What is your security setup these days?

Discussion in 'other anti-malware software' started by dja2k, Dec 15, 2005.

  1. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    I'm surprised so many are still using OpenDNS. I used to use it but since it was taken over by Cisco I'm not too keen on their Privacy Policy. But hey, that's just me.
     
  2. Fighting big data is a lost cause, unless you use a paid VPN service with TOR browser and take several other hard core measures. The best approach IMO is to put your data in different baskets, preferably by companies which are under EU-control (and have to comply to EU-regulations).
     
  3. eugene91

    eugene91 Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    192
    Thanks for the tips. Regarding uBlock I was using it for adblocking purpose. Maybe you have a better suggestion?

    Addition: Seems like extension error with avast! and HTTPS Everywhere when Do Not Track is enabled.

     
    Last edited: Dec 24, 2016
  4. I don't use HTTPS everywhere (just set #mark-non-secure-as in about://flags to display a verbose statement . . . ), you could disable HTTPS everywhere temporarely for an A versus B usability test.

    uBlock is the best combination of Noscript and adBlock. The easy to access off-on button of uB0 is also a benefit IMO ;)

    Surf to nasdaq and vancouversun twice, once with uBlock and once with Avast (trackers set to block default) and compare how they are doing. For fun try to read this article (HTTP adoption) using the same A versus B test


    With Google's free tag service and management pushing out rivalling paid adservices and facebook on nearly every website, those two big adserver companies are collecting first party unpersonalized browsing data with their doubleclick (Google) and Atlas (Facebook) adservices. Because this ID is not unique and not bound to a person, they even comply with EU-regulation :argh:

    Any idea how small the chance is that two people with same browser-fingerprint (e.g. @$%^&!(**&&^) are looking for flights from AMS to NYC at the same time on the same hours. Adservers know that browser-fingerprint @$%^&!(**&&^is visiting website XYZ over and over again to check the prices of a flight. All of a sudden availability seems to drop and price increases. How tempting is it to click on the big BOOK NOW button. :gack:

     
    Last edited by a moderator: Dec 24, 2016
  5. Objawienie

    Objawienie Guest

    Exactly
     
  6. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    Who cares about Chrome/Operao_O
     
  7. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,501
    Location:
    .
    :argh: :D
     
  8. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
    Apparently you do according to your sig..:rolleyes:
     
  9. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    Who cares about Chrome/Operao_O
    Firefox is my daily driver. But I run it without Flash, Java, Quicktime, or Silverlight. I only use Chrome for those stupid sites that still insist on Flash for the best viewing experience. I figure Chrome will have the latest PPAPI Flash version automatically ... sigh ... one day Flash will die a well deserved death :)
     
  10. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    As far as browser fingerprinting is concerned, first try these browser tests...
    https://browserleaks.com/canvas
    https://panopticlick.eff.org/

    ...then again with the Canvas Defender addon for Firefox and Chrome :)
    https://addons.mozilla.org/en-US/firefox/addon/no-canvas-fingerprinting/
    https://chrome.google.com/webstore/detail/canvas-defender/obdbgnebcljmgkoljcdddaopadkifnpm

    How browser canvas fingerprinting works:
    https://multiloginapp.com/how-canvas-fingerprint-blockers-make-you-easily-trackable
     
  11. I am using Chromium and start it with --disable-reading-from-canvas but as a Firefox user you need to add an extension to accomplish that, but . . . do you really think you are not tracked by blocking canvas fingerprinting? dream on

    When you use Firefox (which offers low-IL multi-process in 2016 which was state of the art in 2009), you probably think you can't be tracked.
     
    Last edited by a moderator: Dec 24, 2016
  12. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    The extension does not block canvas fingerprinting. By doing so you only mark yourself as special by the simple act of blocking. The article linked has details about how this actually works. Using a spoofed fingerprint and occasionally changing it up erases your tracks left by the previous fingerprint.
     
  13. @Tinstaafl I repeat, dream on :D

     
    Last edited by a moderator: Dec 24, 2016
  14. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    Your opinion is amusing. Try reading up on the facts ...
     
  15. Facts? Because Multilogin explains that their canvas defender solution is the only solution which works. So you believe a vendor promoting its own solution? Is that called facts or advertising?

    You also direct me to browserleaks where canvas fingerprinting is mentioned as just ONE of the tracking techniques?

