- Mar 29, 2018
Every DNS is by definition third party.I find that a bit extreme.
Of course, limiting third party apps and extensions is preferred for security and privacy, but now you are trusting a third party dns provider.
Even known trusted extensions get manipulated. Adblock Plus, NoScript, WOT, …I don't think a few well-chosen extensions pose a real threat.
Harden your setup includes theThanks for the reply. What do you consider to be a secure browser setup? I have to use Chrome for work and use Adblock Plus.
What do you mean exactly when you say "harden your setup"? Are you referring to AV software?
This isn't a must. Why did you recommend such as must? Nowadays browser provide own tracking protection and against Ads, a lot of other options exist.3) It's a must to install an adblocker like uBlock Origin. I would also like to mention another capable and trusted one which is Adguard. If uBlock Origin causes any issue by chance then there's always Adguard as an alternative solution.
That's not how it works but nice to see that you don't accept other opinions and facts. Here also a quote from GrapheneOS dev:4) Ignore whoever says not to use an Adblocker.
@always_forever above quote is interesting for you.The recommended approach to system-wide ad-blocking is setting up domain-based ad-blocking as part of DNS resolution.
Apps and web sites can detect that ad-blocking is being used and can determine what's being blocked. This can be used as part of fingerprinting users. Using a widely used service like AdGuard with a standard block list is much less of an issue than a custom set of subscriptions / rules, but it still stands out compared to the default of not doing it.
This will only end in endless cookie banner management, instead of only doing it once.6) Delete cookies now and then. Maybe two, three times a month at least.
Deleting cookies is after each browsing session unless you can auto delete during your browsing session (see below).Hello,
I hope this post finds everyone here well and staying safe.
I'm wondering if there Is any way to prevent passwords from being stolen due to cookie theft apart from deleting all cookies after each browser session?
I know there’s a tradeoff between convenience and security and I’m willing to embrace that…but I work online a lot and having to re-register my PC multiple times every day is draining a lot of precious time.
Is the best way to just delete them or is there another way to prevent this?
There’s a lot of scams in the world these days and I’m doing my best to increase my cybersecurity knowledge and practices…so any insight would be sincerely appreciated!
Adblcoker's filter lists are much more enriched than built-in protection provided by the browsers (Maybe Brave is an exception) and even DNS-based solutions. Two, three weeks ago I wanted to watch a tennis match (Djokovic vs Nadal, French Open Semifinal) on a site on my mobile using Microsoft Edge with Strict protection and NextDNS as the DNS but couldn't because of constant VPN ads on the site. Opened the same site on Firefox for Android with uBlock Origin and watched for an hour without any ads whatsoever. So there goes just one real-life example.This isn't a must. Why did you recommend such as must? Nowadays browser provide own tracking protection and against Ads, a lot of other options exist.
You have an opinion and I have a different one. Isn't it obvious that all of our opinions won't match? There are many things I agree with you and there are also many things I disagree with you. This is not exclusive to you. This is true for everyone on the forum. This is normal and it happens always in real life too. So there's nothing personal about it.
You see those cookie banners because you rely on built-in and DNS-based protection which can't block/hide them. I use uBlock Origin with appropriate filters so I don't see any cookie notices. Good for me.This will only end in endless cookie banner management, instead of only doing it once.
It's not worth it, nor adding any advantages.
As already suggested by some members,
1) Try hardening the OS by using something like Hard Configurator/SimpleWindowsHardening. If using Microsoft Defender then also check Configure Defender. Both have dedicated threads here.
2) Use a password manager if you can like Bitwarden.
3) It's a must to install an adblocker like uBlock Origin. I would also like to mention another capable and trusted one which is Adguard. If uBlock Origin causes any issue by chance then there's always Adguard as an alternative solution.
4) Ignore whoever says not to use an Adblocker.
5) Set the browser to block all third-party cookies.
6) Delete cookies now and then. Maybe two, three times a month at least.
7) As Mr. oldschool is back after a long time, follow his motto, "Stay safe, not paranoid".
Appreciate the links and doing my best to understand the technology and terminology. Is the safest best to use such an extension (clear at intervals) or is this unnecessary being that I use a password manager with autofill?They mainly talked of prevention like
1) Surf over secure sites e.g. HTTPS
2) Preventing exploits
3) Preventing session hijacking from XSS, DNS and MITM attacks
and lastly, clearing cookies at the end of the session e,g use of Incoginto mode, sandbox/virtualize the browser or otherwise using an extension to do that. Note the browser itself also can clear browsing history but that's only after you exit the browser
Extension which can automatically clear browsing history with preset timing is the best. Chrome History Cleaner extension (no longer available in Chrome Web Store) can clear browsing history at every 1 minute minimum setting. In FF you can use Forget Me Not extension to prevent cookie creation
Indeed, it is. It even handles the situation @Gandalf_The_Grey had with private browsing on YT. PB @ YT on Brave is nice and clean. By far, THE BEST built-in adblocker available. And the µBO/adblocking community can thank the Brave team for all of their support in filter list maintenance.Maybe Brave is an exception
No.As far as cookies go, since I use a password manager with autofill, do I even have to worry about deleting them after each browser session?
