New Update Osprey Browser Protection discussion and updates

Add-on/Extension Page
https://github.com/Foulest/Osprey
https://chromewebstore.google.com/detail/osprey-browser-protection/jmnpibhfpmpfjhhkmpadlbgjnbhpjgnd
https://microsoftedge.microsoft.com/addons/detail/osprey-browser-protectio/nopglhplnghfhpniofkcopmhbjdonlgn
https://addons.mozilla.org/en-US/firefox/addon/osprey-browser-protection/
goodjohnjr

goodjohnjr

Level 5
Verified
Jul 11, 2018
245
simmerskool said:
@Foulest (et al) today 01 June MalwareURLProtection was producing a false positive for every good website I visit every day so I disabled it for now.
Click to expand...
Yeah, when I went to report the false positives to MalwareURL Protection, they told me to uninstall the Osprey Browser Protection extension because it was illegal & its usage has been blocked. 👀
 
  • Wow
  • Hundred Points
  • Like
Reactions: piquiteco, Jonny Quest, simmerskool and 5 others
silversurfer

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,897

Changes in 1.2.2

  • Removed MalwareURL as a protection provider
  • Added PrecisionSec as an Official Partner
  • Fixed incognito pages not working in Chrome
  • Disabled Compromised protections for Symantec
  • Improved processing cache logic
  • Updated Quad9 implementation
  • Updated report contact info
  • Improved debug messages
This update has been submitted to all extension stores.
Click to expand...
github.com

Release 1.2.2 · Foulest/Osprey

Changes in 1.2.2 Removed MalwareURL as a protection provider Added PrecisionSec as an Official Partner Fixed incognito pages not working in Chrome Disabled Compromised protections for Symantec Imp...
github.com github.com
 
  • Like
  • +Reputation
Reactions: piquiteco, Virtuoso, simmerskool and 10 others
Vitali Ortzi

Vitali Ortzi

Level 31
Verified
Top Poster
Well-known
Dec 12, 2016
2,052
Andrew999 said:
Has anyone checked the privacy on this extension? I am a bit worried about it collecting my browsing history and storing it.
Click to expand...
Osprey itself doesn't collect data it's the providers inside that get the urls to check
And if you care about privacy select only providers with good privacy policys like quad9 inside osprey
 
  • Like
  • Thanks
  • +Reputation
Reactions: piquiteco, Jonny Quest, simmerskool and 2 others
Parkinsond

Parkinsond

Level 18
Dec 6, 2023
887
Vitali Ortzi said:
Osprey itself doesn't collect data it's the providers inside that get the urls to check
And if you care about privacy select only providers with good privacy policys like quad9 inside osprey
Click to expand...
All free security extensions collect data; Osprey has the advantage of variable, wide database, with the lightest implementation; it is the lightest of all.
 
  • Like
Reactions: piquiteco, simmerskool, Vitali Ortzi and 1 other person
Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,931
Osprey strips down each URL of tracking parameters before sending it to any APIs.

For example:
  1. If you search for shirts on Amazon and visit: https://www.amazon.com/s?k=shirts&crid=3TOVSW14ZHF8V&sprefix=shirt,aps,175&ref=nb_sb_noss_1
  2. Osprey will only send https://amazon.com/s to any APIs you have enabled.
  3. If the APIs report that the page is safe to visit, Osprey caches the result for 24 hours.
  4. It will also be cached if you click 'Continue anyway' or 'Temporarily allow this website' on a blocked site.
  5. As long as a URL is cached, no new network requests will be made for it.
The only data the APIs receive is the stripped-down URL, your user agent, and your IP address. Use a reputable VPN or proxy service if you're concerned about IP-related privacy. There are also extensions that mask your user agent, if you're so inclined.

As for why Osprey needs to check complete URLs instead of just the domain, many phishing attacks use legitimate companies to host their phishing campaigns, such as Jotform. If Osprey only checked a website's domain name, it wouldn't detect those threats. Osprey only sends your hostname to its various DNS API providers, so if you're highly concerned about URL page privacy, the DNS APIs are there for you.
Click to expand...
github.com

GitHub - Foulest/Osprey: Browser extension that protects you from malicious websites.

Browser extension that protects you from malicious websites. - Foulest/Osprey
github.com github.com
Osprey may contain affiliate links to products or services. If you click on an affiliate link and make a purchase, we may receive a commission at no additional cost to you. This helps support the development of Osprey.
Click to expand...
github.com

Osprey/.github/PRIVACY.md at main · Foulest/Osprey

Browser extension that protects you from malicious websites. - Foulest/Osprey
github.com github.com
 
Last edited:
  • Like
  • Hundred Points
  • +Reputation
Reactions: piquiteco, Jonny Quest, Viking and 8 others
CyberDevil

CyberDevil

Level 10
Verified
Well-known
Apr 4, 2021
462
Andrew999 said:
Has anyone checked the privacy on this extension? I am a bit worried about it collecting my browsing history and storing it.
Click to expand...
I tested the extension a couple versions ago using AI. You can find it in this thread. It doesn't pass anything except your URLs and sometimes parameters. Obviously your history will leak, as well as your IP data, but this is typical for any security extension except Emsisoft. Nevertheless, all data goes to a trustworthy provider, and it's up to you to choose who you trust. Maybe later I'll check the actual version, but I don't have time for that right now :)
 
  • Like
  • +Reputation
Reactions: piquiteco, Jonny Quest, Virtuoso and 6 others
Foulest

Foulest

Level 2
Apr 4, 2025
60
goodjohnjr said:
Yeah, when I went to report the false positives to MalwareURL Protection, they told me to uninstall the Osprey Browser Protection extension because it was illegal & its usage has been blocked. 👀
Click to expand...
They sent a cease and desist, which they had every right to do considering I was using their API without their explicit consent, and within 30 minutes the 1.2.2 update was pushed and MalwareURL was removed. It isn't exactly the worst case scenario for something like this to happen, but it's up there.

