Author Topic: Tests and other Media topics  (Read 579512 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #691 on: August 27, 2019, 07:18:20 PM »
Logging in with your facebook account, what privacy implications do you have to fear not blocking facebook?

The impact of a non-blocked visit:
https://privacyscore.org/site/143919/
& https://urlscan.io/result/5ea7f793-0c20-4fd9-8f1a-bb810babfab3

Or the consequenties for your digital privacy seen here:
https://urlscan.io/result/5ea7f793-0c20-4fd9-8f1a-bb810babfab3#links

Just interesting to skim through - JavaScript behaviour on that site:
https://urlscan.io/result/5ea7f793-0c20-4fd9-8f1a-bb810babfab3#behaviour
Did not know they used babel helper (generated per session).

Better than to speculate is to let the facts speak out for themselves. info credits: luntrus

polonus (volunteer 3rd part cold recon website security analyst and website error-helper)
« Last Edit: August 27, 2019, 07:23:33 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #692 on: August 27, 2019, 10:00:58 PM »
The best way to avoid the privacy implications that are part of Facebook,
is to never open a Facebook account. Once opened, expect to kiss your privacy bye bye.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #693 on: August 27, 2019, 10:22:55 PM »
The best way to avoid the privacy implications that are part of Facebook,
is to never open a Facebook account. Once opened, expect to kiss your privacy bye bye.

Guess why I have given social networking and the like a wide berth since they first appeared ;)
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #694 on: September 04, 2019, 04:13:25 PM »
Super Logout online: http://kapat.org/

Intel search engine, made by Peter Kleissner, the sinkhole expert.

Polonus was trained in automatic sinkholing expertise online by Peter Kleissner, n
ow head of Intelligence X
Re: https://intelx.io/?did=d4a06454-081c-45be-9ed2-9329499c5e89
and see how we reached that super logout tool...

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #695 on: September 07, 2019, 08:30:22 PM »
Coming to USA Firefox now:
DoH: https://blog.mozilla.org/futurereleases/2019/09/06/whats-next-in-making-dns-over-https-the-default/
Advantages and disadvantages.
See Client Support: https://en.wikipedia.org/wiki/DNS_over_HTTPS

This all to battle against abuse of unencrypted DNS request connections.

Why this is not such a good idea for end-users:
1) Concentrating all DoH requests with a small group of external players (like CloudFlare, Google) will mean an enhanced privacy risk for a large number of Internet-users, because mentioned players will exactly know for a great numer of Internet-users when and what websites they visit. Censorship and downgrading of certain websites is not unthinkable. From a privacy viewpoint it would be a goiod thing one could have many more DoH providers to choose from, but then blacklisting will be more of a problem, because;

2) Local DNS-logging does no longer take place at firm-level. Of-course such logging means an enhanced risk, but it will enable you to detect compromitted devices within your network;

3) DoH will raise demand for TLS-interception considerably and the risks therof outbalance overall profit.

(info credits: Erik van Straaten).

Using Pi-hole in such a setting makes you dependant on just one single DOH-provider. What about virtual hosts on one IP address.

But "DNS queries for the A and AAAA records for the domain “use-application-dns.net” must respond with NXDOMAIN rather than the IP address retrieved from the authoritative nameserver".

Mozilla just thinks to comply with the following contract: In the US, Firefox by default directs DoH queries to DNS servers that are operated by CloudFlare, meaning that CloudFlare has the ability to see users' queries. Mozilla has a strong Trusted Recursive Resolver (TRR) policy in place that forbids CloudFlare or any other DoH partner from collecting personal identifying information.
To mitigate this risk, our partners are contractually bound to adhere to this policy. (does not just only apply to Cloudflare's)
Source: https://support.mozilla.org/en-US/kb/firefox-dns-over-https

Whenever you are used to non-existing Interwebz-privacy this is not a big thing, remember only that it only furthers the monopoly status of the big players, like we have Google, CloudFlare,

So again less to choose from, or use: Intra — an Android application by Jigsaw to route your DNS queries to a DNS-over-HTTPS server of your choice, re: https://play.google.com/store/apps/details?id=app.intra

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: September 07, 2019, 09:28:52 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #696 on: September 09, 2019, 12:41:44 PM »
Several Public DOH servers tested against Mozilla Observatory Scan.

1. https://observatory.mozilla.org/analyze/dns.adguard.com   F-grade status
2. https://observatory.mozilla.org/analyze/dns.google   B- grade status
3. https://observatory.mozilla.org/analyze/cloudflare-dns.com  C- grade status
4. https://observatory.mozilla.org/analyze/dns9.quad9.net  no 200 OK returned, F-grade status
5. https://observatory.mozilla.org/analyze/doh.cleanbrowsing.org  B-grade status
6. https://observatory.mozilla.org/analyze/doh.crypto.sx  D- grade status
7. https://doh-ch.blahdns.com/dns-query  no 200 OK returned, F-grade status
8. https://observatory.mozilla.org/analyze/dns.rubyfish.cn  D+ grade status
9. https://observatory.mozilla.org/analyze/doh.dnswarden.com  no 200 OK returned D+ grade status
10.. EU server: https://observatory.mozilla.org/analyze/dns.aaflalo.me  D+ grade status
11.  https://observatory.mozilla.org/analyze/doh.captnemo.in  D- grade status
12. https://observatory.mozilla.org/analyze/rdns.faelix.net  no 200 OK returned, D- status
13. https://observatory.mozilla.org/analyze/doh.armadillodns.net  F-grade status
14. https://observatory.mozilla.org/analyze/doh.netweaver.uk   no 200 OK returned  C- grade status
15: https://observatory.mozilla.org/analyze/jp.tiar.app  has an A+ status 

