Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Browsers
Web Extensions
Osprey Browser Protection discussion and updates
Message
<blockquote data-quote="Marko :)" data-source="post: 1124039" data-attributes="member: 39702"><p>That's great, but this doesn't necessary mean the extension is perfect. Visiting a website is completely different from loading one particular resource. Just look at the number of requests your web browser makes when you're opening MalwareTips, and when you visit a direct link to download one particular file.</p><p></p><p>If you're willing, we can continue testing it...</p><p></p><p>1. Create an .html file using Notepad and replace URL_TO_MALICIOUS_FILE with real link leading to it.</p><p>[CODE=html]<html></p><p> <head></p><p> <title>Osprey test</title></p><p> </head></p><p><body></p><p> <h1>Osprey test</h1><br></p><p> <a target="_self" href="URL_TO_MALICIOUS_FILE">link to malicious file</a></p><p> <a target="_blank" href="URL_TO_MALICIOUS_FILE" >link to malicious file (new tab)</a></p><p></body></p><p></html>[/CODE]</p><p></p><p>2. Open your web browser, disable built-in phishing and malware protection (we want Osprey to detect it) and then open that .html file in it.</p><p>3. Click those two "link to malicious file" and see if Osprey will react in all cases.</p><p></p><p>What will this test do? It will show us if Osprey detects only when the main website is malicious or it will detect the malicious hyperlinks too. We need to test the extension throroughly and to make test as much as close to reality as we can. Just collecting bunch of links from malware dumps and opening one by one link in the web browser isn't really a real use-case scenario.</p><p></p><p>Absolutely. I never encountered an exploit at the first place, which is why I have relaxed stance on security and don't burden my PC with security software. On this forum I encountered many very paranoid people so this is purely because of them.</p><p></p><p>I think it only blocks whole page as to block particular scripts, Osprey would need to send all URLs for check.</p></blockquote><p></p>
[QUOTE="Marko :), post: 1124039, member: 39702"] That's great, but this doesn't necessary mean the extension is perfect. Visiting a website is completely different from loading one particular resource. Just look at the number of requests your web browser makes when you're opening MalwareTips, and when you visit a direct link to download one particular file. If you're willing, we can continue testing it... 1. Create an .html file using Notepad and replace URL_TO_MALICIOUS_FILE with real link leading to it. [CODE=html]<html> <head> <title>Osprey test</title> </head> <body> <h1>Osprey test</h1><br> <a target="_self" href="URL_TO_MALICIOUS_FILE">link to malicious file</a> <a target="_blank" href="URL_TO_MALICIOUS_FILE" >link to malicious file (new tab)</a> </body> </html>[/CODE] 2. Open your web browser, disable built-in phishing and malware protection (we want Osprey to detect it) and then open that .html file in it. 3. Click those two "link to malicious file" and see if Osprey will react in all cases. What will this test do? It will show us if Osprey detects only when the main website is malicious or it will detect the malicious hyperlinks too. We need to test the extension throroughly and to make test as much as close to reality as we can. Just collecting bunch of links from malware dumps and opening one by one link in the web browser isn't really a real use-case scenario. Absolutely. I never encountered an exploit at the first place, which is why I have relaxed stance on security and don't burden my PC with security software. On this forum I encountered many very paranoid people so this is purely because of them. I think it only blocks whole page as to block particular scripts, Osprey would need to send all URLs for check. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