    But let's agree to disagree and settle for piece by giving you a compliment on using Avast (do you use hardened mode)?
     
    Last edited by a moderator: Dec 24, 2016
  16. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    I was just commenting specifically on canvas fingerprinting. Now you change the scope of the topic to include all tracking techniqueso_O That wasn't the context my comment was intended for.

    But since you brought it up, browserleaks is a great place to start to see where you need to begin to patch up as far as tracking leaks, beyond cookies and such :)

    There are many techniques that you can utilize to make tracking more difficult for the big data collectors. If you consider that at least 80% of web users don't even use ad blockers, you can get by with just minimizing your footprint. They will prefer the low hanging fruit anyway! Hide in the crowd. There are a few browser extensions available to assist, as well as settings in Firefox [about:config]. A web search can turn up many of these methods, such as https://www.bestvpn.com/blog/8499/make-firefox-secure-using-aboutconfig/ or https://securityinabox.org/en/guide/firefox/windows

    Bottom line, with some diligent effort, it's possible to become just another anonymous IP address on the net. But if you fear that would become personally identifiable, you can always use a proxy or VPN :)

    And ummm ... I use Avira, not Avast (it's in my sig). I was a faithful Avast evangelist for years, but no longer ...
     
  17. That is why I disagree with you. See for example this experience of a member on this forum LINK, I (think I) know because I trained the inside tele-sales of a big advertising company and those inside sales had to learn the USP's. So unless they learned their sales complete ********, you don't get by with minimizing your footprint. You need a paid privacy VPN plus tor-browser (and preferably some more privacy counter measures which are over my head).

    This "experience" is the same reason I think AVAST extension is best for average users as counter measure and uBlock Origin (with uBlock extra) is the best for power users. But mileage may vary because this experience is at least a year old and IT-technology has the tendency to improve over time.

    Have you tried visiting vancouversun and nasdaq with your FF setup?
     
    Last edited by a moderator: Dec 24, 2016
  18. complete ******* = which was not true

    So in stead of using the term for digested grass, the sentence should be

    "So unless they learned their sales something which was not true"

    ~ Removed Off Topic Remarks ~
     
    Last edited by a moderator: Dec 24, 2016
  19. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    Yup, pages rendered great! Was there supposed to be an issueo_O

    uMatrix blocks all scripts and plugins, except 1st party stuff, and allows all CSS and images. uBlock Origin blocked a number of connections, and Privacy Badger did as well. WebRTC is disabled, and Canvas Defender is sending a fake canvas fingerprint. Pre-fetching and hyperlink auditing is disabled by uBlock as well. WebGL disabled in browser. Geolocation set to prompt. Flash not installed. HTML5 autoplay disabled by default.

    Only thing that seems to be leaking is my IP address and the type of browser (user agent string) and that I'm running on a win32 platform ...

    According to EFF: Is your browser blocking tracking ads? YES!
    Is your browser blocking invisible trackers? YES!
    Does your browser protect from fingerprinting? your browser has a unique fingerprint.
     
    Last edited: Dec 24, 2016
  20. Because you reacted on a post about Noscript being available for Chrome. Now you are using the extension which I mentioned for making Noscript redundant:uBlock, so no
     
  21. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    Huh?

    Did you miss this, or just not understand it? I was responding with the advantages of switching from NoScript, as I had already done so.
     
    Last edited: Dec 24, 2016
  22. Tinstaafl

    Tinstaafl Registered Member

    Joined:
    Jul 30, 2015
    Posts:
    965
    Location:
    USA
    Actually, an uninformed remark ...

    Apparently quite a few care about NoScript. It has been downloaded 115,921,001 times :)
     
  23. eugene91

    eugene91 Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    192
    Well would prefer using uBlock then since I can't find how to add exceptions on Avast! Online Security.
     
  24. Just click on drop down (expand \/ sign) and allow or block the tracker you would like to make an exception for.

    See for example exception for google analytics which is allowed on nu.nl (when you can block it means it is allowed)

    upload_2016-12-25_8-38-44.png
     
    Last edited by a moderator: Dec 25, 2016
  25. Apparently in US-english the grammar rules for relative pronouns (who) are applied differently than I thought, so I better spell it out.

    "Chrome/Opera users have uBlock as a replacement for both Adblock and Noscript, who (of the chrome/Opera users) cares about noscript?


    Yes as posted earlier I did miss that and when you know the advantages I don't understand your latest posts either
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.