New Update Osprey Browser Protection discussion and updates

Add-on/Extension Page
https://github.com/Foulest/Osprey
https://chromewebstore.google.com/detail/osprey-browser-protection/jmnpibhfpmpfjhhkmpadlbgjnbhpjgnd
https://microsoftedge.microsoft.com/addons/detail/osprey-browser-protectio/nopglhplnghfhpniofkcopmhbjdonlgn
https://addons.mozilla.org/en-US/firefox/addon/osprey-browser-protection/
simmerskool said:
@Foulest (et al) today 01 June MalwareURLProtection was producing a false positive for every good website I visit every day so I disabled it for now.
Click to expand...
Yeah, when I went to report the false positives to MalwareURL Protection, they told me to uninstall the Osprey Browser Protection extension because it was illegal & its usage has been blocked. 👀
 
  • Wow
  • Hundred Points
  • Like
Reactions: piquiteco, Jonny Quest, simmerskool and 5 others

Changes in 1.2.2

  • Removed MalwareURL as a protection provider
  • Added PrecisionSec as an Official Partner
  • Fixed incognito pages not working in Chrome
  • Disabled Compromised protections for Symantec
  • Improved processing cache logic
  • Updated Quad9 implementation
  • Updated report contact info
  • Improved debug messages
This update has been submitted to all extension stores.
Click to expand...
github.com

Release 1.2.2 · Foulest/Osprey

Changes in 1.2.2 Removed MalwareURL as a protection provider Added PrecisionSec as an Official Partner Fixed incognito pages not working in Chrome Disabled Compromised protections for Symantec Imp...
github.com github.com
 
  • Like
  • +Reputation
Reactions: piquiteco, Virtuoso, simmerskool and 10 others
goodjohnjr said:
Yeah, when I went to report the false positives to MalwareURL Protection, they told me to uninstall the Osprey Browser Protection extension because it was illegal & its usage has been blocked. 👀
Click to expand...
That's basically the worst case that can happen if a provider decides to block api usage
 
  • Like
Reactions: piquiteco, simmerskool, Foulest and 4 others
Andrew999 said:
Has anyone checked the privacy on this extension? I am a bit worried about it collecting my browsing history and storing it.
Click to expand...
Osprey itself doesn't collect data it's the providers inside that get the urls to check
And if you care about privacy select only providers with good privacy policys like quad9 inside osprey
 
  • Like
  • Thanks
  • +Reputation
Reactions: piquiteco, Jonny Quest, simmerskool and 2 others
Vitali Ortzi said:
Osprey itself doesn't collect data it's the providers inside that get the urls to check
And if you care about privacy select only providers with good privacy policys like quad9 inside osprey
Click to expand...
All free security extensions collect data; Osprey has the advantage of variable, wide database, with the lightest implementation; it is the lightest of all.
 
  • Like
Reactions: piquiteco, simmerskool, Vitali Ortzi and 1 other person
Osprey strips down each URL of tracking parameters before sending it to any APIs.

For example:
  1. If you search for shirts on Amazon and visit: https://www.amazon.com/s?k=shirts&crid=3TOVSW14ZHF8V&sprefix=shirt,aps,175&ref=nb_sb_noss_1
  2. Osprey will only send https://amazon.com/s to any APIs you have enabled.
  3. If the APIs report that the page is safe to visit, Osprey caches the result for 24 hours.
  4. It will also be cached if you click 'Continue anyway' or 'Temporarily allow this website' on a blocked site.
  5. As long as a URL is cached, no new network requests will be made for it.
The only data the APIs receive is the stripped-down URL, your user agent, and your IP address. Use a reputable VPN or proxy service if you're concerned about IP-related privacy. There are also extensions that mask your user agent, if you're so inclined.

As for why Osprey needs to check complete URLs instead of just the domain, many phishing attacks use legitimate companies to host their phishing campaigns, such as Jotform. If Osprey only checked a website's domain name, it wouldn't detect those threats. Osprey only sends your hostname to its various DNS API providers, so if you're highly concerned about URL page privacy, the DNS APIs are there for you.
Click to expand...
github.com

GitHub - OspreyProject/Osprey: Browser extension that protects you from malicious websites.

Browser extension that protects you from malicious websites. - OspreyProject/Osprey
github.com github.com
Osprey may contain affiliate links to products or services. If you click on an affiliate link and make a purchase, we may receive a commission at no additional cost to you. This helps support the development of Osprey.
Click to expand...
github.com

Osprey/.github/PRIVACY.md at main · OspreyProject/Osprey

Browser extension that protects you from malicious websites. - OspreyProject/Osprey
github.com github.com
 
Last edited:
  • Like
  • Hundred Points
  • +Reputation
Reactions: piquiteco, Jonny Quest, Viking and 8 others
Andrew999 said:
Has anyone checked the privacy on this extension? I am a bit worried about it collecting my browsing history and storing it.
Click to expand...
I tested the extension a couple versions ago using AI. You can find it in this thread. It doesn't pass anything except your URLs and sometimes parameters. Obviously your history will leak, as well as your IP data, but this is typical for any security extension except Emsisoft. Nevertheless, all data goes to a trustworthy provider, and it's up to you to choose who you trust. Maybe later I'll check the actual version, but I don't have time for that right now :)
 
