@QuHno said in Worrying news about Startpage and DuckDuckGo:
@Dr-Flay I wonder why hidemysearches doesn't use POST but GET in their search form at the top of the about page and on their homepage ...
All search engine I use are put in POST, Startpage too
I would look for alternative extensions on Chrome web store, that provide the same functionality without using the remote code execution method.
Even if the extension is safe, there is no way to guarantee that it will not get compromised by malicious code in the future.
For example, you can use uMatrix to block scripts, (how to link).
WhiteBuster instead of green eye.
I have never used tabsets, but I would imagine that Vivaldi's save session has the same functionality?
@williamsongrand I can not say what TP_Link is blocking in your case.
Look in your log file, why PPTP is blocked. Check your router firewall, the router filters.
I think the tp link router forum https://community.tp-link.com/en/home would be a better place to ask.
Spiderfoot HX is now out of beta and available to the wider public.
This version is cloud hosted so you can use 1 profile to access on any machine you use from any location.
This can also be accessed with an API so,
"One API to bind them. One API to rule them all"
I have noticed Vivaldi get mentioned fairly often there
I wanted to discuss topics they have yet to start, like OSINT services and software.
I can do that just as well at Bleeping Computer, Windows secrets or Ask Woody.
@greybeard said in browser concerned that W3C "Client Hints" could be abused for tracking:
The team at Brave Browser (I've seen it mentioned on the forum many times so I know some Vivaldi users are familiar with it although I have yet to try it) are now concerned with proposals from the IETF (The Internet Engineering Task Force) and W3C (World Wide Web Consortium) to use "Client Hints" to enable websites to use "fingerprinting" to identify browsers. This will enable servers to passively identify your browser without using more common methods already available (and for the security conscious, to block). Although they do admit there being some positive aspects to "Client Hints" but they do have reservations about the fingerprinting aspect.
For more info see the Brave Blog article.
To see how vulnerable your browser is, (Vivaldi I hope) is to fingerprinting you can test it, or any browser, at the ELECTRONIC FRONTIER FOUNDATION's test site, Panopticlick
Here's hoping Vivaldi will be taking a similar approach to privacy for its users.
I tried that Panopticlick test, nothing bad that isn't already known through the browser like what version ,no cookies, and the Fingerprinting just gives very basic Windows info,fonts,screen size, it did say win32 instead, when its running win64
@VaSeasons said in Article: Google Chrome now "surveillance software". Question: How does Vivaldi fit in?:
Or is Vivaldi just a front for Google, another way of spreading the surveillance state among us?
"Or is Vivaldi just a front for Google, another way of spreading the surveillance state among us?" Not even remotely.
I tested with a site I know will fail on my regular DNS but it didn't work anyway.
At least the new Vivaldi blog post does say they are contemplating swapping to something like cloudflare.
Quad9 block malware and bad domains but they don't publish the list.
This is why I prefer not to use them. I would rather edit a local file than submit a request for addition or unblocking.
When not using DNSCrypt (which can use both Quad9 and cloudflare) I set them both as the system DNS. Cloudflare first and falling back to Quad9.
I call it "living on Cloud 9".
It should be noted that without extra info, such as "did GreyNoise recently add more ability to see the activity?" it is difficult to say for sure if the recent frenzy of activity is valid.
However we would see other "patterns of interest" in previous months, even with less data points available.
Insight from @yngve would be more useful perhaps.
Thanks for promoting my blog posts. I wondered if there was a glitch when I kept seeing them. Feels a bit weird seeing them on the front page.
It makes me think "Oh hell! I better re-read it again and make sure it makes sense".
My blog is mostly for my reference and for the listeners of my radio show. Often there will be a topic that is difficult to get across on radio without some reference.
Normally I don't feel like clutching a pillow while writing a blog, but this is a storm gathering, and the fix is to patch a lot of obviously abandoned or unmaintained servers and PCs, that will not be updated.
There have even been discussions about the legality of a Whitehat task force just bruteforce fixing everything they can.
Currently that is just an idea we all agree we must not do.
However reality sucks and Gov agencies do illegal things towards their people already, so it won't be so long into a botnetpocalypse that klaxons are screaming, bells are ringing and the illegal thing has to be done anyway.
The only option I could see without fixing the problem is to simply remove those vulnerable IPs from all DNS. Blackhole them until the owners wake up and update.
@Dr-Flay No-one should be subject to malware or MITM attacks!
The superstitious install of [EXPLITIVE] Flash would require some work. It would require it require downloading from a compromised repository, would it not? Perhaps AV vendors could use that as an indicator of malicious activity to block that install of [EXPLITIVE] Flash and associated malware.
Although I do not use a mac (I have two broken ones in the closet and one that runs only Linux), I never use google search, almost always DDG, Startpage, or Bing.
After all the the research I have done, I have found that although Bing may give fewer results it does give me more relevant results to my search.
@raed said in Return of Vivaldi spyware:
identifying the geo location using the first three octets of the IP address
For years i use VPNs. At any given time i could "be" anywhere. Given the ever widening & deepening tentacles of all the evilcorps & evilgovts, i can assume that global VPN usage will only increase. What then for "useful" geotracking info for all these bastards?
Otoh, with mobs like NSA, GCHQ & my own Oz fascist govt [introduced egregious laws to break encryption & gain backdoors etc; arseholes], i suppose that VPNs are probably already also comromised else will be soon enough.
Against these, alleged concerns raised by some against V possibly need assessment with some sense of proportion.
Tested on Vivaldi 2.5 (Chromium 74) and Chromium 76 and got the exact same result:
4 skipped, (2 tests could not check if they actually passed or not [timeout])
20 skipped (I don't have Flash installed, so those did not test)
So, I guess if you install Flash Vivaldi, and Chromium, will pass 400 tests. Perhaps 402 if those 2 tests that timeout did finish.