MarzametaL's System Software Configuration (OEM)

[marzametal]

• 
  
  Post for SeaMonkey... tbc!​

So far, loving the old school feel. However, I wish there was a way to remove Address Book, Composer and Mail & Newsgroup in their entirety. For a beginner, yeah... why not, till the novelty wears off and they want things separate.

By the way, how badass is this... lol

1. Disabled AdGuard for windows - filtering for SeaMonkey (caused certificate issues)
2. Removed Chatzilla, DOM Inspector from extensions tab, enabled IDM plugin
3. Added StartPage as default search engine, deleted the rest
4. Set Bookmarks toolbar to hidden
5. Customize - dragged StartPage search bar onto browser header (omg... WOW!)... also selected small icons, no text

about:config modifications... (my goal is to minimise cache and phone home)

Spoiler

browser.sessionhistory.max_entries - from 50 to 2
dom.storage.enabled - false
browser.cache.offline.capacity - from 512000 to 0
browser.cache.offline.enable - false
browser.cache.memory.enable - false
browser.cache.memory.max_entry_size - from 5120 to 0
security.tls.version.max - 3
security.tls.version.min - 1
browser.cache.disk.enable - false
browser.cache.disk.capacity - 0 (358400)
browser.cache.disk.max_entry_size - from 51200 to 0
browser.cache.disk.smart_size.enabled - false
browser.cache.disk.smart_size.use_old_max - false
browser.cache.disk_cache_ssl - false
network.http.bypass-cachelock-threshold - from 200000 to 0
network.http.use-cache - false
extensions.getAddons.cache.enabled - false
media.peerconnection.enabled - false
media.peerconnection.video.enabled - false
browser.safebrowsing.enabled - false
browser.safebrowsing.malware.enabled false
network.prefetch-next - false
network.http.sendRefererHeader - from 2 to 0
browser.send_pings.require_same_host - true
keyword.enabled - false (goes to google, regardless of default search engine)
breakpad.reportURL - from http://crash-stats.mozilla.com/report/index/ to file:///dev/null
---------------
if you prefer to manually update addons, search engines and browser, do this... if not, skip
extensions.update.enabled - false
browser.search.update - false
app.update.enabled - false
---------------
security.ssl3.ecdhe_ecdsa_aes_128_sha - false
security.ssl3.ecdhe_ecdsa_aes_256_sha - false
security.ssl3.ecdhe_ecdsa_rc4_128_sha - false
security.ssl3.ecdhe_rsa_aes_128_sha - false
security.ssl3.ecdhe_rsa_aes_256_sha - false
security.ssl3.ecdhe_rsa_rc4_128_sha - false
security.ssl3.rsa_rc4_128_md5 - false
security.ssl3.rsa_rc4_128_sha - false

Edit/Preferences modifications... (rough notes)

Spoiler

APPEARANCE
untick show tooltips
content - use smooth scrolling
- resize large images...
- warn me when websites try to redirect or reload the page

BROWSER
downloads - change download directory
- don't open anything when starting a download (if you use a 3rd party download manager)
location bar - untick autocomplete
- untick highlight effective domains
- untick add www and com
history - untick remember visited pages
- untick remember location bar history
- untick enable form and search history, reset to 0 days

PRIVACY AND SECURITY
tell websites i do not want to be tracked
private data - tick always clear my private data
- tick all private data entries
passwords - unticked remember passwords
cookies - select allow cookies for the originating website only (no third party cookies)
- select accept for current session only

ADVANCED
untick submit crash reports
untick prompt for incoming connections
cache - compare the page? select every time i view the page
find as you type - disable/untick

More research required into Data Manager to see how it properly handles cookies, permissions, etc...
Cosmetic changes can be found here:

1. http://lifehacker.com/the-best-about-config-tweaks-that-make-firefox-better-1442137111
2. http://www.tweakguides.com/Firefox_1.html

-----------
I've decided to let go of SeaMonkey. On its face, it is a great application very fast on the trigger, smooth processing of tasks. However, as I mentioned earlier, for a user who is higher than Beginner level, the all-in-one aspect of SeaMonkey will be irritating. Composer, Mail and Address Book cannot be disabled or removed. Also, the plain/what you see is not what you get feel of Data Manager isn't desirable. Even the help file on Mozillazine (I had to go elsewhere for information because the in-built Help file didn't mention Data Manager at all) concedes its interface isn't as intuitive as it should be. For an application that is built as an alternative, I'll pass.

