@QuHno said in Worrying news about Startpage and DuckDuckGo:
@Dr-Flay I wonder why hidemysearches doesn't use POST but GET in their search form at the top of the about page and on their homepage ...
All search engine I use are put in POST, Startpage too
@Dr-Flay The problem is that enterprise function could mean paid google API which is not under BSD licence.
Something like brave/mozilla could be implemented but we probably need an our store - as most chrome extensions will stop to support/use webrequest api even if still accessible.
@jamesbeardmore said in Recommendations for anti-virus to replace Avast Premier.:
Sorry to resurrect an old thread but yes, you read it correctly, 1.2 GB - but that's with a bunch of custom databases in addition to ClamAV's standard databases.
Don't worry - the thread is still going far as I'm concerned
I'm not so much worried about memory usage during a scan, since that's something I'm doing rarely anyway. It makes sense that it would load the database into memory when scanning, for speed of lookup.
What's more interesting is the memory use during regular background usage, and to a certain extent CPU usage during such background monitoring as well, but it's harder to get data on obviously.
For instance Avast in the background uses ~80MB, and to be honest I doubt I'll be able to find any that uses less.
loads of fluff, big fonts, vast white spaces and dumbed-down options for idiots.
I know, it seems every single AV solution is following the same UI design now, in the end they all look exactly the same... all for the sake of being "user-friendly".
I'm reminded of this quote:
The user's going to pick dancing pigs over security every time
-- Bruce Schneier
I also receive only Defender updates on demand. In Windows itself you can configure all this, but many privacy settings in Windows 10 are quite hidden and sometimes require diving through several submenus. To do it with one click, I have O&O Shutup10 installed, a small utility that summarizes all the possible settings that affect privacy in a simple menu.
It's a standalone app, freeware
They lost me when they ditched Presto. I tried really hard to be a team player, to stick with them as they brought the new browser up to snuff. Their whole attempt at redefining bookmarks though was too misguided and too long lived. By the time they finally acquiesced and brought bookmarks back I had already moved on to other browsers. It was a tough few years never feeling quite at home in my browser until Vivaldi came along picked up the torch that Opera had dropped. On the desktop I was home again. But my browsing experience wasn't complete until my faith was rewarded and the Android beta was opened to the public. Now there are just a few minor tweaks & a couple of important features left (implementing extensions on Android is the most important), but being able to sync bookmarks makes my research flow much more streamlined. Opera is but a distant memory, Vivaldi is the present and foreseeable future.
Without seeing the advanced info it could be any number of reasons why it fails for some.
The advanced info will show if it is trying to use a cert that is revoked, wrong or if it cannot be validated.
I generally rely on the cert and config scan provided by Qualys
and for a general overview of site security and reputation
They probably have something interfering with the cert on their devices.
Unfortunately the only extension that can shed more light is abandoned since the last major change in extension API in Firefox.
Perspectives can show the key for the cert on a domain as seen by multiple servers around the world. This can show if different certs are being seen for some reason.
@Dr-Flay said in Google's 'secret web tracking pages' explained:
are you OK with Tom, Dick and Harry buying far more personal info about you
I don't have any economic loss if they do so, if anything, they are just profiling which ads I might be interested in. All they know about "me" is that from this IP I visit some site and do some searches.
Too bad for them, I block all ads with uBlock Origin, they can try all they want but I don't even see the ads they're trying to feed me.
I really don't know what people have to fear if they gather statistics on what I visit. Quoting the article: "That data was not seen by him but could have included information about age and gender, habits, social media usage, ethnicity or political affiliation, he said."
And who cares? Only people that HAVE something to hide. They better not use the internet. I don't fear anyone who knows my age and gender, why should I? You can even see my age on my profile here. Now tell me, that it's a google problem? Or it's Vivaldi that shouldn't allow me to tell others which is my birthdate? Because it's a "sensitive info"? Of course I can tell you a secret: I don't use my birthdate as a PIN/Password, who does it's just an idiot and DESERVE to be ripped off if he does
A VPN is more about privacy but can protect against some man-in-the-middle interception, but..
Yeah as Gwen-Dragon points out they can actually break your privacy if they break the trust and faith you have to have.
Some are up-front and do admit they log the traffic.
They are them self a man-in-the-middle interception, so the only totally trustable solution is to setup OpenVPN and be in control of the end-point you want to use.
Not convenient for many people.
Thankfully there are good quality VPNs with high standards that make enough money from subscribers that they do not feel the need to sell user data.
A question worth asking, but thankfully tools like this shouldn't cause conflicts with any AV or 3rd party security.
Most of it is just registry/policy changes.
The blocking is often done with additions to the HOSTS file.
Good AV packages have the ability to stop changes to the HOSTS file, so you may have to disable that feature temporarily to install the blocklist.
Actually what is needed is that it makes all users have the same fingerprint.
However as long as these keep generating truly random fingerprints for every site, every time you visit, that is as good.
There is another extension I was looking at recently with fingerprint protection in it. I'll have to find it and post.
All of the above in 1 extension (and a whole lot more)
"Trace - Online Tracking Protection"
It is kinda dumb. That info can easily be something you see if you want by putting it in the box that pops up when you click on the padlock.
The evidence that EV is pointless to users is regularly demonstrated by the amount of times people ask about the inconsistency of the padlock.
Personally I get better use of having the SSL Labs extension which shows the actual quality of the cert plus its configuration.
You may be looking an an expensive EV cert, but has the server admin actually configured their site to use it securely ?
Chromium has an almost useless system for validating certs, so is disabled anyway.
You can enable it but it fails regularly as it actually relies on IE or Edge having already checked it.
Maybe they should hire some Mozilla devs to come and make a working system like FF has.
And as I bring up often, without DANE validation, you can't tell if the IP is the correct and expected IP the domain and cert should actually be hosted on.
You could well be looking at the correct web address and a good cert, but actually have been redirected to a bogus site by DNS poisoning or a MiTM attack.
Perspectives and the DANE validation extensions were the only way to spot that the cert you are seeing may be misleading, but both are now abandoned due to the way extensions now work.
Thanks for all replies. I noticed all search engines are MITM by the company.
Firefox were able to warm me of MITM when it happens. But I'm glad MITM does not happen for most of the sites I visit.
I checked and the company certificate is not added to the Firefox certificate store. I hope it stays like that.
Does Vivaldi have any future plans to have its own certificate store ?
I will make a feature request as well