Author Topic: Tests and other Media topics  (Read 302119 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #435 on: March 17, 2017, 06:54:06 PM »
« Last Edit: March 17, 2017, 06:58:36 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #436 on: March 20, 2017, 10:44:35 PM »
@ the browser users here...

Test your browser's SSL-configuration.

Here: https://www.ssllabs.com/ssltest/viewMyClient.html
and
https://badssl.com/dashboard/  part of https://badssl.com/
and'
https://www.howsmyssl.com/
and
https://geekflare.com/ssl-test-certificate/  (with ten various SSL testing tools).

enjoy, my good avast friends, enjoy,

polonus

P.S. How the code is being maintained and updated (upgraded): https://github.com/chromium/badssl.com
« Last Edit: March 21, 2017, 12:24:50 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Ciri

  • Newbie
  • *
  • Posts: 1
Re: Tests and other Media topics
« Reply #437 on: March 25, 2017, 06:11:24 PM »
Hi there!
I'm a developer and we are having some issues with avast and karspersky at www.langademy.com
We use webrtc to make video calls. Many users are having issues when they make webrtc calls because the AV blocks the webrtc resources on the navigator( at least in Chrome). Any idea of why is this happening?  :'(

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 66825
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Tests and other Media topics
« Reply #438 on: March 25, 2017, 06:31:19 PM »
Hi there!
I'm a developer and we are having some issues with avast and karspersky at www.langademy.com
We use webrtc to make video calls. Many users are having issues when they make webrtc calls because the AV blocks the webrtc resources on the navigator( at least in Chrome). Any idea of why is this happening?  :'(
Start a new topic in V&W: https://forum.avast.com/index.php?action=post;board=4
Win 8.1 [x64] - Avast PremSec 20.8.2428.B#3 [UI.562] - CC 5.72 - EEK - FF ESR 78.3 [NS/AOS/uBO/PB] - TB 68.12 - SB/CP/SL/DU.BC
Deutschsprachiger Bereich -> Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5416
  • Spartan Warrior
Windows 10 Home 64-bit 1909 Avast Premier Security version 20.1.2397 (build 20.1.5069.559) UI version 1.0.460.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #440 on: March 26, 2017, 07:37:49 PM »
Advertised as Circumventing the Ghost Ban problem with this Uncensored Anonymous Search Page.
Takes you to a page that cannot be opened in https! Is not this any longer serviced by GoDaddy
and could it be this http searchsite keep track of those that search for alternative content and just adding to the Ghost Ban/Alternative News/FakeNews/Mainline News Controversy?????????

Re: -http://gibiru.com/

I would shun such a site nor bookmark it. Do we have similar problems here?: http://www.hongkiat.com/blog/private-search-engines/

polonus


Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #441 on: April 12, 2017, 05:58:01 PM »
In the light of the thousands of hacked WordPress websites, scan if your router is vulnerable here:

https://www.wordfence.com/blog/2017/04/check-your-router/#

Background read: https://www.wordfence.com/blog/2017/04/home-routers-attacking-wordpress/

polonus (volunteer website security analyst and website errror-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #442 on: April 12, 2017, 10:40:53 PM »
Now when you tested and found it to be open, when your ISP provider does that, it is also their responsibility when you get hacked by Mirai botnet for example. Such IT spooks have all sorts of excuses.

Re: https://arstechnica.com/security/2016/11/notorious-iot-botnets-weaponize-new-flaw-found-in-millions-of-home-routers/ 

They know about this hole since 2014 and if they continue to leave it open it could be both sloppy IT managment and also gross negligence when the flaw is being abused.

The port is used for remote management by the provider. Test again here: https://www.grc.com/x/ne.dll?bh0bkyd2

Read: https://arstechnica.com/security/2016/11/notorious-iot-botnets-weaponize-new-flaw-found-in-millions-of-home-routers/

So when your provider leaves it open they want to remotely mess with your router settings. That is nasty. It is you that should do the router settings, at least that is what we think in Europe, it may be quite another story in the U.S. of A.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #443 on: April 15, 2017, 01:26:26 PM »
Following Breaking News.

How to protect your firefox browser against  Unicode Phishing Attack?

With the firefox browser one could use the following work-around:
Quote
Open Firefox:

1. Enter the following txt into the address bar of firefox about:config
2. Read the alert and then proceed further.
3. Enter this txt  in into the address bar: punycode
4. You will now see this apear: network.IDN_show_punycode
5. Double click this item will make false change into true.
6. Close the tab page.   

