Advice Request What Browser Extensions are you using in 2020?

[blacksheep]

Just trying to update my own list and see, if there something new worth installing. Let's go.

1. uBlock Origin
2. PrivacyBadger
3. BitWarden
4. I don't care about cookies
5. Firefox containers

 

[Parsh]

Maybe you should show me how the below are possible from your quotes. Preventing keyboard behavioral profiling done by Keyboard Privacy can be achieved with ScriptSafe's. Is it buggy?

Scriptsafe allows you to do this:

.. what Keyboard Privacy description claims to do:

Extension description: Prevents behavioral profiling by randomizing the rate at which characters reach the DOM

Decentraleyes can be replaced by other extensions in use and their filters.

My bad. The option to remove metadata in CDN requests does add to privacy.

User-Agent Spoofing feature don't work in Scriptsafe (see below pictures)

I would report to the developers. If they are responsible enough for a famous extension, they might fix it sooner. One extension that seems capable of tons of things.

zwBlocker vs Detect Zero-Width Characters. See the difference? I won't be going into the rest of the extensions you mentioned.

Then why use both?
I am not suggesting Adguard over uBO. But if it can do the primary function of 2-3 other extensions, it might be worth replacing. And yes, ClearURLs is not necessary for Brave.

@HarborFront I am aware that you have been testing extensions out to find the better ones. My intention was only to possibly reiterate that you need not sanitize every new browser weakness you keep on learning about. Excess could become counter-intuitive as some members suggested.
Quite a few of them are (or will be) from less reputed authors. Not saying that reputed ones are absolutely trustworthy - these can be more prone to targeted vulnerability attacks.
Are they designed to be secure enough? Are they trust-able? Are the devs following secure environment and delivery practices?

One lesser acknowledged idea is that it's not enough to know how to build a feature and build one. It's equally important (if not more) to know how to implement security around your little security product. The devs have to focus also on "what not should happen" other than "what it should do". Analyse, replace or mitigate weaknesses of dependency and approach. Use good coding standards and conventions. Use safe functions, handle data and errors safely with testing... Someone who developed an app or an extension just for the sake of it might perhaps not give weight-age to these factors knowingly and unknowingly. And these extensions essentially have access to almost all of your browsing data on the page.

These variables keep adding up as more extensions are used.. and increases vulnerability from inside and outside. Still if you're comfortable with your jackets, nothing cozy like that

 

[HarborFront]

You're just looking at numbers which is wrong way to look at things here. Check the logs instead, if you see missing ads, empty ads plaeholders then compare. ABP is absolutely useless if you import the same filters in uBlock Origin.

uBO likely can see what's being blocked. But ABP extension where to see the log? I also said

Some can be duplicate blocking by ABP but can't find that out in ABP

 

[SeriousHoax]

uBO likely can see what's being blocked. But ABP extension where to see the log? I also said

Some can be duplicate blocking by ABP but can't find that out in ABP

I never used ABP so don't know how to see the logs but there should be an option there. Anyway, just import the filters you want in uBO and disable ABP. It's the way to go. Try it.

 

[Cortex]

Emsisoft - I don't care about cookies - No, thanks - IMHO the less extensions the better, or you are heading to overkill as you can with AV program of sorts.

 

[HarborFront]

Scriptsafe allows you to do this:
View attachment 238247
.. what Keyboard Privacy description claims to do:


My bad. The option to remove metadata in CDN requests does add to privacy.

I would report to the developers. If they are responsible enough for a famous extension, they might fix it sooner. One extension that seems capable of tons of things.

Then why use both?
I am not suggesting Adguard over uBO. But if it can do the primary function of 2-3 other extensions, it might be worth replacing. And yes, ClearURLs is not necessary for Brave.

@HarborFront I am aware that you have been testing extensions out to find the better ones. My intention was only to possibly reiterate that you need not sanitize every new browser weakness you keep on learning about. Excess could become counter-intuitive as some members suggested.
Quite a few of them are (or will be) from less reputed authors. Not saying that reputed ones are absolutely trustworthy - these can be more prone to targeted vulnerability attacks.
Are they designed to be secure enough? Are they trust-able? Are the devs following secure environment and delivery practices?

