New Update Osprey Browser Protection discussion and updates

[ErzCrz]

I finally made an introduction video for Osprey. Let me know your thoughts:

Great video, Osprey is a great extension I needn't anything else apart from uBlock Origin Lite for blocking ads

 

[Foulest]

Great video, Osprey is a great extension I needn't anything else apart from uBlock Origin Lite for blocking ads

Yep. That's the setup I'm using. uBlock Origin for ads, Osprey for phishing threats.

 

[goodjohnjr]

Yep. That's the setup I'm using. uBlock Origin for ads, Osprey for phishing threats.

I am curious for some of your reasons why you choose it over the AdGuard Adblocker web browser extension (MV2 or MV3)?

 

[Foulest]

I am curious for some of your reasons why you choose it over the AdGuard Adblocker web browser extension (MV2 or MV3)?

They're mostly interchangeable.

 

[goodjohnjr]

They're mostly interchangeable.

Thanks @Foulest.

I jump back and forth between them, and sometimes trying Ghostery.

I like that Ublock Origin / Ublock Origin Lite have better defaults and is quicker / easier to adjust the filters.

While I am not a fan of the AdGuard Adblocker defaults and how it takes more time et cetera to adjust the filters and settings, along with some bugs. The AdGuard program is the buggiest of them all, I never can use it for long, because of bugs, sadly. I am glad that I have lifetime licenses, so I am not losing money by not using it.

AdGuard Adblocker / AdGuard program (when it works / is not bugging out) has the potential to be the best after adjusting various settings.

 

[Gandalf_The_Grey]

Osprey Browser Protection 1.4.6

Changes in 1.4.6​

• 'Back to safety' now takes you to Google on Firefox instead of killing the tab
• Added Switch.ch Security DNS back to the Protection Options
• Restored functionality to CERT-EE Security DNS
• Removed 'Drugs & Substances' alphaMountain category
• Added extension name and description translations
• Improved DNS request handling & response times
• Modified default settings
• Cleaned up code

This update has been submitted to all extension stores.

Full Changelog: 1.4.5...1.4.6

Release 1.4.6 · OspreyProject/Osprey

Changes in 1.4.6 'Back to safety' now takes you to Google on Firefox instead of killing the tab Added Switch.ch Security DNS back to the Protection Options Restored functionality to CERT-EE Securi...

github.com

 

[silversurfer]

Osprey Browser Protection 1.4.7 (released: Feb 26, 2026)

Changes in 1.4.7​

• Added Seclookup Web Protection to list of providers
• Fixed typo in Switch.ch false positive reporting form
• Improved code security across entire codebase
• Localized previously missed notification text
• Cleaned up code

This update has been submitted to all extension stores.

Full Changelog: 1.4.6...1.4.7

Releases · OspreyProject/Osprey

Browser extension that protects you from malicious websites. - OspreyProject/Osprey

github.com

 

[Foulest]

Since it hasn't been posted yet:

Osprey Browser Protection 1.4.8 (released: Mar 10, 2026)

Changes in 1.4.8​

• Removed Seclookup and DNS4EU from protection providers
• AlphaMountain and PrecisionSec now run through our proxy server
• All exposed API keys have been hidden and rerolled
• Improved cancellation logic of background requests
• Fixed oversight with domains with underscores
• Fixed issue with old Firefox versions not working (#55)
• Cleaned up code

Seclookup was removed for having restrictive API limits.
DNS4EU was removed for not responding to false positive reports.

Releases · OspreyProject/Osprey

Browser extension that protects you from malicious websites. - OspreyProject/Osprey

github.com

 

[CyberDevil]

AlphaMountain and PrecisionSec now run through our proxy server

If it's for the privacy of the requests, then why just those? And if it's not for privacy, then why is it necessary?

 

[Foulest]

If it's for the privacy of the requests, then why just those? And if it's not for privacy, then why is it necessary?

It's for both privacy and security. User IPs are hidden through the proxy server, and so are API keys which are necessary for the APIs the proxy server calls to function. I might route all traffic through the proxy server entirely in the future, but I've kept the DNS providers local for latency.

 

[Foulest]

Osprey Browser Protection 1.5.0 (released: Mar 23, 2026)

This update addresses CyberDevil's privacy concerns. Now everything is routed through the proxy server.
Your IP is now completely hidden to every provider. Stay safe!

