Advice Request Privacy settings in Edge, and when using AdGuard for desktop.

[plat]

Yeah, I also switched it (tacking prevention) off in Edge altogether as sites were not loading properly w/latest AdGuard and requiring a refresh. After doing that, pages loaded fine, as they should.

One little caveat for those people running Insider builds. The latest AdGuard has some new features in the Stealth Mode section. I wasn't getting the latest Insiders KB 5003345 (Feature Experience Pack). It turns out I was shut out because somehow the crucial "optional telemetry" setting was toggled to "basic."
One of the new AdGuard features "Disable Windows Telemetry" had been toggled to "on." I switched it off but had to re-enable optional telemetry, restart, blah, blah, blah.

Prob. should review these new features and make sure they're not "on" when you prefer them off.

Spoiler

 

[Ink]

I have tracking prevention off in edge. I don't want to use browser tracking prevention if i already have a dedicated software for it. Adguard will do a far better job than any browser IMO.

Is that Adguard for Desktop, or Adguard browser extension?

 

[amirr]

See Should i turn built-in adblocker off in browser?? where it's recommended to turn off your browsers built-in adblocker.
Edit: Another post on Adguard Forum with this advice:

Join discussions, like, and share | AdGuard

Join our community in social media and discuss AdGuard there.

forum.adguard.com

So you turned off the Tracking prevention in the Edge?

 

[Templarware]

I personally don't have those problems that you are facing, so I'm happy with it. Also, I think that you also know that more extensions lead to a bigger attack surface, slow down browsing speed and also are counterproductive for your browsing fingerprint. But to each his own.

Extensions don't really increase attack surface, because extensions are sandboxed within the browser (a security measure implemented in modern browsers), and because it wouldn't make much sense for attackers to target the kinds of extensions used by those who actually know the risks of online threats and ads and use such tools to enhance their safety/browsing. Source: Malwarebytes Forums Staff
I don't think that using security extensions which millions of people also use will contribute much for your "fingerprint". Not using extensiosn also gives you "fingerprint"

 

[Arequire]

Extensions don't really increase attack surface, because extensions are sandboxed within the browser

I don't agree with that at all. Sure, extensions can't 'infect' a system like traditional malware can, but a compromised extension can potentially access all data stored on that system depending on the permissions granted to it.

it wouldn't make much sense for attackers to target the kinds of extensions used by those who actually know the risks of online threats and ads and use such tools to enhance their safety/browsing.

I don't think the userbase has much bearing on anything. An attacker compromising or purchasing a popular extension and suddenly gaining access to all the data from tens of millions of browsers must be like hitting the jackpot.

 

[Nightwalker]

Extensions don't really increase attack surface, because extensions are sandboxed within the browser (a security measure implemented in modern browsers), and because it wouldn't make much sense for attackers to target the kinds of extensions used by those who actually know the risks of online threats and ads and use such tools to enhance their safety/browsing. Source: Malwarebytes Forums Staff
I don't think that using security extensions which millions of people also use will contribute much for your "fingerprint". Not using extensiosn also gives you "fingerprint"

This doesnt make any sense and it is wrong is so many ways, by this logic Chromium browsers are impervious to vulnerabilities because they run in a fairly powerful sandbox with limited rights.

For years browsers extensions have been consistently a source of attacks, this isnt an opinion, it is a fact, because of that Google was forced to adopt Manifest v3 (no, it isnt all about adblockers) and to have more strict control and rules in Chrome Store.

Extensions can be a source of memory leak and other kind of performance problems too, this is all very documented.

Examples:

Naked Security – Sophos News

nakedsecurity.sophos.com

Websites Can Exploit Browser Extensions to Steal User Data

Web applications can exploit browser extensions to access privileged capabilities and steal sensitive user information, including credentials, a researcher has discovered.

www.securityweek.com

Surprise (not): Extensions may impact a browser's performance - gHacks Tech News

Installed browser extensions may impact the web browser's performance in regards to CPU usage and the loading of websites.

www.ghacks.net

How Chrome extensions are making organisations vulnerable to attack

Chrome extensions provide a richer experience for their users, but a cottage industry of malicious Chrome extensions has emerged

www.information-age.com

Websites Can Exploit Browser Extensions to Steal User Data

Web applications can exploit browser extensions to access privileged capabilities and steal sensitive user information, including credentials, a researcher has discovered.

www.securityweek.com

https://www.sysnet.ucsd.edu/~voelker/pubs/malextend-cset17.pdf

 

[Jan Willy]

So you turned off the Tracking prevention in the Edge?

IMHO is an important value of the MT-forum to shed lights on issues from different sides. That was the goal of my message. Finally everybody has to make his own choice, which can depend of other choises. I have decided to leave the main part of ad- and tracker filtering on DNS-level. I use Adguard for Windows because of his Stealth Mode and for filtering things that can't be done on DNS-level. There is no task left for the browser.

 

[rndmblk]

IMHO is an important value of the MT-forum to shed lights on issues from different sides. That was the goal of my message. Finally everybody has to make his own choice, which can depend of other choises. I have decided to leave the main part of ad- and tracker filtering on DNS-level. I use Adguard for Windows because of his Stealth Mode and for filtering things that can't be done on DNS-level. There is no task left for the browser.