No. But you can separate your browsing best with Updates - Chromium-Edge "3-Browser-Profiles" SolutionIs other sensitive data like payment methods and whatnot stored?
Stay with one AV only. I recommend Defender but use what you want.Do you recommend MalwareBytes Browser Guard? I've turned off MWB Premium real-time protection so it doesn't conflict with KSC free.
No.Do you use anti-keyloggers?
No problems with YouTube anymore now I'm back to an almost default uBlock Origin configuration, but I agree Brave does a great job.Indeed, it is. It even handles the situation @Gandalf_The_Grey had with private browsing on YT. PB @ YT on Brave is nice and clean. By far, THE BEST built-in adblocker available. And the µBO/adblocking community can thank the Brave team for all of their support in filter list maintenance.
And you are correct, sir: "Stay safe, not paranoid!"
I don't have that 2 second delay upon closing.I must admit I like it more as time passes, though it still has that weird bug - a 2 second delay upon closing.
BTW, I trying Edge Dev on Android and so far so good, except they're still using Adblock.
I also had the same problem when I deleted the cookies on exit.I must admit I like it more as time passes, though it still has that weird bug - a 2 second delay upon closing.
Now we're getting somewhere!No.
No. But you can separate your browsing best with Updates - Chromium-Edge "3-Browser-Profiles" Solution
Stay with one AV only. I recommend Defender but use what you want.
Combine that with SmartScreen (default already in Edge) and you're fine.
Edge can even natively be used in a much more secure way: Q&A - [HowTo] use extensions without compromise anything
Secure your system like with Hard_Configurator so keyloggers/ malware can't even start. Hiding data against them is theatre.
Chrome is fine too!I have to use Chrome for my work so I'm stuck with it.
Keep with default browser settings as much as possible and avoid extensions at all - if possible.disabled third-party cookies. Not sure what else I can do to further secure the browser.
Defender is the complete Windows security package with AV, Firewall, Anti-Ransomware, Anti-Exploit, Network filter, ASR rules, ...Isn't Defender Windows firewall? I thought it was pretty standard to use AV in addition to that? Defender is active along with KSC free and MWB Premium with real-time protection turned off.
I didn't know Hard_Configurator was even a thing before posting on this site! I thought it would be overwhelming but, as suggested in one of the threads here, I just used the recommended settings and also activated FireWall Hardening.
Maybe. You miss many Defender security features then. But as said above, if you're fine with your AV, ok.ConfigureDefender is grayed out and not clickable but thinking that's because I run KSC...not sure if that's a correct assumption.
You can also look at my setup for some ideas: SECURITY: Complete - SecurityNightmares's Security Config 2021I have to say that it's thanks to you and some other helpful members here that I've even been able to move forward with all this. I don't want to be paranoid (which keeps getting mentioned) but it's hard not to be when you know that you don't know what you don't know ;]
I'm looking at both of those links but shouldn't I get a cybersecurity certification first so I understand at least some of it?Chrome is fine too!
Keep with default browser settings as much as possible and avoid extensions at all - if possible.
If you are using uBlock Origin because of Ads, you should look at Tutorial - NextDNS: a DoH/ DoT guide and use NextDNS as DNS provider in Chrome.
If that's okay for you, but you visit some sites which used too annoying ads, install Application Guard, follow my posted guide above and install adblocker in that browser session. That's the way i do it.
Defender is the complete Windows security package with AV, Firewall, Anti-Ransomware, Anti-Exploit, Network filter, ASR rules, ...
Maybe. You miss many Defender security features then. But as said above, if you're fine with your AV, ok.
You can also look at my setup for some ideas: SECURITY: Complete - SecurityNightmares's Security Config 2021
Or look at my Windows guide: beerisgood/Windows10_Hardening
I don't own any certificate so don't think you need oneI'm looking at both of those links but shouldn't I get a cybersecurity certification first so I understand at least some of it?
I used to work in IT and got an MCSE in 2002 but am really reminded of how little I know these days.
Well, nothing. They start their PC and use it.What does the average home user do, I wonder?
You should start reading Hard_Configurator manual and you will see that many stuff is already handled by Andy's great toolDo I need to understand all of that and apply it to truly have a secure setup? I know there are levels...