 

[marzametal]

Post for QupZilla... tbc!

Had a quick glance at this one, while setting up firewall rules... it looks promising.

Tools/Preferences modifications... (rough notes)

Spoiler

Make StartPage default search engine

GENERAL
after launch - open homepage
on new tab - open homepage
untick check for updates on start

TABS
tab behaviour - show tab previews and make tab previews animated

BROWSING
local storage - maximum pages in cache is 2
- untick allow storing network cache on disk
- untick allow saving history
- untick allow local storage of html5

DOWNLOADS
set download directory
if you use an external download manager, input its details

PASSWORD MANAGER
untick allow saving passwords from sites

PRIVACY
untick send referer header
tick send do not track header
cookies manager / settings - tick allow storing of cookies
- tick delete cookies on close
- tick filter tracking cookies
- never allow 3rd party cookies

Damn this browser loves eating RAM. I have been online for 57 minutes and RAM is up to 275MB.
---------------------
I have chosen to let go of QupZilla. The only negative this browser possesses is that it's controlled by a Developer, not a company. Hence, all decisions for addons/extensions have to be approved by the Dev and then created by the Dev. Which also means there are no websites out there that cater to the supply of addons/extensions for this browser. It is all over at GitHub. This browser includes a healthy list of plugins, not too many, not too little and they seem to be used by various demographics. Lets hope more people get behind this browser to make it shine.

When the developer swaps AdBlock for uBlock, I will be re-introducing this browser as a 2nd alternative (yes I have picked a favourite).

One more thing, an internet user shouldn't... imho, allow the decision making process for Flash LSO cookie blocking to be conducted by the browser. One should just do the following, and be pleased that their addon/extension onslaught has been reduced by one...

Spoiler

1. Problem: Disable LSO flash cookies
2. Solution: Bring up the file manager by clicking clicking on "computer" in the start menu.
3. In the location area, type %appdata%
4. You should see something similar to: C:\Users\Owner\AppData\Roaming
5. Scroll down to Adobe and left double click to enter the folder.
6. You will see a folder: Flash Player
7. You can either delete or rename this folder.
8. This is where flash cookies and settings are stored.
9. I deleted mine and all works fine.
10. Now, you want to create a FILE called Flash Player.
11. Right click in open area and select New.
12. You will get a menu of file types. Select any text style.
13. Clear the generated name completely and type Flash Player to create an empty file of that name.
14. Windows will not create a folder that has the same name as file. This prevents flash from creating and saving any data in a "Flash Player" folder.
15. Problem solved!

 

[marzametal]

Post for Firefox Ultimate... tbc!​

1. Disabled AdGuard for Windows - filtering for Firefox (caused certificate issues)
2. LOL @ take the tour!
3. Show Menu Bar
4. WOW! no extensions...
5. Changed defaut search engine to StartPage

about:config modifications... (my goal is to minimise cache and phone home)

