Food for thought: safe browsing and blocking scripts

I agree, especially the GUI can be a bit confusing. Other script-blockers are perhaps a bit less advanced but are also much simpler to use, take for example ScriptKeeper (for Opera 12), I hope it will be ported to other browsers.

 

Running Privoxy on my router here, long time fan. It's great being open source and all but getting a bit dated though.

 

As wat0114 already said: It's only as complex as you want or need it to be. Unfortunately many users are not aware of this and think that they have to whitelist one cell after the other. These are examples how to make one's life easier. And you can configure µMatrix, e.g., to behave like Noscript or like RequestPolicy (although the latter example has changed a bit in µMatrix compared to HTTPSB) if you want so. Bottom line: µMatrix's flexibility is unmatched.

 

Both extensions are not comparable. Scriptkeeper is simply a script blocker while µMatrix does much more (but can be configured to behave in a similar way).

 

Exactly, many ways to use it. Ways that are easy operable with a good intuitive interface. I myself want/like the content blocking power of uMatrix, so I will not be happy with using any other extension.

I did give today uBlock some serious attention with its dynamic filtering called thing, but no, I was not happy. Then again uBlock works nicely without 'dynamic filtering' enabled together with uMatrix.

 

The table or matrix GUI makes it real easy.

uMatrix is so flexible it can be tuned down to a third party blocker deny all allow css+image and uBlock can be tuned up to block third party iframes/scripts and allow all other third party stuff (third party cookies can be blocked in Chrome). I can't image what needs on filtering are not covered by those two extensions.

For me uBlock is good enough.

 

I would actually phrase that a somewhat different. Like that as an example uMatrix can be tuned to this.
It can be of course tuned also to that uBlock setting.

tlu gave some examples, but unfortunately they are made for the HTTPSB. They and other possible configurations can be easily reproduced with uMatrix too of course. The problem for a new user is inablilty to tune uMatrix blocking "engine" to his/her liking or to those examples.

After that the GUI becomes brilliant as told to operate.

 

Yes correct, that's why I said that SK is less advanced, but it's a matter of taste, I like the simple interface for example. I will take another look at uMatrix, but with SK you have different modes. In "Relaxed mode", it will allow first party + same origin scripts, which in fact makes it work almost like Ghostery. I say almost, because it will still break pages while Ghostery does not.

 

Rasheed,

I don't understand your post in regards to Ghostery. When you say that ghostery works like Scriptkeeper in relaxed mode, do you mean the effect (blocking advertising thirdparty, but not all third party, only the scripts on the blacklist) or how it works (blocking third party which advertising scripts are, so it blocks advertising also).

Thanks

Kees

 

the license clearly say: none else have the right to alter proxomitron code. this one contains two conditions (from red cited text)

i dont know which rights were elevated for michael buerschgens --> http://www.buerschgens.de/Prox/
so he may have change archive content to extend the settings file and some filter files, but the rest is original.
but the license dont prohibit reversing. newer license of other programs contain such this passage. you can investigate, but code change, even for own purpose, is against license.

there were several projects but none of them has same ability. and when code become open it has to be ported on 32 or 64bit. proxomitron is still 16bit and usable down to outdated win9x -> http://www.johnsankey.ca/proxomitron.html
some nice alternatives were bfilter and proxomido but less powerfull and not compatible to proxo its filters

i hope i did not effended you. but if someone changes code someone always has to investigate if someone breaks license.

thats reason why some software dont exist at portableapps.com although its possible.

HTH

 

Not at all. Several of the people at the Proxomitron forum, including some who are patching/modifying Proxomitron knew Scott and have talked to him. I can only assume that they're staying within the limits of the license. Either way, if it wasn't for those few people, it would be abandonware, so I don't see it as a problem. As far as I'm concerned, Proxomitron is too good of an application to let it die just because the developer died.

I don't see this as a problem either. Proxomitron runs on any 32 bit version of Windows just fine. I don't have a 64bit system but I believe that they're just as capable of running it. I've run it on linux using Wine with good results. All that porting it would do is restrict what systems it could run on. For all purposes, it's already portable.

 

I'm not familar with SK. Just one question: Does it have scopes like in µMatrix? After enjoying the beauty of this approach I wouldn't touch any blocker without scopes.

So does µMatrix by default.

 

What I'm saying is that in "relaxed mode" it will block the same as Ghostery, but it's less restrictive than in "standard mode", so this way it will break a lot less sites. But it all depends on what type of scripts, sites rely on for functionality. That's so cool about Ghostery, it will only block trackers, so it doesn't break anything. Problem is that some sites will still load kinda slow for my taste, so that's why I use SK, I've chosen speed over the convenience of not having to white-list stuff.

 

I don't know what you mean with scopes.

I will check it out, but last time I checked it wasn't that easy to configure as SK.

 

Old documentation for HTTPSB, changes in µMatrix.

There is nothing to configure as it is the default behavior in µMatrix as mentioned above.

 

I don't believe that SK offers the scope feature, but I've played with uMatrix and it's just not for me, too complex. And BTW, let's take ebay.com as example, in SK's "relaxed mode" the site will work correctly without me having to white-list anything, but it does not work with uMatrix, no matter in what "scope" I run it. Can you explain this?

 

You should just be able to allow ir.ebaystatic.com, even globally in case it's required on other sites. It will be a one-time setting and that's it. Maybe SK's relaxed mode is too relaxed?

 

To be honest, I haven't got a clue how SK decides which script should be allowed or not, but it will allow "top level" and "related scripts". It does seem to be less restrictive (in relaxed-mode) than uMatrix. With as result that it breaks less pages. You can find some more info over here:

https://operacustomizations.wordpress.com/2013/04/23/scriptkeeper/

 

Taking another look at your screenshot, and I realize you may want to try setting up the matrix a bit differently. I Have to trudge off to work so can't elaborate until later....

 

Well, the point is that ebaystatic.com is a (obviously needed) 3rd-party domain to ebay.com. How could uMatrix know that it needs to be whitelisted without clairvoyant abilities? If SK allows it this could only happen because it seems to have a pre-defined list of rules for a couple of popular websites, IMO. Otherwise it would be impossible to distinguish ebaystatic.com from example.com.

 

Edited: Never mind, I failed to notice the "my" in "myopera.com"

Bringing such a mode [1] in uMatrix would go counter to the purpose of the extension.

[1] I wonder what is the heuristic to decide what is "related". Certainly this can't be foolproof, hence the risk of having something allowed which should not have been.

 

@gorhill: BTW, Raymond, on that HTTPSB wiki page regarding the matrix scope (which is still important to understand uMatrix) the picture is no longer displayed.

 

Two clicks to add the related 3rd-party domains, ebayimg.com and ebaystatic.com, then padlock clicked:

 

About "related sites", I got curious, I had to look in the code. The test is really broad.

For example these pairs are considered "related":

- google-sucks.com, google.com
- db.net, imdb.com
- ba.ru, ebay.com

For those whom security/privacy is a primary concern, I would say ScriptKeeper's "relaxed mode" is not for them.

 

No, there is no white-list, other than the one that is made by the user. It somehow manages to allow scripts that are needed to make many sites work. For example, on tweakers.net, it will automatically allow "tweakimg.net", which is of course blocked by uMatrix.