Advanced Security oldschool's surfing laptop configuration

[ForgottenSeer 97327]

@oldschool you knew I would be tempted to try JShelter when you asked me so I installed and tried to figure out of what it does. Using recommended with network boundery shield and fingerprint detector ON are the settings advised by the author(s) of this project. I tried three websites Ikea.com Youtube and CNN and the FingerPrint Detector warining did reflect the degree of fingerprinting of these websites (I had read it somewhere, don't have the link anymore, but the warning level fitted what I thought I had read about those websites).

Spoiler: Little lies mode

 

[oldschool]

I don't have any idea about the No Google list, but you should check if it allows Chrome updates.

Some Google services may need whitelisting. Don't know about Chrome updates but I'll keep my eye on this. Here's the link for the No Google fitler list GitHub - nickspaargaren/no-google: Completely block Google and its services He maintains this and has links to other maintainers for:

 

[oldschool]

you knew I would be tempted to try JShelter when you asked me so I installed and tried to figure out of what it does. Using recommended with network boundery shield and fingerprint detector ON are the settings advised by the author(s) of this project...

Because the wrapping comes with the cost of performance loss, I tried to lower the settings a little (disabling or lowering settings of tracking mechanisms not commonly used). ... I am happy to report that the warning levels still worked OK. I posted a screen shot of these (compatible mode) settings and the results of the webpages with lowered protection levels.

I created a custom Relaxed Level courtesy of @Kees1958, I believe. I just started using it today:

 

[ForgottenSeer 97327]

@oldschool thanks for your feedback, I changed my mode to litlle lies mode using some oy your settings. I tried how good the FingerPrintDetector is with Javascript Shield OFF and it seems to work OK, without the feedback of the wrappers. Therefore I am running it with JavaShield OFF and a custom level protection called "Little lies mode" for websites with medium risk of fingerprinting and i Use "Recommended mode" for high risk of fingerprinting. This seems (for me) the best balance for no website breakage with protection.

I had a look on JShelter related threads on MT and on Github and can't really understand why Kees1958 was so critical against the authors. For what I understand of the issues on github, they implemented most of critic (only not data base with video cards like Trace and paid version of Cydec Anti_Fingerprinting). The authors even started an evaluation of their protection mechanisms after his critism (see spolier), so I don't understand why Kees1958 stayed so critical in his responses on github and MT.

Spoiler: Research effectiveness by JShelter

​

 

[Jan Willy]

to me I don;t understand why Kees1958 stayed so critical in his responses on github and MT

If I remenber well, Kees 1958 critised the faked elements in the fingerprint spoofing. Nevertheless he used this extension. View Update - JShelter - JavaScript Restrictor
My concern is that JShelter isn't developed anymore.

 

[ForgottenSeer 97327]

@Jan Willy You are correct the EU funding stopped, so probably the development also I looked on GitHub, but it seems asleep now (to say it nicely), it uses WebRequest API, so as far as I understand it works okay as long as MV2 is supported.

@oldschool I have blocked access to Motion and Light Sensors in Edge (an option in site permission in all Chomium browsers). And when a website tries to access this API you get a sign in the address bar. I did some testing and it seems that websites trying to fingerprint visitors use this option most of the time (8 out of 10 times when JShelter FingerPrint protector judged that this website tried to track me with fingerprinting, Edge also showed the "this site has been blocked using motion sensors"). So I thank you for attending me on this extension, but I think I will go for the 80% percent next best solution, by using indicator of build-in Edge, because JShelter uses quite some CPU (see spoiler). Nevertheless I learned a lot from using JShelter, so an explicit thank you

Spoiler: CPU usage JShelter with Javascript shield OFF

 

[oldschool]

My concern is that JShelter isn't developed anymore.

Someone opened an issue on GitHub inquiring about this. I guess we'll wait and see if there's a reply.

 

[ForgottenSeer 98186]

Someone opened an issue on GitHub inquiring about this. I guess we'll wait and see if there's a reply.

Yes. It is still under development but it project is at the mercy of available funding. If they don't received funding then it will go the way of many freewares.

 

[oldschool]

@Max90 FYI in case you're interested here are my new µBO medium mode filter lists:

 

[ForgottenSeer 97327]

@oldschool, I have promised myself that I would not change filters for a month, but ... when you would PM of the small privacy filter I would be grateful

 

[oldschool]

Switched from Quad9 to NextDNS due to it possibly causing slowdown.

 

[blackice]

Some Google services may need whitelisting. Don't know about Chrome updates but I'll keep my eye on this. Here's the link for the No Google fitler list GitHub - nickspaargaren/no-google: Completely block Google and its services He maintains this and has links to other maintainers for:
View attachment 273714

You can leverage these massive corporations without them controlling you. Joining the privacy panic is mind control as well (I know you to be a very reasonable person, just a minor post whiskey point).

 

[ForgottenSeer 97327]

Switched from Quad9 to NextDNS due to it possibly causing slowdown.

Have a look at browserleaks, IP address, DNS leaktest. Resoving from the Netherlands shows some strange Quad9 behavior. It's IPv6 servers are located in France, while its Ipv4 servers are located in the Netherlands. I had some issues with NextDNS (servers in Netherlands sometime felt back to servers in Germany). So I deciced to disable IPv6 in my router and switched to Quad9 (NextDns has one server, Quad has six or seven).

Although IPv6 has some advantages over IPv4 (no NAT, build-in IPSsec and QoS), when you don't have devices requiring IPv6, IPv4 still functions great. In act it is better to use IPv4 only, when you use a VPN for privacy, since most VPN services leak your IPv6 device address.

 

[oldschool]

My latest µBO Medium Mode filter lists used alongside NextDNS tracker blocking.

 

[SeriousHoax]

My latest µBO Medium Mode filter lists used alongside NextDNS tracker blocking.
View attachment 273916

Fanboy's Enhanced Tracking List has some false positives and it hasn't been updated in 2 years.

 

[toto_10]

Any specific reason you are using those filter?

I'm asking out of curiosity

 

[oldschool]

Fanboy's Enhanced Tracking List has some false positives and it hasn't been updated in 2 years.

Thanks, I failed to notice that, but I haven't encountered any issues with it. I'll remove it in any case.

Any specific reason you are using those filter?

I'm asking out of curiosity

It's a "light" list setup mostly for annoyances, paywalls, etc. because I use medium mode. This is a spin-off of @Kees1958 method of using minimal lists to minimize problems and easily ID any blockages that need correction. I'm using mostly tracker blocking like @TairikuOkami , which has eliminated virtually all ads.
Here're the reconfigured lists.

 

[ForgottenSeer 97327]

@oldschool What is your rule count?

 

[Jan Willy]

TarikuOkami relies on ad- and tracker blocking on DNS level.
View: Question - NextDNS/ControlD vs Quad9, AV Web Protection

 

[oldschool]

@oldschool What is your rule count?

25,973 + 53 My filters