Spoiler

geo.enabled - false
browser.sessionhistory.max_entries - from 50 to 2
dom.storage.enabled - false
browser.cache.offline.capacity - from 1024000 to 0
browser.cache.offline.enable - false
browser.cache.memory.enable - false
browser.cache.memory.max_entry_size - from 5120 to 0
security.tls.version.max - 3
security.tls.version.min - 1
browser.cache.disk.enable - false
browser.cache.disk.capacity - 1048576 to 0 (browsers original values vary from make/model)
browser.cache.disk.max_entry_size - from 51200 to 0
browser.cache.disk_cache_ssl - false
network.http.bypass-cachelock-threshold - from 200000 to 0
network.http.use-cache - false
extensions.getAddons.cache.enabled - false
media.peerconnection.enabled - DOES NOT HAVE IT
media.peerconnection.video.enabled - DOES NOT HAVE IT
browser.safebrowsing.enabled - false
browser.safebrowsing.malware.enabled false
network.prefetch-next - false
network.http.sendRefererHeader - from 2 to 0
browser.send_pings.require_same_host - true
Browser.search.suggest.enabled - false (goes to google, regardless of default search engine)
keyword.enabled - false (goes to google, regardless of default search engine)
breakpad.reportURL - from http://crash-stats.mozilla.com/report/index/ to file:///dev/null
-----------
if you prefer to manually update addons, search engines and browser, do this... if not, skip
extensions.update.enabled - false
browser.search.update - false
app.update.enabled - false
-----------
security.ssl3.ecdhe_ecdsa_aes_128_sha - false
security.ssl3.ecdhe_ecdsa_aes_256_sha - false
security.ssl3.ecdhe_ecdsa_rc4_128_sha - false
security.ssl3.ecdhe_rsa_aes_128_sha - false
security.ssl3.ecdhe_rsa_aes_256_sha - false
security.ssl3.rsa_rc4_128_md5 - false
security.ssl3.rsa_rc4_128_sha - false

NOTE: These security.ssl3 rul

Tools/Options modifications... (rough notes)

Spoiler

GENERAL
change download settings

TABS
tick show tab previews in the windows taskbar

PRIVACY
select tell sites that i do not want to be tracked
firefox will use custom settings for history
select always use private browsing mode
restart
never accept third party cookies
show cookies - remove all cookies
location bar suggests nothing

SECURITY
remove all sites for installing addon warning

ADVANCED
general - warn me when websites try to redirect
network - untick warning about offline data use

Cosmetic changes can be found here:

1. http://lifehacker.com/the-best-about-config-tweaks-that-make-firefox-better-1442137111
2. http://www.tweakguides.com/Firefox_1.html

--------------------
I have decided to let go of Firefox Ultimate. I hold SeaMonkey higher than FFU (even with the Composer, Mail, Address Book). This custom version of Firefox seems redundant. There are other versions out there that cater to multi-core processors, Intel vs AMD, more in-depth tech specs than this version, and they all seem to pack more punch than this version. FFU seems to be a toddler sitting in the shadow of... lets say, Cyberfox and Waterfox.

From a beginner vs intermediate/advanced perspective, I would still be choosing from one of the other powerful FF alternatives, regardless of x86 or x64 preferences. FFU is trying to achieve something, but for the life of me... I have no clue what...

 

[marzametal]

Post for SlimJet... tbc!

Avira Browser Safety extension wanted to be activated, v1.4.4... IDM extension was also present, matches current version that is installed.
Sandboxie wanted sandboxiebits.exe to gain net access...

Spoiler

Background Intelligent Transfer Service
Program Name: SandboxieBITS.exe
Service Name: bits

Downloads files in the background on behalf of a requesting applications. Some installation programs (most commonly for Microsoft and Google products) ask this service to download additional resource files on their behalf. The service downloads these files into the sandbox.

Ahhhh, this will be fun to figure out... a bit of a tug-of-war brewing between SpyShelter Premium and Sandboxie, they're punching on for Slimjet's attention... muhahahaha

1. Added uBlock and uMatrix extensions

-------------------------
Welcome to my first choice as an alternative to IE 11, well... and to Firefox!

The settings take some getting used to, but they are relatively straight-forward. Having said that, it's Google... nothing is straight-forward Just like its competitors, it also offers a sandbox mode called InCognito! You will find some settings that replicate through this browsers competitors, and some new ones. One thing that made me laugh out loud was my default location had been set to Afghanistan... shhh, don't tell ISIS!

Where do I begin with the two addons mentioned above, uBlock and uMatrix. In the short amount of time I have been exposed to these extensions (sorry, gotta' use the proper wording), I am blown away. I thought NoScript was the easiest way to kill the Internet. NoScript, there is a new Sheriff in town, and he/she is ready to break web functionality with the best of them! Watch where you click, or you will end up with plain text... ahahaha

 

[Cats-4_Owners-2]

Post for SeaMonkey... tbc!

