uMatrix Help

Discussion in 'other software & services' started by Overkill, Sep 11, 2016.

  1. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    I am trying to wrap my brain around this complex extension, so I have been reading this tutorial...do you guys agree with it and if you all could give any helpful advise it would be appreciated.
    The uMatrix tut starts about a quarter of the way down the page fyi
     
  2. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    * = Global scope (every website you visit is affected, except when exceptions are made on particular websites)
    [website name] = control of that specific website

    colors:
    green = allow
    red = block



    What exactly do you not understand with uMatrix?
     
  3. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    Well, which cells (cookie, css, plugin etc) should always be blocked? I think anything under where it says "1st party" is 3rd party correct?
    Here's my current settings... I don't use some of the hosts because I have them enabled in hostsman
    screenshot.1.png screenshot.2.png

    I am trying to get the images to show on this page, but haven't had any luck so far. If it was blocked in uBlocko it is alot more simple to figure out.

    Image2.png
     
    Last edited: Sep 11, 2016
  4. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    1st party is different from 3rd party.
    Below "1st party" are 1st party elements.
    After 1st party elements, there is a tiny spacious line. Below that spacious line are the 3rd party elements.


    About the cells, I use the default: block cookie, plugin, script, XHR, and other, except the 1st party cells; allow css and image for all cells; hard block frame for all 3rd party cells.
    I have some cells allowed globally, and I have some allowed locally.


    Edit: for more clarity, a clue to mark the limit of 1st party is the "frame". 1st party frame elements are green. So, if a frame cell becomes red without your intervention, then that marks the start of the 3rd party domains.
    Edit2: I'm stating from the "specific website" perspective. Global scope has slightly different settings.
     
    Last edited: Sep 11, 2016
  5. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    You should allow "1st-party" cell. It should turn dark green.

    Oh, that's another clue: allowing/blocking "1st-party" cell will point you to which are 1st party elements and which are 3rd party elements.
     
  6. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    The image from my post above is from postimgdotio, so which cells do I click allow?

    EDIT: I think I did it correctly

    Image2.png

    This also worked
    Image4.png
     
    Last edited: Sep 11, 2016
  7. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    That numbered "script" from 12bytes.org.
    Or better, to avoid unnecessary blocking and breaking websites, allow "1st-party" cell (dark green).
     
  8. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    Oh, my bad. I just realized that you are following the guide you provided. And so, it is not the default setting.
    The guide teaches you to protect your privacy more, but it will break majority of sites you visit until you create allow rules for these sites. That will be a hassle. :)
     
  9. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    Yes it is a hassle lol but i'm slowly figuring it out. Thanks
     
  10. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    I edited post #6, should I always just allow 1st party or is the second way more secure?
     
  11. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    I think the second one is slightly more secure because if a rogue element (other than a script) infiltrates that website, that malware is blocked. But this is a hassle for you.
    The 1st one allows all 1st-party elements to load. This is slightly unsecured. This is less hassle, though, because broken websites are typically only happen when these sites depend something on the 3rd-party elements.
     
  12. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    Thanks XhenEd I appreciate the help
     
  13. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    You're welcome! :)
     
  14. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    I have a weird issue...I have everything allowed but my buttons fade and scrollbar changes in gmail after a few minutes
    https://i.imgur.com/kGreZzQ.jpg
     
  15. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,985
    Location:
    Canada
    @Overkill,

    you might want to check out this page explaining two approaches to use uMatrix (example is for older HTTP Switchboard, but it still applies to uMatrix), especially the block-all/allow-exceptionally approach. Whitelisting or blacklisting the global cells in the left-most column is easier and more trouble-free than trying to manage this in the middle cells.
     
  16. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    Thanks, will check it out!
     
  17. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    source

    @gorhill Are you still using uMatrix this way?
     
  18. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    304
    Location:
    Philippines
    I believe it refers to "Hosts files" that are present even in the current uMatrix version. Even if you whitelist all cells, as long as at least one host file is activated, some ads, trackers, etc. will be blocked through that host file(s).
     
  19. gorhill

    gorhill Developer

    Joined:
    Nov 12, 2013
    Posts:
    747
    Location:
    Canada
    That post is December 2013. The truth is that I am not using uMatrix anymore, I use uBO in medium mode. With 3rd-party cookies and all plugins blocked by default in browser, this is really what works for me.
     
  20. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    I see, well I appreciate your honesty and I love both programs and hope they stick around for a long time. You are obviously very talented to have created such brilliant extensions :)
     
  21. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    So is uMatrix considered 'mature' and on the backburner as far as you are concerned, or do you still take a peep now and then ? I am using both in all my browsers and love them both. Thank you.
     
  22. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,734
    uM is more granular (in special for css and plugs), but not mature. dropped it like raymond did and rely on uBo only. it took me too much time to configure both in a proper way without interference and got less results = waste of time. and in fact uBo has features which uM dont offer.
     
  23. Jarmo P

    Jarmo P Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    1,188
    Not a mature program? I do agree that running both extensions with their original default or medium settings of dynamic blocking is a big hassle. Both extensions offer privacy features that the other does not have.

    Anyways my current default uM setting is with all host files unchecked and they selected in uBO.
    And as important my
    * * * block rule is now changed to
    * * * allow

    I do block cookies and 3rd party frames still with uM but nothing else as a default. And my browser does not run plugins neither automatically.
    And yes I can when I want apply uM's full power to a website's filtering.

    This all is of course a bit theoretical with my computer being so hacked that mouse behaves erratically and propably some bios hack behind all this. Sad situation altogether and nothing I have powers to do to protect or clean. Anyways I do like to do what I can with these 2 extensions.
     
  24. gorhill

    gorhill Developer

    Joined:
    Nov 12, 2013
    Posts:
    747
    Location:
    Canada
    Yes, I consider it mature, the next version will be 1.0.0. I will ensure it keeps working as it should on all currently supported platforms. It's not because I do not use it myself others should mimic me. The way I was using uMatrix was usually to create rules not more granular than domain level. When used this way, uBO is probably a better match.
     
  25. Overkill

    Overkill Registered Member

    Joined:
    Mar 16, 2012
    Posts:
    2,134
    Location:
    USA
    I wish UBO had the privacy features like in UM :(
     
Loading...