Mozilla Firefox

Discussion in 'other software & services' started by Hadron, Aug 27, 2016.

  1. Adric

    Adric Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    1,334
    Has anyone tried and tested this Mining Blocker addon for Firefox?
    It visually shows if the website is using a mining scheme and blocks it: 2018-08-03_170147.png
     
    Last edited: Aug 3, 2018
  2. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,581
    waste of resources if you already have an ad-/script blocker. dupery.

    Code:
    https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/nocoin.txt
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,597
    Location:
    The Netherlands
    Well, then I'm not cool with it. I never had any security problems with single process browsers. But PC makers will definitely need to make 16GB of RAM the standard, with these crappy resource slurping browsers, 8GB isn't enough. And I'm not willing to pay more for it!
     
  4. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,303
    Location:
    Member state of European Union
    You haven't security problems with single process browsers, because Spectre-like bug discoveries are relatively new and exploits using them are not widespread yet.
    Send your disappointment letter to Intel.
     
  5. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,581
    ram is to cheap to moan about. except you own a vintage model^^
     
  6. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,072
    Location:
    Canada
    My Lenovo E580, i5 7200u laptop has only 4GB RAM and Chrome runs like a top. No Problems whatsoever. Perhaps it has something to do with keeping things simple ;) No need to pile on security programs.

    Sorry, I can't comment on Firefox, as I don't use it.
     
  7. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    8 gig isn't enough? How many tabs are you using exactly? 2000?
     
  8. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    13,597
    Location:
    The Netherlands
    That's because you probably don't open a lot of tabs at the same time, and you also don't run many apps at the same time.

    So wasn't Chrome affected too? And I believe Spectre was over-hyped, it's not that easy to exploit.
     
  9. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,581
    4gig is minimal requirement for any current system with some software on it. and (current) browsers in general need more memory as before. i raised on my older system from 2>4gig because (but not only) quantum. running chromium same time makes both browser laggy when only 2gig. modern gaming -> 8gig or more, graphics editing -> 16gig or more.
    buying memory here (2gig older ram) is twice expensive as modern ddr3/4 - was same corsair twin modules with heat spreader. any other would lead to uncountable bsod.

    when firefox gets a memory hog in most cases its system failure, either security software, plugins, less extensions or a broken profile.

    mozilla is working on lower memory usage, maybe coming up with v63, v64 to be expected. (working with google together, so chrome is also affect from this dev)

    at least it needs 100 tabs or more to make firefox get laggy on switching tabs, in special when video sites are loaded.
     
  10. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,303
    Location:
    Member state of European Union
    Yes, Chrome was affected too, but Chrome has a lot better architecture of browser to mitigate that. Firefox Quantum was designed with assumption that small number of processes and large number of threads inside them is not going to decrease security. This assumption was justificated in 2017. It is not valid assumption in 2018, because of Spectre.
    Spectre is not easy to exploit, but there are going to be exploits for Spectre in Javascript provided that browser vendors don't mitigate them in time. These exploits are also hard to detect and easy to deliver to victim.
     
  11. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    3,072
    Location:
    Canada
    I do plan on upgrading to 8GB down the road sometime. I got a good deal on the laptop and it fell in the price range I was seeking, plus it has nice business features such as TPM 2.0 and Win 10 Pro O/S.

    true, I usually have no more than 5-6 tabs open at a time. I do have flags such as strict site isolation, pdf isolation, appcontainer and gpu appcontainer lockdown enabled.

    you'r right, spectre is way over hyped. It's difficult to exploit in the browser as a user would typically need to spend at least 15-20 minutes on an exploited site. There has been, however, and will continue to be, exploits surfacing that that are based on variations of Spectre. Chrome addressed the issue in a very timely manner with its strict site isolation feature, found in flags.
     
  12. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    36,394
    Mozilla's new DNS resolution is dangerous
    All your DNS traffic will be sent to Cloudflare
    August 04, 2018
    https://blog.ungleich.ch/en-us/cms/blog/2018/08/04/mozillas-new-dns-resolution-is-dangerous/
     
  13. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,059
    Location:
    USA
  14. IvoShoen

    IvoShoen Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    788
  15. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,303
    Location:
    Member state of European Union
  16. kronckew

    kronckew Registered Member

    Joined:
    Aug 27, 2006
    Posts:
    355
    Location:
    CSA Consulate, Glos., UK
    Leave the iconology as it is. The 'new' ones stink. Not everything requires changejust because you can. If it ain't broke, don't fix it.
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    13,930
    Location:
    Slovenia
    I don't think that it's much different. It just means that you share your data with one more company.
     
  18. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,303
    Location:
    Member state of European Union
    But if you use encrypted DNS then ISP doesn't have that information. Nowadays one IP often serve a few webpages.
    The only thing ISP can do is to use deep packet inspection to extract data from Server Name Indication field in TLS connection, but this is going to change in future, because this field will be encrypted as well.
     
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    13,930
    Location:
    Slovenia
    What about actual traffic going through their network, not DNS request?
     
  20. Pharao

    Pharao Registered Member

    Joined:
    Oct 8, 2014
    Posts:
    81
    It doesn't need that information. It will know anyway which site you visit and how long you stay there.
    After DNS resolution you are connecting to sites through your ISP.
    And how is this relevant?
    In such a case, whether your DNS is encrypted or not, your ISP will connect you firstly to the server the IP was translated for.
     
  21. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,303
    Location:
    Member state of European Union
    One IP can server different webpages. In that case you need domain to determine which website has been visited. IP is not enough. Without domain ISP can't identify you interests, preferences - you privacy is defended. I mean ISP can log IP, date, time and request infrastructure provider to tell which website was visited, but ISP need search warrant for that.
    These websites can be owned by different persons or companies. It just happens these website owners use the same infrastructure provider or reverse-proxy (i.e. Cloudflare).

    I know that many websites still have their own IP address and in this case these positive side-effects will be not available.
     
  22. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    6,026
    Location:
    USA
    Yep, shared hosting is still a thing. On the cheap end multiple companies can be using the same server and IP for different sites. We have a dedicated server, but we are using the same IP for different sites and different companies for the same boss. So agreed, an IP address alone in that situation means little.
     
  23. Pharao

    Pharao Registered Member

    Joined:
    Oct 8, 2014
    Posts:
    81
    So what? The above applies whether you are using DoH or not.
     
  24. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    1,303
    Location:
    Member state of European Union
    Usually by default DHCP delivers address of ISP's unencrypted DNS server, that can be logging DNS queries.
    If somebody uses DoH or DNS-over-TLS everything will be encrypted, so ISP can't log what website customer is visiting.
    ISP at the moment can use deep packet inspection to extract domain from SNI field in TLS traffic, but it is going to be changed in future (SNI will be encrypted).
     
  25. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    13,930
    Location:
    Slovenia
    If a page is not delivered through https, ISP can just MiTM all content and from it they could figure out which websites you were visiting. Sites are moving to https but there is still a lot of traffic delivered unencrypted.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.