So far, loving the old school feel. However, I wish there was a way to remove Address Book, Composer and Mail & Newsgroup in their entirety. For a beginner, yeah... why not, till the novelty wears off and they want things separate.

By the way, how badass is this... lol
View attachment 49102

Very good! When I'd returned thirty minutes later, I'd finally realized "What?? The browser I'm using is Chrome, but it is Marin Eres' image of Sea Monkey that's actually making it look like an older version Mozilla browser!"

 

[Moose]

So, what are your final two browsers of the five browsers that, I had given the link to from above?

 

[marzametal]

Reserved for a bit of a chat about my experiences with Shadow Defender, Sandboxie and SpyShelter during testing of these 4 browsers... tbc!

• SlimJet and QupZilla made their prescence felt outside of Sandbox:

Spoiler

• SlimJet also caused a fiasco with SandboxieBITS.exe (damn background transfers)... made requests to:

Spoiler

• 74.125.162.234
• 77.67.47.146
• 216.58.216.225
• 216.58.216.238

from Program Files unsandboxed, not from the sandbox itself!

• Shadow Defender is damn powerful. You'd think whatever changes made in Sandboxie would stay that way after reboot. Ummmm, no. Due to Shadow Mode being activated, you must include C:\Sandbox in the SD Commit Now tab, and Apply.

 

[Cats-4_Owners-2]

Reserved for a bit of a chat about my experiences with Shadow Defender, Sandboxie and SpyShelter during testing of these 4 browsers... tbc!

• SlimJet and QupZilla made their prescence felt outside of Sandbox:

Spoiler

View attachment 49170

• SlimJet also caused a fiasco with SandboxieBITS.exe (damn background transfers)... made requests to:

Spoiler

• 74.125.162.234
• 77.67.47.146
• 216.58.216.225
• 216.58.216.238

from Program Files unsandboxed, not from the sandbox itself!

• Shadow Defender is damn powerful. You'd think whatever changes made in Sandboxie would stay that way after reboot. Ummmm, no. Due to Shadow Mode being activated, you must include C:\Sandbox in the SD Commit Now tab, and Apply.

Fascinating. I've not used the 'Commit Now tab' before. Should it be C:\Sandbox or C:\Sandboxie included?

I've only used the x86 portable version SlimJet, and because it does not work in Sandboxie mainly browse when the system is in Shadow mode.

 

[marzametal]

Fascinating. I've not used the 'Commit Now tab' before. Should it be C:\Sandbox or C:\Sandboxie included?

I've only used the x86 portable version SlimJet, and because it does not work in Sandboxie mainly browse when the system is in Shadow mode.

My Sandbox directory is called C:\Sandbox, this may vary depending on how you set it up... whether or not you called it a different name.

@Cats-4_Owners-2 - let me elaborate please. I feel I am being a tad cryptic. The only SBIE-related directory that should be included in SD's Commit Now tab is the actual sandbox, which has a default location of C:\Sandbox. The Program Files directory "Sandboxie" should not be included, since SD has to be turned off for upgrades to applications, especially applications that have Windows Services attached!

@Cats-4_Owners-2 - one more addition... the above piece of intel only applies if one of your sandboxes has been set to "never delete". While I was testing these browsers, I kept the sandbox contents intact. Hence, I had to commit the changes via SD, so I could continue where I left off after reboot. If your sandboxes are being emptied, then there is no use in entering C:\Sandbox into SD.

 

[marzametal]

So, what are your final two browsers of the five browsers that, I had given the link to from above?

1. SlimJet (User can invade Chrome extensions whenever they see fit...)
   • HOLY HELL - how awesome is uMatrix!
2. QupZilla (Developer holds all or most control, hence limited extensions...)
   • A request has been made on GitHub for the removal of AdBlock, to be replaced with uBlock... if only!

