Author Topic: Tests and other Media topics  (Read 579335 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #30 on: August 21, 2013, 05:25:20 PM »
Did firefox developers give in to advertisers (and malvertisers) taking some features out of the browser,
read: http://stopmalvertising.com/security/changes-in-firefox-23-get-the-disabled-options-back.html
Can be adjusted back to previous default settings via this extension: https://addons.mozilla.org/en-us/firefox/addon/settingsanity/
Is firefox also going to be an ad-launching browser rather than a browser taken out of the hands of the general user that likes to tweak it and use script-blocking and ad-blocking?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #31 on: August 21, 2013, 05:36:30 PM »
Could it be that Firefox want's to survive financially ???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #32 on: August 21, 2013, 06:01:55 PM »
Hi bob3160,

As long as I can work ABP together with NoScript and RequestPolicy in the browser I feel secure. A lot of the "a la default users" won't work a browser to their personal settings (secure) or do not know how to do this or find it "a drag". I  have no problem with the "poor" adscript developers to earn a honest slice of bread and butter (even a piece of cake once in a while), but I do not want malvertisers and malcreants (SEO click fraud malsite redirectors) to be able to play their foul games because the browser went advertiser friendly by default now.
That is why I rather use Chrome now with additional extensions over fx oruse my personal flaw of an updated version of flock socio-browser (left by developers and therefore more secure with NS and RP installed and essential code added)...
Also read: http://limi.net/checkboxes-that-kill  link article author = Alex Limi

Damian
« Last Edit: August 21, 2013, 06:12:39 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #33 on: August 27, 2013, 10:31:22 PM »
Is this firefox extension a good idea or not? https://addons.mozilla.org/en-us/firefox/addon/http-nowhere/
This is to block unencrypted web traffic for added security.
Or is it just as with https everywhere that the avast shields may not scan this unencrypted traffic and therefore the use of it is not advisable?

Anyone to comment?

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #34 on: August 27, 2013, 10:39:17 PM »
Is this firefox extension a good idea or not? https://addons.mozilla.org/en-us/firefox/addon/http-nowhere/
This is to block unencrypted web traffic for added security.
Or is it just as with https everywhere that the avast shields may not scan this unencrypted traffic and therefore the use of it is not advisable?

Anyone to comment?

polonus
So you're supposed to create a whitelist of acceptable unencrypted sites ??? Enjoy, not something I intend to slow my system down with.
avast! already checks all these "unencrypted" sites so why add a man in the middle to make life more complicated. ???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #35 on: August 27, 2013, 10:44:47 PM »
Hi bob3160,

Thanks for your comment. I hope DavidR could come up with some similar opinion of this extension and why he would not use it.

Damian
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
Re: Tests and other Media topics
« Reply #36 on: August 27, 2013, 11:45:36 PM »
Hi Polonus,

I believe that websites shouldn't be "blocked" due to the use of http, even if part https.

~!Donovan
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #37 on: August 28, 2013, 12:01:06 AM »
Hi bob3160,

Thanks for your comment. I hope DavidR could come up with some similar opinion of this extension and why he would not use it.

Damian

This could be a real pain in the backside blocking http content unless you specifically allow it. So it is forcing the user down the https route, by whatever means (probably having to use http everywhere) otherwise the user would be blocked from lots of site, a pain.

I don't know if this may also give the user lots of mixed content errors seen many times in these forums.

I don't think that forcing https (or blocking http) makes you any safer, so it means your traffic is encrypted, but that doesn't mean safer. You all know my feelings about that as currently it means that the web shield can't protect you. Just because a connection is https doesn't mean you can't get infected, just the reverse as you lose some of the avast protection.

####
Now I know avast are looking at ways to be able to have https traffic scanned, not just http. When this comes to fruition, then forcing https isn't such an issue.

But even then this add-on would be a pain in the backside, a little like some feel about NoScript but much more severe as it would be blocking http, crazy.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #38 on: August 28, 2013, 10:01:43 AM »
Hi DavidR,

Agree with you and bob3160 here, https only or http nowhere are inferior solutions as we compare this to the combination of the no script and request policy extension, where we still have the complete avast! Shields protection against http malcoded content ((obfuscated) malscripts, malicious iFrames and various malicious redirects, backlinks to drive-by-malware). Additionally users have google safebrowsing, pre-scanning guidance, so in order to get infested you have to ignore warnings and this could be qualified as "unwise" user intervention. Https only and http nowhere extensions never helped against the PEBKAC problem as the main cause of malcode getting onto computers and peripherals,

polonus
« Last Edit: August 28, 2013, 10:04:04 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #39 on: August 28, 2013, 10:58:04 AM »
For instance this extension may not protect against mouse snooping here: http://www.ispreview.co.uk/index.php/2013/08/isp-sky-broadband-uk-says-no-need-to-worry-about-sessioncam-snooping.html
Anyway NoScript was able to detect and eventually stop/block this alleged privacy invasion. (SessionCam, ClickTale used by British providers to analyze user interaction with/on certain websites)

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #40 on: August 28, 2013, 01:26:31 PM »
For instance this extension may not protect against mouse snooping here: http://www.ispreview.co.uk/index.php/2013/08/isp-sky-broadband-uk-says-no-need-to-worry-about-sessioncam-snooping.html
Anyway NoScript was able to detect and eventually stop/block this alleged privacy invasion. (SessionCam, ClickTale used by British providers to analyze user interaction with/on certain websites)

polonus
In order for NoScript to help, you first need to know how to use it and, you need to know when not to bypass it.
Something most users don't know and therefore, NoScript is a great tool for the knowledgeable user but most novices,
simply hit the allow button.  :(
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Tests and other Media topics
« Reply #41 on: August 28, 2013, 01:46:13 PM »
There are many things that require some user knowledge, but some would say they have to have some knowledge to even find out about these tools/add-ons to start with.

NoScript isn't that complex, the complexity comes on sites that have a myriad of content from 3rd party sites. But like everything else in life you have to put in some effort to get results.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48523
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Tests and other Media topics
« Reply #42 on: August 28, 2013, 02:42:47 PM »
There are many things that require some user knowledge, but some would say they have to have some knowledge to even find out about these tools/add-ons to start with.

NoScript isn't that complex, the complexity comes on sites that have a myriad of content from 3rd party sites. But like everything else in life you have to put in some effort to get results.
The one good thing is that you're blocked from an immediate infection if NoScript is active. The remainder is up to you, your other protection and some luck. :)
« Last Edit: August 28, 2013, 07:19:11 PM by bob3160 »
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #43 on: August 28, 2013, 05:46:48 PM »
Hi bob3160,

Main site links aren't mostly the problem or the site must be malicious by intent. In most cases it is unchecked injected content or redirecting external (third party) links and iFrames that will abuse the vulnerable computer. As you said google safebrowsing and otherrs already block the main bulk of known malicious links. I think the users which have all the avast shields up and running and also checked their software through the avast software updater will become rare victims and then only if they venture out where dangers are luring (pr0n, hacks, cracks, pirated and illegal content), so going to the Interweb's back alley where cybercriminal and friends are known to be active. A grain of common security sense will prevent you better against malware infections than ten tons of protection, at least that is known to us by experience,

polonus
« Last Edit: August 28, 2013, 05:49:13 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Tests and other Media topics
« Reply #44 on: August 29, 2013, 10:21:47 PM »
Interesting real-time data to identify the global regions with the greatest attack traffic
-> http://www.akamai.com/html/technology/dataviz1.html  (source akamai technologies)
also available as app: https://itunes.apple.com/app/akamai-internet-visualization/id502695146?mt=8

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!