Info credits go to:  Dongel

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83781
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #444 on: April 15, 2017, 02:27:59 PM »
Following Breaking News.

How to protect your firefox browser against  Unicode Phishing Attack?

With the firefox browser one could use the following work-around:
Quote
Open Firefox:

1. Enter the following txt into the address bar of firefox about:config
2. Read the alert and then proceed further.
3. Enter this txt  in into the address bar: punycode
4. You will now see this apear: network.IDN_show_punycode
5. Double click this item will make false change into true.
6. Close the tab page.   

Info credits go to:  Dongel

polonus

For me, having to edit the about:config for most people is a step to far as you would have to edit for individual issues.

Phishing in itself has to be covered through security based add-ons (or the browser itself), the likes of NoScript, RequestPolicy, etc. Not to mention Avast or other anti-virus.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.598) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #445 on: April 16, 2017, 05:03:10 PM »
Take the browser can identify you by the adblocker you use test.

Do it here: https://extensions.inrialpes.fr/

Detected extensions were trafficlight and adguard adblocker.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline mchain

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 5416
  • Spartan Warrior
Re: Tests and other Media topics
« Reply #446 on: April 18, 2017, 03:42:35 AM »
Take the browser can identify you by the adblocker you use test.

Do it here: https://extensions.inrialpes.fr/

Detected extensions were trafficlight and adguard adblocker.

polonus
Thanks Pol,

You got me testing a few setups and one in particular seemed to work well:  Opera in VPN Private mode.
Windows 10 Home 64-bit 1909 Avast Premier Security version 20.1.2397 (build 20.1.5069.559) UI version 1.0.460.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #447 on: April 25, 2017, 03:12:47 PM »
Privacy-OS Tails 2.0 script with an excellent regular expression

Quote
: new RegExp('^(http|https):\/\/[a-z0-9\-_]+(\.[a-z0-9\-_]+)+([a-z0-9\-_\.,@\?^=%&;:/~\+#]*[a-z0-9\-\_#@\?^=%&;/~\+])?$', 'i');

Almost  perfect Rubular regular expression - emails are secure that way. Excellent, 99,9% secure.

Where in the code we detect this one: https://tails.boum.org/lib/js/mirror-dispatcher.js

Online tester here: https://regex101.com/

polonus
« Last Edit: April 25, 2017, 07:02:12 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 32691
  • malware fighter
Re: Tests and other Media topics
« Reply #448 on: April 30, 2017, 12:51:28 AM »
How to stop this spy inside your browser.

Read about how font tracking with fonts.googleapis.com for instance is spying on you from inside the browser: http://fontfeed.com/archives/google-webfonts-the-spy-inside/

A great extension for those with relevant knowledge as to know how to toggle it, e.g. what to block and what to allow or add is:
Negotiator: https://chrome.google.com/webstore/detail/negotiator/lfopjlendebbnfddpgpoaahmpbgmffii

Just clicking and you see what's tracking you from where to where and how to block it eventually.
Consider what third party tracking you wanna block (somewhat like with Ghostery or Disconnect) or what you wanna allow,
considering the amount of functionality needed to do on the webpage what you plan to do, and whether you trust that
connection. So this is for advanced user, that knows what goes on beneath the hood of their browser of choice.

It reminds me much of Request Policy add-on for/in firefox and it is a great companion alongside uBlock and uMatrix extensions.
I'am quite charmed about the outlay, rather versatile little extension, folks.

polonus (volunteer website security analyst and website error hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83781
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #449 on: April 30, 2017, 01:45:27 AM »
How to stop this spy inside your browser.

Read about how font tracking with fonts.googleapis.com for instance is spying on you from inside the browser: http://fontfeed.com/archives/google-webfonts-the-spy-inside/

A great extension for those with relevant knowledge as to know how to toggle it, e.g. what to block and what to allow or add is:
Negotiator: https://chrome.google.com/webstore/detail/negotiator/lfopjlendebbnfddpgpoaahmpbgmffii
<snip>
polonus (volunteer website security analyst and website error hunter)

That is somewhat devious, what most would consider innocuous 'fonts.googleapis.com' like it was just using a font repository for a better range of founts on the website, very sneaky.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.7.2425 (build 20.7.5568.598) UI-1.0.558/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro