Advice Request Anyone using Chrome's flags to increase security and/or privacy

Please provide comments and solutions that are helpful to the author of this topic.

Windows_Security

Level 24
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Are members using the beta features of Chrome browser by tweaking the about://flags settings?

Privacy enhancement
#disable-hyperlink-auditing
#reduced-referrer-granularity

Security improvements RC (which are available a very long time so they won't give problems)
#extension-content-verification (set to strict)
#enable-permissions-blacklist

Security improvements Beta (most are available since 2012, so on my PC stable for at least two years)
#enable-site-per-process (which I always use with the flag below to for performance and resource)
#enable-top-document-isolation (puts all isolated iframes together in stead of each in its own)
#disallow-doc-written-script-loads
#enable-framebusting-needs-sameorigin-or-usergesture
 

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
Hi ForgottenSeer 58943,

Thank you for your comments very profounds!
My responses, forgive briefly replies sometimes....:

"1) Actually if you do some investigation, you might find some of these forks are less secured. Install them, then grab packet sniffers and get back to me on what you see. Of course I already know the answer because I have already done this. It's great one popular fork doesn't send telemetry to Google, but do you feel safer with all of the crap it sends to Quantcast?"

- YES I feel safer without Google, yes

"2) Can you guarantee integrity of systems those forks are compiled on? What if they are compromised?
3) How about fast patching and exploit plugging, are they on top of that?
4) Cent Browser, playing off the CentOS is cute. Do you know who they are? No, you probably don't because they don't disclose who they are. Just a random Gmail account. I'll tell you who they are; (you trust a shell holding company owned by the telemetry wing of Alibaba?)"


- I can you garantee that my browsers are securised and works perfectly, flawlessly. For what they can provide with extensions.
So I have confidence on my browsers, not on Google, sorry.

"5) Slimjet? From Flashpeak? So you trust a browser programmed by a Chinese Ex-Pat"

- I see clearly, that everything is Chinese... except this fonts that we use now...
And this guy of Chinese origin seems friendly & cool, he is American it seems to me?.. - US passport and visa from 2013.
If he would be in China this would please me a little less... - sure.

"5) Since those command line switches work with most forks, you probably should STILL use them."

- I want to see, I don't promise anything.. for now

"6) WebRTC is nonsense, nobody cares about it, virtually everything blocks it. Even firewalls are adding SPI to block RTC local subnet disclosure by default."

- I don't like giving my IP so easily to bad guys on the web, sorry. It's more easy to have this setting in the browser;)



But rest assured, I don't want to offend you or anything you write here!
 
Last edited:

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
I just disabled it for the peace of my mind I also don't care about that 0.1 ms.

I didn't know that thanks.

I always have the last beta version of Yandex but their chrome version is behidne the offifela veriosn! like i have the 61.0.3163.1512 version right now when the last is 62.0.3202!
They also have a bug bounty page!
The Yandex Bug Bounty
Keep us posted thanks<3

So you wrote that Yandex Chromium fork is retarded - but "They also have a bug bounty page!" well, it's noted:D

Keep us posted thanks<3
Keep us posted thanks<3
P.
:X3:
 

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,759
I didn't say that:notworthy:and they are not retarded!
It has a lot of security features that you may like(also a good sup because I just contacted them more than 15 times and that girl answered all of my questions and problems with patience).
It's not updated(like other chromium based browsers?)but they update it in their own way:giggle:
 

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,759
I'm using the Ru language because I already tweaked it:Dand know the options
 

Attachments

  • Y.PNG
    Y.PNG
    56.2 KB · Views: 506
  • y1.PNG
    y1.PNG
    32.5 KB · Views: 468
F

ForgottenSeer 58943

Fortinet sure hates Yandex Browser.

Lots of malicious blocking with it installed on a test machine. Also out of the box, Yandex diverts address bar searches to Trovi which is a 'Conduit' affiliate and probably NOT a good idea to use. Yandex is very pretty, functional and has some great security features but all of the hits I am getting from it don't instill much confidence in me at this point. I reached out to my fellow Fortinet engineers to toss it around the lab a bit and see if these are FP's and what is going on in general.

yandex.png


Edit: Bad news, Fortinet affirms malicious website served on 'out of the box' Yandex, here's the lab report;

Submission Date: Sat, 4 Nov 2017 10:38:03 -0700
URL: Search
Engineer Comment: Yandex default search redirect.
Updated Category: Malicious Websites
Update Date: Sat, 4 Nov 2017 10:46:51 -0700
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
Yandex diverts address bar searches to Trovi which is a 'Conduit' affiliate
Vivaldi.rocks — search partnership • r/vivaldibrowser

It looks that Opera and Opera based browsers do it, if you set Bing as a default search engine, probably as some sort of an advertising revenue?

But it can be easily changed, if you setup a custom search engine to:

Code:
https://www.bing.com/search?q=%s

P.S. I have got AdguardDNS set via Yandex, so Trovi is blocked anyway. :)
 

Attachments

  • OrMywkg.jpg
    OrMywkg.jpg
    142.5 KB · Views: 438
  • capture_11042017_210922.jpg
    capture_11042017_210922.jpg
    174.2 KB · Views: 395
Last edited:

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,759
Why would Forti block Yandex CDN? I also knew about that Trovi but I just removed bing search engine, but that CDN why is that?:D
 
Last edited:
F

ForgottenSeer 58943

Vivaldi.rocks — search partnership • r/vivaldibrowser

It looks that Opera and Opera based browsers do it, if you set Bing as a default search engine, probably as some sort of an advertising revenue?

But it can be easily changed, if you setup a custom search engine to:

Code:
https://www.bing.com/search?q=%s

P.S. I have got AdguardDNS set via Yandex, so Trovi is blocked anyway. :)

I'm aware of how to fix the Trovi thing and did that in 2 seconds when I installed Yandex to test it. Also it's blocked with multiple layers on my network. Pi-Hole, which also uses AdguardDNS parsed list (among others), and Fortinet. But it is still discouraging they would use it.

Here's Adguard DNS list;
https://filters.adtidy.org/extension/chromium/filters/15.txt

Here's the parsed one for Pi-Hole server on your network; (which is WAY more efficient than Adguard)
https://v.firebog.net/hosts/AdguardDNS.txt

The CDN being blocked is more worrisome and requires further investigation. My Fortinet pulls lists from a variety of Fortinet sources including active threat alerts from deployed FortiSandbox APT units, direct threat lists from FGRD, pooled lists from FGAN. So I don't blindly discard it's warnings. After all, it warned me about Ccleaner back sometime 2-3 months BEFORE the Ccleaner episode which prompted me to pull Ccleaner/Agomo. As soon as it is done in the lab I will update, not too many guys there over the weekend so priorities.
 
Last edited by a moderator:

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,759
F

ForgottenSeer 58943

I appreciate your time and effort, I personally keep using it because I like it.a lot of features that I can't find any of them in other browsers!!I have trust on them.

Can it be FP? I mean blocking such URL is like an AV company block Google..

Thank you, keep us posted<3

I'm thinking it is an FP. If so, it's a rare Fortinet FP. Fortinet has legendary URL evaluation techniques and laboratory and are rarely wrong. Which is why I tend to be cautious when they trigger. We'll see what they say when they finish evaluating it.
 

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452

Attachments

  • capture_11042017_215428.jpg
    capture_11042017_215428.jpg
    336.3 KB · Views: 407
  • capture_11042017_233933.jpg
    capture_11042017_233933.jpg
    337.8 KB · Views: 345
  • capture_11042017_233446.jpg
    capture_11042017_233446.jpg
    132.2 KB · Views: 396

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top