  • Like
  • +Reputation
Reactions: piquiteco, Jonny Quest, Virtuoso and 6 others
goodjohnjr said:
Yeah, when I went to report the false positives to MalwareURL Protection, they told me to uninstall the Osprey Browser Protection extension because it was illegal & its usage has been blocked. 👀
Click to expand...
They sent a cease and desist, which they had every right to do considering I was using their API without their explicit consent, and within 30 minutes the 1.2.2 update was pushed and MalwareURL was removed. It isn't exactly the worst case scenario for something like this to happen, but it's up there.

I wouldn't expect this type of thing to happen much or at all in the future, but if it does happen with any other provider that isn't an official partner, they will be removed from Osprey effective immediately, as per their request. I wouldn't expect this to happen at all with any DNS-based provider like Quad9, as all of them are public DNS servers.
 
  • Like
  • +Reputation
Reactions: piquiteco, Jonny Quest, simmerskool and 4 others
@Foulest,

if you pretend to be an official partner of PrecisionSec (behind a private agreement),

where are the legals therms, accessibility, and privacy policy on the website about the CEO from PrecisionSec,
i d'ont see it, this is an obligation for every website in the World Wide Web (inside USA and CANADA), can you mention it ?

for u clear information :
digital.gov

Checklist of requirements for federal websites and digital services

Links to relevant laws, policies, and regulations for federal agencies.
digital.gov digital.gov
 
  • Thanks
  • Wow
Reactions: piquiteco and goodjohnjr
goodjohnjr said:
Yeah, when I went to report the false positives to MalwareURL Protection, they told me to uninstall the Osprey Browser Protection extension because it was illegal & its usage has been blocked. 👀
Click to expand...
good info but I'll keep using Osprey until further notice :D

Vitali Ortzi said:
Osprey itself doesn't collect data it's the providers inside that get the urls to check
And if you care about privacy select only providers with good privacy policys like quad9 inside osprey
Click to expand...
any chance you or some other knowledgeable person can rank the providers re privacy? The point of Osprey is to use more (is better than 1)... Emsisoft is supposed to be private...
 
Last edited by a moderator:
  • Like
Reactions: piquiteco and Gandalf_The_Grey
simmerskool said:
any chance you or some other knowledgeable person can rank the providers re privacy? The point of Osprey is to use more (is better than 1)... Emsisoft is supposed to be private...
Click to expand...
you will have to check each privacy policy and interests
Some may log temporarily like emsisoft quad 9 etc and some may store data longer or use it internally and maybe even externally like Norton

But in general the have pretty limited information because osprey strips the url "Osprey strips down each URL of tracking parameters"
So they will only have the url , IP , user agent and the user agent can be modified , IP (proxy , VPN )
so essentially they will have limited use for the data (the information collected won't be very useful for advertisers but should be more then enough for governments to pinpoint the user )

Me personally I have all providers enabled on my system


simmerskool said:
good info but I'll keep using Osprey until further notice :D
Click to expand...
Well if the providers didn't strike it immediately like malwareurl then there isn't a big chance they would block public api usage in the future another tip is to select only providers that allow public api usage wich is the majority (look for their tos )

But hell worst case and an API gets blocked you will just have to disable that provider as it will be blocked till it's removed from osprey in an update
 
Last edited by a moderator:
  • Like
  • Thanks
Reactions: piquiteco, simmerskool, Gandalf_The_Grey and 2 others
CyberDevil said:
I tested the extension a couple versions ago using AI. You can find it in this thread. It doesn't pass anything except your URLs and sometimes parameters. Obviously your history will leak, as well as your IP data, but this is typical for any security extension except Emsisoft. Nevertheless, all data goes to a trustworthy provider, and it's up to you to choose who you trust. Maybe later I'll check the actual version, but I don't have time for that right now :)
Click to expand...
You can always check the code yourself as it's JavaScript
Not assembly and it doesn't have a ton of code as it's pretty much the minimum required for the extension to function unlike other bloated extensions
 
  • Like
  • +Reputation
Reactions: piquiteco, Virtuoso, simmerskool and 1 other person
Vitali Ortzi said:
you will have to check each privacy policy and interests
Some may log temporarily like emsisoft quad 9 etc and some may store data longer or use it internally and maybe even externally like Norton

But in general the have pretty limited information because osprey strips the url "Osprey strips down each URL of tracking parameters"
So they will only have the url , IP , user agent and the user agent can be modified , IP (proxy , VPN )
so essentially they will have limited use for the data (the information collected won't be very useful for advertisers but should be more then enough for governments to pinpoint the user )


Me personally I have all providers enabled on my system
Click to expand...
Personally, I trade privacy for security.
 
  • Applause
  • +Reputation
Reactions: piquiteco and Vitali Ortzi

You may also like...