Extensions/add-ons is the future, software is the past

Status
Not open for further replies.

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
Infected USB drives, infected emails received through email clients, network aware malware that spread through LAN, torrents, FTP, infected posts in Usenet, infected files through IRC, are just some of the ways you can get infected without using a browser..
Ah uh, what are your solutions to all these troubles/dangers, doctor?
 
  • Like
Reactions: AtlBo and vtqhtr413

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
.. so what are your solutions, which solutions you use, please

______________________

What are web threats:

Web-based threats – or online threats – are malware programs that can target you when you’re using the Internet. These are browser-based threats..
.
- read here: on usa.kaspersky.com: https://usa.kaspersky.com/resource-center/threats/web

Most of the malware infections are accomplished by JavaScript and iFrames being injected into legitimate sites, accounting for nearly 55 percent and 37 percent respectively, said Dasient co-founder Neil Daswani.
The statistics illustrate the growing trend of attackers targeting browsers and Web applications with SQL injections, cross-site scripting and other attacks that can lead to drive-by downloads. Infections can come from anywhere on a site, including widgets and ads.
- read here: on cnet.com: Web-based malware infections rise rapidly, stats show

As of March 2016, Google reports that over 50 million website users have been greeted with some form of warning that websites visited were either trying to steal information or install malicious software. In March 2015, that number was 17 million. Google currently blacklists close to ~20,000 websites a week for malware and another ~50,000 a week for phishing. PhishTank alone flags over 2,000 websites a week for phishing. These numbers reflect only those infections that have an immediate adverse effect on the visitor (i.e., Drive by Download, Phishing) and do not include websites infected with Spam SEO and other tactics not detected by these companies.
- read here: on sucuri.net: Sucuri Security

These are browser-based threats...
 
  • Like
Reactions: AtlBo
5

509322

There are many security features that can be incorporated in the browser itself. Just look at Yandex beta, for instance.

There is only so much a browser can do. The problem is not what the user is downloading, but what the OS allows; if the underlying OS would not permit the running all those file types (either at all or by default), then there wouldn't be any security risk in the first place.

If you don't want a conflagration, then don't combine fuel (gasoline), oxygen, and flame. Once again, it's so stupid that it is absolutely brilliant.

Fuel (gasoline) = Windows with way tooooooo much stuff that is not needed enabled by default - in fact should not even be shipped with Windows for average Joe home users
oxygen = power button, internet, browser, users online that give other users bad ideas, cracks, warez, whatever...
flame = user
 
Last edited by a moderator:

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
Opcode, if you spoke of extensions to scan download files, look too on this topic:
Block Malicious File Downloads : Add-on - Block Malicious File Downloads
Thanks
I don't know what the purpose of that extension is. I just tried it out. It blocked all of the downloads regardless of the website
I think, just simply enable "Ask where to save each file before downloading" (chrome) so we can cancel the malicious or unintended downloads before they can cause any damage

I think this extension is only useful if we want to prevent our family members to download and run something without our permission but they will wonder why this browser is broken and can't download anything

We can't customize the blocklist. I want to unblock a few extension such as .exe
 
Last edited:

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
File types blocked by this extension: are in the options page...

Maybe you could use ExeGuard only, to scan .exe files?

Or Exe Blocker offered by Glenn Wilson: Exe Blocker
Version: 1.0.0 Updated: July 12, 2012 Size: 2.32KiB
"extension that blocks .exe and .msi file types..."
- I've downloaded it.

EDIT: ah, you would "unblock" .exe files... disable this extension if you wish make download, then enable it.
 
Last edited:

Sephiroth Source

Level 2
Verified
Jul 13, 2015
65
YES very good, best (for me). I use it.
View attachment 175108- automatically connected

I'm sending you a very good article about Ultrasurf, which is not biased or wrong (like sick articles from Tor website...): it's from thewindowsclub. com: UltraSurf Review: Free Proxy based Privacy Tool for Risk Blogging & Anonymous Reporting: UltraSurf Review: Free Proxy based Tool for Risk Blogging & Anonymous Reporting
... Internet censorship already exists in China where even Google is censored. Iran is building its own Internet to keep its citizens away from happenings in the world. India too makes noises, on and off, about monitoring the Internet and thereby the freedom of speech. You can see the list at the end of this post. ...
The home page of UltraSurf says that it was designed to help people of countries like China, where the Internet is heavily censored. Since they cannot get to most of the social networking sites and International news websites, UltraSurf came into existence to provide them with an on-demand proxy. Since this proxy is established each time you connect to the Internet (given that Ultra-Surf is set up as a startup program), it allows you to bypass any kind of Internet censorship – allowing you to view blocked websites. ...
It also says that though the original target of Ultra Surf was China residents, people across the world have recognized the kind of security it provides and use it to protect both their identity and privacy on the Internet.

In other words, if you use Ultra Surf to blog about anything, no authorities can find out who blogged as the IP would be different. You must, however, be using a public blogging service. In case you blog on a custom domain, it is easy for authorities to find out your identity by contacting your registrar whose information is always visible in WHOIS search.

The best thing here is that you do not have to install it. When you download it, you get it as a ZIP file. You can extract the ZIP anywhere to your hard disk and even copy it to your Pen Drive. Carry the Pen Drive to a cyber coffee, copy the software to the desktop, launch it and perform the tasks you wish to do: send emails anonymously, a blog from behind a firewall and more. ...

... read more on thewindowsclub.com...

But technical details you ask, are not published by Ultrasurf, I don't see for now...
I used Ultrasurf a long time ago. By the time I did a college degree, the institution provided a wireless signal, but almost all the sites were blocked. The Ultrasurf was very helpful ...
 

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
I'm happy for you Sephiroth Source.:)

________________________________

Well, I am responsible for my bad thinking which has become the reason for this topic, sorry.

I changed my thoughts now: everything is needed for defense, and browser extensions, and Windows softs, so that we could take out the evil done by bad guys.
Thank you for your understanding.

 

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,759
You can do this: Simple wall or any simple Fw +himan pro (scan on boot)+Vpn(or proxy for the browser)+run a secure browser+before installing anything check the vt for detection and also community rank! I believe the community rank work better than any av. So you will not be infected!
 
  • Like
Reactions: Prorootect

Prorootect

Level 69
Thread author
Verified
Nov 5, 2011
5,855
Thank you Sunshine-boy, yu're right.
On the other hand, you don't have to be too paranoia mode: I leave this job for ScriptSafe.
I don't have time nor will - I don't want to surf too far from MT board, so I don't need too sophisticated defenses.

Community rank hmm, I don't like this WOT, uh, biased notations due to misinformed people.
Instead of it, use "Sur.ly Surfguard" and Insight .. look for description of these two here: Add-on - Sur.ly Surfguard preview safety status of a link
 

Soulbound

Moderator
Verified
Staff Member
Well-known
Jan 14, 2015
1,761
This thread is for discussion between native apps and extensions, not for extensions recommendations/support and vice versa.
As such thread requires approval for posting. Please stick to the original question topics
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top