I wouldn't expect this type of thing to happen much or at all in the future, but if it does happen with any other provider that isn't an official partner, they will be removed from Osprey effective immediately, as per their request. I wouldn't expect this to happen at all with any DNS-based provider like Quad9, as all of them are public DNS servers.
 
  • Like
  • +Reputation
Reactions: piquiteco, Jonny Quest, simmerskool and 4 others
Fan-of-spyshelter

Fan-of-spyshelter

Level 2
Sep 21, 2022
71
@Foulest,

if you pretend to be an official partner of PrecisionSec (behind a private agreement),

where are the legals therms, accessibility, and privacy policy on the website about the CEO from PrecisionSec,
i d'ont see it, this is an obligation for every website in the World Wide Web (inside USA and CANADA), can you mention it ?

for u clear information :
digital.gov

Checklist of requirements for federal websites and digital services

Links to relevant laws, policies, and regulations for federal agencies.
digital.gov digital.gov
 
  • Thanks
  • Wow
Reactions: piquiteco and goodjohnjr
simmerskool

simmerskool

Level 43
Verified
Top Poster
Well-known
Apr 16, 2017
3,200
goodjohnjr said:
Yeah, when I went to report the false positives to MalwareURL Protection, they told me to uninstall the Osprey Browser Protection extension because it was illegal & its usage has been blocked. 👀
Click to expand...
good info but I'll keep using Osprey until further notice :D

Vitali Ortzi said:
Osprey itself doesn't collect data it's the providers inside that get the urls to check
And if you care about privacy select only providers with good privacy policys like quad9 inside osprey
Click to expand...
any chance you or some other knowledgeable person can rank the providers re privacy? The point of Osprey is to use more (is better than 1)... Emsisoft is supposed to be private...
 
Last edited by a moderator:
  • Like
Reactions: piquiteco and Gandalf_The_Grey
Vitali Ortzi

Vitali Ortzi

Level 31
Verified
Top Poster
Well-known
Dec 12, 2016
2,052
simmerskool said:
any chance you or some other knowledgeable person can rank the providers re privacy? The point of Osprey is to use more (is better than 1)... Emsisoft is supposed to be private...
Click to expand...
you will have to check each privacy policy and interests
Some may log temporarily like emsisoft quad 9 etc and some may store data longer or use it internally and maybe even externally like Norton

But in general the have pretty limited information because osprey strips the url "Osprey strips down each URL of tracking parameters"
So they will only have the url , IP , user agent and the user agent can be modified , IP (proxy , VPN )
so essentially they will have limited use for the data (the information collected won't be very useful for advertisers but should be more then enough for governments to pinpoint the user )

Me personally I have all providers enabled on my system


simmerskool said:
good info but I'll keep using Osprey until further notice :D
Click to expand...
Well if the providers didn't strike it immediately like malwareurl then there isn't a big chance they would block public api usage in the future another tip is to select only providers that allow public api usage wich is the majority (look for their tos )

But hell worst case and an API gets blocked you will just have to disable that provider as it will be blocked till it's removed from osprey in an update
 
Last edited by a moderator:
  • Like
  • Thanks
Reactions: piquiteco, simmerskool, Gandalf_The_Grey and 2 others
Vitali Ortzi

Vitali Ortzi

Level 31
Verified
Top Poster
Well-known
Dec 12, 2016
2,052
CyberDevil said:
I tested the extension a couple versions ago using AI. You can find it in this thread. It doesn't pass anything except your URLs and sometimes parameters. Obviously your history will leak, as well as your IP data, but this is typical for any security extension except Emsisoft. Nevertheless, all data goes to a trustworthy provider, and it's up to you to choose who you trust. Maybe later I'll check the actual version, but I don't have time for that right now :)
Click to expand...
You can always check the code yourself as it's JavaScript
Not assembly and it doesn't have a ton of code as it's pretty much the minimum required for the extension to function unlike other bloated extensions
 
  • Like
  • +Reputation
Reactions: piquiteco, Virtuoso, simmerskool and 1 other person
Parkinsond

Parkinsond

Level 18
Dec 6, 2023
887
Vitali Ortzi said:
you will have to check each privacy policy and interests
Some may log temporarily like emsisoft quad 9 etc and some may store data longer or use it internally and maybe even externally like Norton

But in general the have pretty limited information because osprey strips the url "Osprey strips down each URL of tracking parameters"
So they will only have the url , IP , user agent and the user agent can be modified , IP (proxy , VPN )
so essentially they will have limited use for the data (the information collected won't be very useful for advertisers but should be more then enough for governments to pinpoint the user )


Me personally I have all providers enabled on my system
Click to expand...
Personally, I trade privacy for security.
 
  • Applause
  • +Reputation
Reactions: piquiteco and Vitali Ortzi

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review Osprey Browser Protection Reviews
Replies
50
Views
6,023
Video Reviews - Security and Privacy
Trooper
Trooper
Vitali Ortzi
    • Like
    • +Reputation
    • Applause
Hot Take extensions can help a lot against phishing
Replies
31
Views
3,222
Web Extensions
bazang
bazang
Fan-of-spyshelter
    • Like
    • Thanks
New Update Fight Phishing and Malicious code by Taking Control of Mobile Links
Replies
2
Views
470
Other security for Android & iOS
Fan-of-spyshelter
Fan-of-spyshelter

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top