Is this an infection?

Discussion in 'malware problems & news' started by Ulysses_, Feb 28, 2012.

Thread Status:
Not open for further replies.
  1. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    275
    That's the theory but look what happens in practise. A site is calling scripts from some 10 other sites. Enabling one at a time - which one first? one mental step to decide which one and then some wait for the reload, and then again the wanted feature is missing such as the ability to post on the blog - but it won't tell you the feature is broken, you have to type your blog comment and see it disappear, and start all over again. It gets very tiresome. Especially if you have to go through the whole cycle every time because NoScript rules apply to all sites, but you do not want the scripts enabled in other sites you visit that call the same scripts because those other sites work fine without those scripts.

    Crucially, to make the one blog comment you were forced to run scripts from several sites, so despite all the effort you're still tracked and any anonymity attempts might be defeated with all those scripts having to run.

    Tried something similar: used different firefox profiles running at the same time. It takes some discipline, and what icon you press and so on. The ideal would be a new VM for each page. When I get my next hardware I'll make sure it has ample ram to support lots of VMs simultaneously.

    Using Click&Clean firefox addon, same sort of thing probably.
     
    Last edited: Mar 10, 2012
  2. BrandiCandi

    BrandiCandi Guest

    Yikes. I guess I just meant close the browser every time you're done with a page. Bleachbits and Better Privacy run when the browser gets closed & basically erase cookies & history. Open a new page (which will be devoid of any past history) when you're ready to visit a different page. I didn't mean have a bunch of separate browsers. Seems to me that a bunch of VMs would be a long way to go to achieve the same thing.

    For NoScripts to work you have to decide what to trust, you ultimately need to trust something. If you trust nothing then I don't know how to make it work. NoScripts has a feature where you can middle click or shift+click on the script menu. It will give you some options to research the known security risks on a web page. Could be worth while for you to decide whether some website may be trustworthy. I took a screen shot of the security analysis page:

    wilderssecurity.com: Security and Privacy Info - Mozilla Firefox_001.png
     
  3. Ulysses_

    Ulysses_ Registered Member

    Joined:
    Jun 27, 2010
    Posts:
    275
    Thanks for that NoScript feature.

    I guess it is a bad habit some of us have to keep pages open while following links. This may be handy with google results, but ends up being done everywhere. On the other hand, it does have some convenience. Especially when you're investigating something and the answers are not complete in any of the pages.

    Early versions of firefox's auto-clean on exit did not deal with some features like supercookies. What other tracking features are unknown so far, even by bleach bits, and will be dealt with in future versions of bleach bits? Maybe none, but you can't be sure. Did you know firefox connects to some sites without telling you? It does it supposedly to update a local database of malicious sites, but might it also update the remote database in ways unknown? This is how I ended up trying to use separate browsers for separate sites. This guarantees removal of some tracking capability if such is going on. Also this user agent randomizer removes some tracking capability.
     
    Last edited: Mar 12, 2012
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.