Decopi

Level 2
I did a test of comodo firewall web filter... realtime while CF isn't updated
@Evjl's Rain , please, can you explain more details about your settings at CF web filter?
Do you just enable it and update it?
Or do you changed filters, other settings etc?
I ask because the CF web filter always was known as terrible.
Thks
 

Gandalf_The_Grey

Level 20
Verified
hi, I think google chrome will warn you about the safety of the files after you download them and I think it should be counted
chrome only shows a red/block page sometimes
on my test, chrome scored very high

similarly to Edge. It lets you download then ask you to keep or delete the files
You could be right, but my test was not fair to Chrome because Kaspersky was enabled and blocked the links first.
To test just Chrome I should have disabled or uninstalled Kaspersky.
I just wanted to know how my setup worked and especially Kaspersky.
 

Evjl's Rain

Level 43
Verified
Trusted
Content Creator
Malware Hunter
@Evjl's Rain , please, can you explain more details about your settings at CF web filter?
Do you just enable it and updated?
Or do you changed filters, other settings etc?
I ask because the CF web filter always was known as terrible.
Thks
I enabled the web filter and updated it. Then, it started to work properly
I never use comodo web filter because I also heard it was terrible. I don't do any change to it
I think if we disable it and update, CF won't download the new database for it
it only downloads for enabled components
 
  • Like
Reactions: Nestor and Decopi

Moonhorse

Level 26
Verified
Content Creator
I do respect your opinion.
In fact, I believe that the "best combo" is just the combo the user like.
It doesn't exist such thing like "the best universal solution".

Having said that, technically speaking, sometimes the less the better.
For example, even recognizing that Avast AV have the lowest system impact, its Web Shield slows down browser speed, and also creates conflicts with TLS. In other words, many users don't feel system impact, or don't care. But not just system impact always exists, but worse, it creates conflicts. Firefox has interesting researches showing how add-ons, antivirus etc interfere with the browser. It is a fact: The less, the better.
So, instead antivirus, even average users should be better protected with an anti-executable + a kind of K9 blocker working at system level (if they can't use Pi-Hole).

My very personal subjective opinion is that having thousand of new malwares and risk-wares appearing everyday... antivirus/anti-malwares are obsolete. And add-ons with hosts... are extincted dinosaurs.
Intelligent anti-executables should replace them. CF+CS settings is a good start. VTZilla is another piece of art.

Conclusion: If we have less system resources strategies, with high blocking rates... then we should focus on them.
either voodooshield or comodo firewall is enough, you can have the antivirus but just disable web shield if you want to

Personally im running neustar business production dns, since i feel most of stuff comes from either adult sites / torrenting, i dont use them and only visit same sites day by day but theres always possiblities im gonna get clickbaited to something like that wich could contain something sketchy

I prefer use k9 or forticlient to do web filtering outside of browser ( system level) and only have adblocker in browser ( built-in better)

Just cant use k9 at the moment because it conflicts with the game client i use, causes me to disconnect from game every 5 minutes.

I already contacted them last week , but no answer yet
 

Moonhorse

Level 26
Verified
Content Creator
When I run Firefox as another (limited) user in Windows7, MBAM seems to be the cause that 2 Firefox processes are not closed (under that other limited and contained user). Luckily thanks to your tests :emoji_ok_hand: (@Evjl's Rain ) I have replaced it with Comodo add-on which run with no problem (y)
Im using malwarebytes, but have to disable ad/tracker protection either it conflicts with ublock origin. Also using half less ram that way
 

Evjl's Rain

Level 43
Verified
Trusted
Content Creator
Malware Hunter
Im using malwarebytes, but have to disable ad/tracker protection either it conflicts with ublock origin. Also using half less ram that way
malwarebytes is still in beta
I admit it did cause a problem for me so I was forced to remove it
it caused a few websites not displaying correctly although I disabled everything and added those websites to exclusion

I used hphosts emd and pup instead. They are not as good but okay
 

Decopi

Level 2
@Evjl's Rain ... I couldn't wait, I did a quick test now on CF web filter (enabled/disabled it + updated it many times before testing + restarted computer)... and results were bad: 14/25.
But, considering that 2 links of your sample seem to be already dead, my real result was 12/23.
I will do further tests during the week. But my first impression is not good.

PS: With regards Pi-Hole, a have tons of lists there. It is a mess. I need to organize and clean it. Because it is not affecting my system performance + it is blocking almost everything, I became negligent with the lists. In the other hand, this is another positive point for Pi-Hole, it doesn't matter if you put thousand lists there, it is almost not affecting computer or browser performance. The main advantage of Pi-Hole is not the lists, but the computer performance.
 
  • Like
Reactions: Moonhorse

goodjohnjr

Level 1
Updated 18/7/2018

sorry, no time to test more
Dropbox - test 18-7-2018.txt

chrome: 20/25
WDBP: 16/25
comodo: 15/25
ublock (default): 1/25
ublock (+custom): 20/25
avira: 20/25
Malwarebytes: 24/25
Bitdefender TL: 1/25 (expected)
avast: 0/25 (expected)
adguard (+custom): 1/25 (expected)
Edge: 24/25

DNS:
norton: 2/25
Quad9: 2/25
Neustar: 9/25

best list: hphosts > squidblacklist >>> AdZ >>> others = 1 or 0

list of applied ublock filters: default + these
hphosts+hphosts partial = all individual hosts combine (emd, hjk, exp, fsh,...)

my setup: Chrome + ublock (hphosts EMD+PUP) + comodo online security + WDBP + Norton Safe Web = 25/25
Thank you Evjl's Rain for the new test and for adding the Avast and Bitdefender and Adguard browser extensions; I am disappointed in how they performed, and this proves that you were correct about them and now I clearly can understand their removal from these tests (unless they magically improve one day).