Found at: https://github.com/curl/curl/wiki/DNS-over-HTTPS

From thiese results it seems that DNSSec Japan, is best, A+ status grade,
No Censorship, No Logging, No ECS, support DNSSEC in Japan,
Nihon iti!  (source credits go to: luntrus)

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #697 on: September 09, 2019, 05:08:44 PM »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #698 on: September 29, 2019, 11:37:55 AM »
AMP

Why AMP is bad? Read: https://medium.com/@danbuben/why-amp-is-bad-for-your-site-and-for-the-web-e4d060a4ff31

Convert to AMP: https://www.ezoic.com/google-amp-converter/?{lpurl}?utm_source=google&utm_medium=g&utm_term=accelerated%20mobile%20pages&utm_content=228474895894&utm_campaign=755009171&utm_source=google&utm_medium=g&utm_term=accelerated%20mobile%20pages&utm_content=228474895894&utm_campaign=755009171&gclid=EAIaIQobChMI0Zfv49j15AIVTPlRCh2hQAdaEAAYASAAEgL32fD_BwE

Test AMP: https://search.google.com/test/amp

And see in the light of Google's (non-)existing privacy policies: https://www.theregister.co.uk/2019/09/25/google_privacy_wc3/

What is shown often is not known, end-user transparency does not exist or barely,
end-users aren't fully aware of the tracking and data-slurping that is going on all of the time all the time,
and it almost seems end-users rather not know.

A rather small percentage of "wokers" to these facts of digital life around. It is all about less user-control
on content (fake news), analytics & design, and more advanced Google control.

1. (Most important) Use a VPN or Proxy server.

2. Use an ad blocker.

3. Disable 3rd party cookies.

4. Disable JavaScript or use just what you need to make the webpage function for you (uMatrix)

5. Use a good browser and  not the Google Chrome (clone) spyware)).
    When using Google Chrome use it in incognito mode (and it does not track you that way).  (info credits; Maelstorm)

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #699 on: October 05, 2019, 12:22:49 AM »
L.S. Found my topic mentioned here: https://forum.avast.com/index.php?topic=129271.msg1513283#msg1513283
This is at 'google results' here: https://www.virustotal.com/gui/ip-address/217.160.0.127/details
This related to this scan result: https://www.virustotal.com/gui/url/6dd7baf5fafb4b7fab4f3f6d9e6f95b862409a697b4e651af8c0fb7adced5ae3/details
where now 7 engines detect.
Also mentioned at the above google results = https://urlquery.net/report/5c0b87e5-08cf-4f80-9b70-89af08ec9e68
coming from this scan report @ urlquery dot net: https://urlquery.net/report/63564530-782e-4486-8c90-6b86f60b1514
malware detected by fortinet's this index.php uri

pol
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #700 on: October 05, 2019, 12:28:38 PM »
Chrome browser will eventually block all http-content on https websites, this is announced from version 81 henceon.
No more injections then can take place into http-elements through MIM attacks.

Test here random example: https://observatory.mozilla.org/analyze/meedoeninarnhem.nl

US providers used above mentioned leak to change adverts to their own and add adverts,
it is also a royal way in for fake-news and pop-ups of sorts.

One root is to do this in the browser another route could be to make websites implement CSP,
Content Security Policy: read: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP

Good to enable "Tracker SSL" as a browser extension to see how trackers help you protect against for instance NSA snooping.

Another way to check is SSL-check: https://www.jitbit.com/sslcheck/
At these forums pages failed to crawl were: Pages failed to crawl (error returned from the server):
-https://forum.avast.com/index.php?action=.xml;type=rss - empty response
-https://forum.avast.com/index.php?action=verificationcode;vid=search;rand=8d73f3bbXXXXXXXXXX024b5f69c13817;sound - empty response

Test any website: https://nibbler.silktide.com/  and here: http://www.siteliner.com/

The avast forum report: https://nibbler.silktide.com/en_US/reports/forum.avast.com

Hey, folks, read here and else on the forums, because we have found, that
"Over the past 3 months, this website has experienced a moderate decrease in popularity."  :o

polonus (volunteer 3rdparty cold recon website security analyst and website error-hunter)
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Tests and other Media topics
« Reply #701 on: October 05, 2019, 12:39:50 PM »
The avast forum report: https://nibbler.silktide.com/en_US/reports/forum.avast.com

Hey, folks, read here and else on the forums, because we have found, that
"Over the past 3 months, this website has experienced a moderate decrease in popularity."  :o
That's actually a good sign, as this is a support forum, less traffic means less problems. ;)
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #702 on: October 05, 2019, 02:04:38 PM »
Hi Asyn,

That is your view. ;D You always see the glass half full, while others constantly are looking a half an empty glass  ;)

This is not reassuring, how easy it is for authorities to tap fiber-data, the proverbial key under the doormat, see here:
https://www.youtube.com/embed/o_WE6Rg_o5E?autoplay=0&enablejsapi=1&wmode=opaque

A network provider does not have an internal network, think of data-traffic in a back-up procedure between data-centers.  :o
Not a lot of the common public is aware of this siutuation, and the ease with which surveillance can get get at all of our data
or at least the very bulk of it.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Tests and other Media topics
« Reply #703 on: October 05, 2019, 02:19:08 PM »
Unfortunatly, I doubt that users are aware/interested... :-\
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #704 on: October 05, 2019, 03:45:44 PM »
The avast forum report: https://nibbler.silktide.com/en_US/reports/forum.avast.com

Hey, folks, read here and else on the forums, because we have found, that
"Over the past 3 months, this website has experienced a moderate decrease in popularity."  :o
That's actually a good sign, as this is a support forum, less traffic means less problems. ;)
Less traffic could also mean less customers which is not a good thing.
I have noticed a large decrease in traffic on the forum.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet