floalma

Level 4
Verified
Hi,

I'm trying to run both addons in Firefox.

Ublock Origin for static filters, cosmetic filters, CSP reports, javascript options and picker, zapper that are missing in UM.

Umatrix for dynamic filters.

I have a few questions :

1. The static filters in UM, are they really effective as UBO static filters ?

2. Have you already tried UM and UBO ? Which method or settings you're using ?

3. Questions about static filters, have you already compared the data list from your different static filters and check if they overlapped each others. Make a clean filter list cleaned from duplicated. Or any others method that you use to choose one filter list over another.

Thanks for your contribution :)
 

Spawn

Administrator
Verified
Staff member
Check out these topics.


 

floalma

Level 4
Verified
@security123
I already read some tips about uMatrix but I didn't find answers to my questions.

uMatrix in whitelist mode, I don't see it the "Whitelist mode" in uMatrix. On UBO, yes, there is a whitelist mode but not in uMatrix.

Have you tried in the past the uMatrix static filters against UBO filters with the same filters, is there any difference ?

1: you should read their wiki

2: yes. For years I used uBlock origin in blacklist mode and uMatrix in whitelist mode
@Spawn
I will read it.
 

security123

Level 16
Have you tried in the past the uMatrix static filters against UBO filters with the same filters, is there any difference ?
No as it doesn't make sense. uMatrix can't handle website elements but whole domains/ URLs.
Anyway this doesn't work nowadays anymore because of CNAME and also moved third-party stuff to First-Party. This affect every blocking tool
 

floalma

Level 4
Verified
I only had one static filters with uMatrix, I will disable.

These are my rules :
* * * block
* * css allow
* * frame block
* * image allow
* 1st-party * allow
* 1st-party frame allow
 
Last edited:

Lenny_Fox

Level 11
uMatrix default settings

Firstly I don't understand the default settings in uMatrix

* * * block
* * css allow
* * frame block
* * image allow
* 1st-party * allow
* 1st-party frame allow

The block and allow frame seems to be reducndant, when I remove this redundant rule uMa seems to work the same (the block and allow for frames, are removed, uMa does the same, allow first party, block anaything else except stylesheets and images).

* * * block
* * css allow
* * image allow
* 1st-party * allow

Since most browsers have flash disabled and most websites offer HTML video, the risk of playing videos is limited (in Chromium based browsers you can still enable the GPU sandbox in flags), so for ease of use, the default could be changed to

* * * block
* * css allow
* * image allow
* * media allow
* 1st-party * allow

Using them together
Only when you want to selectively control the different categories in uMa (specifically XHR) I don't see a use case for using them together. When you want to use them together then I would be as much concerned about websocket (for security) as WebRTC (for privacy) as I would be for XHR. The reasons to justify all the hassle for the added benefit of controlling XMLHTTPRequests in uMa. Sort of feels a half baked granula control (why no WebRTC and WebSocket)?

What happened to uBO?
I installed uBO and uMa to have a look and could not find the element zapper/picker anymore in the user interface. Am I overlooking it or has this been removed?


P.S.I dropped both uBO and uMa
Currently using Edge with two user profiles (one default, one with strict site and privacy permission). I have added AdGuard, in the strict user profile just because it has such an easy to use 'element picker' (missed ads feature). AG runs with no block files. Its only function is to compensate for the disabled Smartscreen with its own Chrome/Yandex based phishing and malware protection and to occasionally hide ads missed by Edge's internal anti-tracking.

So in my case uMA's static host file based filtering is replaced by Edge build-in tracking protection and uBO's cosmetic filtering is replaced by AdGuard. The high level TLD limitation is implemented using javascript (web) ssite permissions. It is not as good as medium mode dynamic filtering in uBO, but a lot easiier to use (Edge shows a javascript blocked warning in the address bar, so I know I should enable a website).

1593583013394.png

I added startpage javascript blocking, to hide the ads in Startpage (which I am using as default search engine in Edge strict mode).
 
Last edited:
Top