Are the Avira, Malwarebytes, and Norton browser extensions the only browser extensions in your tests that also scan file downloads made in the browser?

Keep up the good work,
-John Jr
 
Last edited:
  • Like
Reactions: Evjl's Rain

Evjl's Rain

Level 43
Verified
Trusted
Content Creator
Malware Hunter
Are the Avira, Malwarebytes, and Norton browser extensions the only ones in your tests that also scan file downloads made in the browser?
hi, avira, norton, malwarebytes are able to block the links before the browser can download the files but I don't think they are able to scan the files after being downloaded
Only google chrome safe browsing and edge browser can do that effectively
firefox is lacking behind those 2 for some reasons although firefox also uses google safe browsing
WDBP can also block links but it still allows some of blocked files to be downloaded => I think it's bug. I may report it later but won't hope for a reply from MS

I don't know why norton has been crap in recent tests!?? perhaps something is wrong in the company?
same as avira last month
 

goodjohnjr

Level 1
hi, avira, norton, malwarebytes are able to block the links before the browser can download the files but I don't think they are able to scan the files after being downloaded
Only google chrome safe browsing and edge browser can do that effectively
firefox is lacking behind those 2 for some reasons although firefox also uses google safe browsing
WDBP can also block links but it still allows some of blocked files to be downloaded => I think it's bug. I may report it later but won't hope for a reply from MS

I don't know why norton has been crap in recent tests!?? perhaps something is wrong in the company?
same as avira last month
Hello Evjl's Rain,

Thank you for explaining that.

I have also always wondered why Firefox always lags behind the others when it uses the Google Safe Browsing api or whatever too.

A few weeks ago or less I emailed my suggestions to Microsoft about the Windows Defender Browser Protection extension, I mentioned the recovery bug and that they should follow this thread, but I have not gotten a response yet; but I think that you should report the bug to them and your suggestions as well because I would like to see this extension improve to at least equal or surpass Microsoft Edge's protection, and for them to add more features.

Out of those extensions that we named the Norton extension is the only one that has not be updated this year yet (I think that Microsoft quietly updated their extension recently), I wonder if Norton are phasing it out and / or if the lack of updates is hurting its performance, and if something else is going on; I would like to see Norton fully integrate K9 and continue improving it so that all of their products can equal or surpass it (like the browser extension).

Thank you for responding,
-John Jr
 
  • Like
Reactions: Evjl's Rain

HarborFront

Level 46
Verified
Content Creator
hi, avira, norton, malwarebytes are able to block the links before the browser can download the files but I don't think they are able to scan the files after being downloaded
Only google chrome safe browsing and edge browser can do that effectively
firefox is lacking behind those 2 for some reasons although firefox also uses google safe browsing
WDBP can also block links but it still allows some of blocked files to be downloaded => I think it's bug. I may report it later but won't hope for a reply from MS

I don't know why norton has been crap in recent tests!?? perhaps something is wrong in the company?
same as avira last month
If I'm not wrong FF uses Disconnect for tracking protection and calls upon Google Safe Browsing as and when needed
 
  • Like
Reactions: Evjl's Rain

Evjl's Rain

Level 43
Verified
Trusted
Content Creator
Malware Hunter
If I'm not wrong FF uses Disconnect for tracking protection and calls upon Google Safe Browsing as and when needed
but the problem is we don't know why firefox uses google safe browsing but still doesn't perform as good as google chrome or other chromium's forks
perhaps firefox focuses on limiting telemetry to google so it also limits the full strength of safe browsing or firefox uses only a delayed version, similar to adguard desktop
they will never perform as good as google chrome
 

HarborFront

Level 46
Verified
Content Creator
but the problem is we don't know why firefox uses google safe browsing but still doesn't perform as good as google chrome or other chromium's forks
perhaps firefox focuses on limiting telemetry to google so it also limits the full strength of safe browsing or firefox uses only a delayed version, similar to adguard desktop
they will never perform as good as google chrome
Read the cached copy of the article here

https://web.archive.org/web/20180624030448/https://feeding.cloud.geek.nz/posts/how-safe-browsing-works-in-firefox/
 

Evjl's Rain

Level 43
Verified
Trusted
Content Creator
Malware Hunter
Read the cached copy of the article here

How Safe Browsing works in Firefox
"Firefox downloads a list of bad URLs every 30 minutes from the server"
that's the reason

google chrome updates in realtime
I saw a link was failed to be blocked but when I refreshed the page immediately after that, it was blocked
 

stefanos

Level 24
Verified
but the problem is we don't know why firefox uses google safe browsing but still doesn't perform as good as google chrome or other chromium's forks
perhaps firefox focuses on limiting telemetry to google so it also limits the full strength of safe browsing or firefox uses only a delayed version, similar to adguard desktop
they will never perform as good as google chrome
Agree with you. The most secure browser for me is google chrome. I love opera browser but only for secure surfing, and always with https everywhere avira or malwarebytes or....or...... extension. Google chrome only with WDBP
is enough