So true, especially the part about choices depending on one another. I choose to use a particular browser on my phone and benefit from AdGuard on android because otherwise I'd have minimal blocking. However, I prefer to use uBlock on my Windows browser even my licence would allow me to install AdGuard there too.

 

[shukla44]

Is that Adguard for Desktop, or Adguard browser extension?

AdGuard for Windows

 

[Kongo]

Extensions don't really increase attack surface, because extensions are sandboxed within the browser (a security measure implemented in modern browsers), and because it wouldn't make much sense for attackers to target the kinds of extensions used by those who actually know the risks of online threats and ads and use such tools to enhance their safety/browsing. Source: Malwarebytes Forums Staff
I don't think that using security extensions which millions of people also use will contribute much for your "fingerprint". Not using extensiosn also gives you "fingerprint"

As the others already stated above, extensions can be a security risk. About the fingerprint, you are definitely right. I mean I am also using extensions that aren’t wide spread, but in the end it’s all about the amout of extensions. Even changing browser settings can increase uniqueness, but it matters how much it affects it. Tbh, I was a little drifting away from my main statement that Adguard Windows isn’t bloat, and I still have the same opinion.

 

[Templarware]

As the others already stated above, extensions can be a security risk. About the fingerprint, you are definitely right. I mean I am also using extensions that aren’t wide spread, but in the end it’s all about the amout of extensions. Even changing browser settings can increase uniqueness, but it matters how much it affects it. Tbh, I was a little drifting away from my main statement that Adguard Windows isn’t bloat, and I still have the same opinion.

If you use any extensions from Chrome store, of course they a security risk. But if you use only carefully trusted selected extensions, especially the likes of uBlock, Malwarebytes or WoT, they won't make you vulnerable. I don't like programs running in the desktop, consuming Ram and CPU when I'm gaming.

 

[Gandalf_The_Grey]

If you use any extensions from Chrome store, of course they a security risk. But if you use only carefully trusted selected extensions, especially the likes of uBlock, Malwarebytes or WoT, they won't make you vulnerable. I don't like programs running in the desktop, consuming Ram and CPU when I'm gaming.

Mostly agree with you but WOT slipped up in the past.
It was pulled from the stores in 2016 for selling the browsing history of its users.

Mozilla and Google remove WOT extension from Store - gHacks Tech News

The popular browser extension Web of Trust is no longer available on the Firefox add-on repository or the Google Chrome Web Store.

www.ghacks.net

They had to change that behavior before being accepted in the stores again.
They are not my list of reputable extensions anymore.
And please write uBlock Origin, there is still a (bad fork) uBlock extension on the Chrome store... but that is another story.

 

[Templarware]

Mostly agree with you but WOT slipped up in the past.
It was pulled from the stores in 2016 for selling the browsing history of its users.

Mozilla and Google remove WOT extension from Store - gHacks Tech News

The popular browser extension Web of Trust is no longer available on the Firefox add-on repository or the Google Chrome Web Store.

www.ghacks.net

They had to change that behavior before being accepted in the stores again.
They are not my list of reputable extensions anymore.

I know, I just mentioned WoT because of it being included in AdGuard for desktop. The debate here is about is Adguard for desktop.
I kinda like WoT... I just don't use it because it makes Facebook extremely slow. And some websites get reviews based on people's tastes... For example, Trump's website gets negative reviews because of his political opinions.

 

[Gandalf_The_Grey]

I know, I just mentioned WoT because of it being included in AdGuard for desktop. The debate here is about is Adguard for desktop.
I like WoT, I just don't use it because it makes Facebook extremely slow.

I know what is the debate here, but you mentioned extensions...
I don't like WOT, just because of the reason you mentioned: some websites get reviews based on people's tastes.

To add to the debate. I would keep Edge tracking prevention on balanced when using AdGuard desktop because it still blocks the biggest offenders while not interfering with your day to day browsing. Like with security a layered approach helps.

 

[Templarware]

I know what is the debate here, but you mentioned extensions...

To add to the debate. I would keep Edge tracking prevention on balanced when using AdGuard desktop because it still blocks the biggest offenders while not interfering with your day to day browsing. Like with security a layered approach helps.

WoT is WoT, does not matter if it's an extension or part of Adguard's desktop client. My point was that I prefer to use the extension instead of adding more stuff to the entire system.

 

[Gandalf_The_Grey]

WoT is WoT, does not matter if it's an extension or part of Adguard's desktop client. My point was that I prefer to use the extension instead of adding more stuff to the entire system.

Well in the case of WOT I would use the AdGuard option, because you are already running and trusting AdGuard on your system instead of adding an extra extension. In the 2016 debacle AdGuard made sure that their implementation of WOT didn't expose the user's browser history to WOT. So at least at that time the AdGuard option was much safer.

 

[Templarware]

I prefer not using WoT neither Adguard uBlock Origin + Malwarebytes Browser Guard is my go to.