block cookie, css, picture, plug-in, script, XHR, frame, others- here on this page for avast.com and for the present domain with avast.com, google-analytics com  and www.google-analytics com. I can block 9 cookies, 6 images, 2 scripts from running. In Chrome I also have the StopTracking extension running.

polonus


P.S. What is funny that on a link where the new DNS policy was discussed. e.g. http://webwereld.nl/markttrends/87656-adblock-en-duckduckgo-brengen-echte-do-not-track# I had to block a link to -http://track.adform.net/
and encountered this: http://toolbar.netcraft.com/site_report?url=http://script.leadboxer.com

How could they come to DNT when all of the Internet is just about this one activity, is beyond me. First you totally surrender and then you start to scream no-one respects your privacy anymore.  :(

Damian
Agree with you there.  Of note is duckduck go webpage, no one seems to support anything there other than WOT for ratings purposes, on all sites displayed there, not even avast online security.  Could be that this website is doing what it says it is doing, not allowing invasive privacy tracking to occur from within it, as it is general knowledge every privacy extension you put on your browser can report to the creator of that extension applet without your explicit user interaction or consent.

But, just moving off that page is no guarantee of continued privacy when going to another site off of it.  DuckDuckgo also actively moderates what their users can see on it as well. 

Notwithstanding that, for my purposes, it works well and is safer to use than Google, imo.  DNT is not what it says it is.
Windows 10 Home 64-bit 1909 Avast Premier Security version 20.1.2397 (build 20.1.5069.559) UI version 1.0.460.