Tips from Nadiyno.org: choosing a secure browser

https://peertube.eqver.se/w/dxyHtWvcUhjEfABtY1yWvE

Removing XSLT for a more secure browser

https://developer.chrome.com/docs/web-platform/deprecating-xslt

#HackerNews #RemovingXSLT #SecureBrowser #WebDevelopment #ChromeDeprecation #TechNews

Chrome is known for its speed and performance; Firefox, on the other hand, emphasizes user privacy and security. Here's a more detailed comparison https://windows101tricks.com/firefox-chrome/

#chrome #Firefox #Browser #GoogleChrome #MozillaFirefox #BestBrowser #FastBrowser #SecureBrowser #Privacy

Chrome is known for its speed and performance; Firefox, on the other hand, emphasizes user privacy and security. Here's a more detailed comparison https://windows101tricks.com/firefox-chrome/

#chrome #Firefox #Browser #GoogleChrome #MozillaFirefox #BestBrowser #FastBrowser #SecureBrowser #Privacy

It has been a while since I’ve written about Avast, so today I give you “How insecure is Avast Secure Browser?”

https://palant.info/2024/07/15/how-insecure-is-avast-secure-browser/

Note: This isn’t a vulnerability disclosure, merely an overview of problematic design decisions.

TL;DR from the article: I wouldn’t run Avast Secure Browser on any real operating system, only inside a virtual machine containing no data whatsoever.

Some highlights:

• Eleven pre-installed browser extensions but only two visible to users.
• Two extensions unnecessarily relax Content-Security-Policy protection.
• One of these two extensions also requesting all privileges possible, despite not actually using them.
• Two extensions accept messages from any other extension and any Avast website, the latter without enforcing HTTPS connections.
• One of these extensions, Privacy Guard (sic!), will expose information about your browser’s tabs via that messaging interface and provide updates as you browse the web.
• The “onboarding” experience is designed as an extremely flexible way to nag you into using products that benefit Avast financially.
• To make this “onboarding” work, the browser exposes internal APIs to a number of Avast domains that a huge number of third parties can put content on. Not only can each of these third parties abuse this access, a single XSS vulnerability will extend the access to any website on the internet (no effective CSP protection).

Enjoy!

#avast #avg #avira #ccleaner #securebrowser #infosec

If you are into #kolektiva stuff or #union work or against the fascisti and looking around the web, #tailsos is good option.Runing off a USB, malicious sites can't harm your hard drive.
.
Not everyone
can be an expert but everyone should master the #infosec #infosecbasics Read all about it

We are proudly amatuers so this is not really a #Mastodon #protip

Long live amatuerism.

Please at least understand the concept of #tails #securebrowser here:https://distrowatch.com/table.php?distribution=tails

BLOCKING PROTOCOL - A FLAW
The blocking flowchart presents you with an option to send a copy of the report to the admin of the domain hosting the contact which triggered the report.

I checked out the domain of some of the sites associated with my reports and on at least one of them the admin was indeed the same party that sent the harassing tweet.

So - automatically reporting to their admin won't necessarily do much good. OTO it probably won't do much in the way of harm EXCEPT that they get a copy of your comments.

The safestt procedure, if you know what you are doing, is to open up #Tor or a similar #securebrowser or work from a #VPN and a dedicated browser or #virtualmachine and click the link and look at the site in question. If the admin is the one sending the harassing toots, you might want to think twice...

I iid see this.

Also, said admin had multiple alternate accounts, so tweets from any one of them might not be so obviously from their admin.

Be advised.