------------------------
I have chosen, in the meantime, to go with SlimJet (has it installed on HDD with sandbox ready for it). Mind you, my tweaks in settings were too hardcore... I forgot I had to leave some room for temporary cookie storage, I COULDN'T LOG IN!!! muhahahahaha

 

[hjlbx]

Nice config...always changing. Not a bad thing as you will learn what really works on your specific system by actually using the software.

 

[Moose]

Salutations,

Looking forward to answer on post # 27 sometime next week? Take your time and really give this question some thought?

"May, I suggest reinstalling Shadow Defender in place of Sandboxie! How many time have you heard of a problem with Shadow Defender?
Now,ask the same question with Sandboxie?"

Make it a great one,

Moose

 

[marzametal]

@Moose is getting excited!

 

[hjlbx]

Salutations,

Looking forward to answer on post # 27 sometime next week? Take your time and really give this question some thought?

"May, I suggest reinstalling Shadow Defender in place of Sandboxie! How many time have you heard of a problem with Shadow Defender?
Now,ask the same question with Sandboxie?"

Make it a great one,

Moose

Sandboxie versus Shadow Defender ... Even though Shadow Defender allows the installation of drivers in Shadow Mode, and there is not currently a way to enforce restricted permissions like in Sandboxie, I think SD has three things going for it that SBIE does not and never will:

1. high software/system compatibility
2. simplicity/ease-of-use
3. proven track record (only rumor of a single bypass, of which there is no testable/verifiable evidence - urban myth I think )

SD doesn't let me down whereas SBIE has failed me in various areas numerous times.

 

[marzametal]

3. proven track record (only rumor of a single bypass, of which there is no testable/verifiable evidence - urban myth I think )

@Umbra Polaris reckons that some rootkits can sneak by...

 

[frogboy]

I have thrown everything but a brick at Shadow Defender with not one problem.

 

[marzametal]

Has anyone had any exposure to the free version of Disconnect.Me for Desktop?
I tried installing it in a sandbox to see how far it'll get. I was startled to see it wanted to install a TAP driver. Why?

 

[Moose]

Here is another browser that you may want to look at
https://browser.yandex.com/
or their alpha browser below:
https://browser.yandex.com/future/
combination of opera and chrome.
Con's. Links from Word!Yandex button links to russian language site!

 

[hjlbx]

@Umbra Polaris reckons that some rootkits can sneak by...

I asked Umbra Polaris about the rootkit bypass and he replied that it was unsubstantiated/unverified ... and based only upon one video.

He also stated that in all the years he has used SD it has never been bypassed.

In any case, I do not mean to hijack your config thread with a debate about Shadow Defender.

You are always trying out new softs which is great ... because you will find what works for you based upon actual experience with the apps ... and not someone else's opinions.

Few people put forth your same efforts.

 

[marzametal]

Modification:

1. Installed EagleGet (purely for SlimJet... running as a Restricted App in SpyShelter)
2. Restricted Internet Download Manager to only work with IE 11 (running as a Restricted App in SpyShelter)
3. Reinstalled Ghostery addon for IE 11 (was going to try Disconnect.ME for Desktop, however it wanted to install a TAP driver... already have one for VPN, can't be bothered collecting them!)

...a bit of information, ssshhhh....

• Zemana Antimalware installs a Windows Service "ZAM Controller Service". Its default status is Started/Automatic. The service remains started and automatic even if the user unticks "load at startup" from within the ZAM GUI. ZAM.exe will load with a command line switch to keep it on the down-low. If one was inclined to do so, one could stop and disable this Windows Service, and ZAM.exe wouldn't load at startup anymore (or try to use an anti-executable). HOWEVER, one would have to start and activate the service again, to get ZAM to load the GUI for use. So, up to you...
• EagleGet installs a Windows Service "egGetSvc". Its default status is Started/Automatic. The service remains started and automatic even if the user unticks "load at startup" from within the EG GUI. I stopped and disabled this service, rebooted, loaded up browser and commenced a download. Low-and-behold, the service did not fire up at all, and the download started and completed as expected.