Changes in 1.5.0​

• Moved all URL lookup logic to the proxy server
• Added feedback form that opens when uninstalling
• Added keyboard navigation to all UI elements
• Hardened security of most classes in codebase
• Fixed various issues with the caching system
• Updated Privacy Policy
• Cleaned up code

This update has been submitted to all extension stores.

With this update, every lookup request, including to DNS servers, goes through our proxy server (https://api.osprey.ac) before being sent back to the Osprey client. This ensures that your IP address is never sent to any provider in Osprey's protection options - only to the proxy server, which doesn't log or store IP addresses. Feel free to read the project's Privacy Policy for more information.

Full Changelog: 1.4.9...1.5.0

 

[Sampei.Nihira]

@Foulest

I tried your new version 1.5.0 in Firefox for Android, but I can't identify other PPs that might be blocking a website,it's almost certainly my fault.
It's easier with a mouse on the desktop version.
It seems to me that any proxy latency, if it works in the Android version as well, is acceptable.
Keep up the good work.

 

[Parkinsond]

View attachment 296541

@Foulest

I tried your new version 1.5.0 in Firefox for Android, but I can't identify other PPs that might be blocking a website,it's almost certainly my fault.
It's easier with a mouse on the desktop version.
It seems to me that any proxy latency, if it works in the Android version as well, is acceptable.
Keep up the good work.

 

[Foulest]

Sorry for the inactivity. I've been sitting on a big update, and I just graduated college.

Here's the changes in version 2.0.0 that's live on Firefox:

- Popup panel and warning pages have simpler, cleaner designs
- Configuring settings has finally been moved to its own page
- Osprey will now only block pages with at least 2 providers flagging to prevent FPs
- Added OpenDNS Security and Family DNS to list of providers
- Added ChainPatrol Web Protection to list of partnered providers
- Added URLhaus Feed to list of providers
- Added Third Party Integrations (you can put your own API key in them)
- Added SecLookup to list of third-party integrations
- Added Xcitium Verdict Cloud to list of third-party integrations
- Added MetaDefender Reputation to list of third-party integrations
- Added Webroot to list of third-party integrations via MetaDefender
- Added OpenPhish to list of third-party integrations via MetaDefender
- Rewrote entire codebase to better follow JavaScript standards
- 'Report website as malicious' button now opens Phish.Report

Let me know what you think.

 

[Wrecker4923]

I just graduated college

Congratulations! Plenty of luck and no malware!

 

[Andrew999]

Sorry for the inactivity. I've been sitting on a big update, and I just graduated college.

Here's the changes in version 2.0.0 that's live on Firefox:



Let me know what you think.

Great update!

May I ask, though, as Firefox said it now needs another permission to collect browsing history when it seems it didn't use to. Do you know why that is ans what will happen if I decline it? I know it is not for a malicious reason, though, more just curiosity. Thanks.

 

[Foulest]

Great update!

May I ask, though, as Firefox said it now needs another permission to collect browsing history when it seems it didn't use to. Do you know why that is ans what will happen if I decline it? I know it is not for a malicious reason, though, more just curiosity. Thanks.

View attachment 297779

Firefox requires that I say that. I don't collect browser history, but URLs people visit do flow through the proxy server, which I don't log. They are technically collected and cached in the proxy itself, but the cache is in-memory and hashed, so I couldn't even tell what URLs are cached. It's just a requirement as of a few months ago.

 

[Andrew999]

Firefox requires that I say that. I don't collect browser history, but URLs people visit do flow through the proxy server, which I don't log. They are technically collected and cached in the proxy itself, but the cache is in-memory and hashed, so I couldn't even tell what URLs are cached. It's just a requirement as of a few months ago.

Oh ok. I completely understand now. Thanks. I love using Osprey.

 

[Sorrento]

Thanks for update looking good!

 

[LinuxFan58]

Sorry for the inactivity. I've been sitting on a big update, and I just graduated college.

Here's the changes in version 2.0.0 that's live on Firefox:



Let me know what you think.

Congratulations with your graduation

The new V2 has not landed in Chrome webstore yet, but I have one suggestion about the false positives number set to minimum of two.

Because you allow users to include protection services and select which protection provider to enable, you facilitate personal preference on protection. With that in mind I would prefer to set my own false positive level. So could you make it a variable field in the settings (with a default of two)?