One lesser acknowledged idea is that it's not enough to know how to build a feature and build one. It's equally important (if not more) to know how to implement security around your little security product. The devs have to focus also on "what not should happen" other than "what it should do". Analyse, replace or mitigate weaknesses of dependency and approach. Use good coding standards and conventions. Use safe functions, handle data and errors safely with testing... Someone who developed an app or an extension just for the sake of it might perhaps not give weight-age to these factors knowingly and unknowingly. And these extensions essentially have access to almost all of your browsing data on the page.

These variables keep adding up as more extensions are used.. and increases vulnerability from inside and outside. Still if you're comfortable with your jackets, nothing cozy like that

Scriptsafe allows you to do this:
View attachment 238247
.. what Keyboard Privacy description claims to do:

My bad. The option to remove metadata in CDN requests does add to privacy.

I would report to the developers. If they are responsible enough for a famous extension, they might fix it sooner. One extension that seems capable of tons of things.

Then why use both?
I am not suggesting Adguard over uBO. But if it can do the primary function of 2-3 other extensions, it might be worth replacing. And yes, ClearURLs is not necessary for Brave.

I'll take a look at the Keyboard Privacy in Scriptsafe again

Why use both? The 2 pictures of zwblocker (the icon on the right of ClaerURLs) and Detect Zero-Width Characters (the icon on the right of ClearURLs) already tell you the difference. Look carefully at the 2 pictures again.

FYI, in Brave, Adguard Adblocker lacks of the 'Block hyperlink auditing' feature that ClearURLs has. Both also can remove Etags, clear URLs etc overlapping features. Also, I have just added Cookie AutoDelete to Brave to better manage 1st-party cookies which Adguard Adblocker don't recommend.

FYI, I find the 'I don't care about cookies' extension superior than the filter in uBO/ABP

 

[HarborFront]

I never used ABP so don't know how to see the logs but there should be an option there. Anyway, just import the filters you want in uBO and disable ABP. It's the way to go. Try it.

I cannot find the log in ABP extension. It only says show the number of ads blocked. You just install it and see whether can find the log feature is there or not. OK?

 

[HarborFront]

@Parsh

Difference between Scriptsafe's 'Reduce Keyboard Fingerprinting' feature (below) vs Keyboard Privacy extension (top). Scripsafe's feature does NOT include the adjustment for Dwell time.

Quote

Dwell time is the time each key is pressed and gap time the time between key presses.

Keyboard Privacy for Chrome prevents behavioral profiling based on your typing - gHacks Tech News

Keyboard Privacy is a new Chrome extension that aims to prevent behavioral profiling based on how you type.

www.ghacks.net

 

[Lenny_Fox]

After reading @oldschool post about Brave I decided to try it again (replaced Edge), now using Brave with three extensions:
1. Adguard AdBlocker (disabled Brave's cross-site tracking, using Top500 and my own filter lists)
2. Blank New Tab (to get rid of Brave New Tab Page info)
3. Neater Bookmarks (for more usable screen surface)

 

[cliffspab]

@HarborFront is MalwareTips' very own King Canute!

 

[Tiamati]

And if you use Adguard Adblocker extension there's is no 'Block hyperlink auditing' feature which is available in ClearURLs and uBO

Hey @HarborFront . I Could make Adguard block hyperlink auditing by adding this rule

||*^$ping

I made a guide for that HERE

I guess the rule is correct, but can you tell me your opinions? ty

 

[HarborFront]

Hey @HarborFront . I Could make Adguard block hyperlink auditing by adding this rule



I made a guide for that HERE

I guess the rule is correct, but can you tell me your opinions? ty

Tested, it works. See the pictures in the link of yours. Thanks

New Update - [GUIDE] How to block Hyperlink Auditing with Adguard extension

If you want to block Hyperlink Auditing with Adguard. Open Adguard extension config --> My Rules --> put this: ||*^$ping Done. You can test if it's working here. IMPORTANT: $ping only works for the version 3.4+ of the browser extension edit: privacy badger and ublock are able to block it...

malwaretips.com

 

[sirius777]

uBlock Origin (with custom rules and settings)
Malwarebytes Browser Guard (disabled the Ads/Trackers option)

 

[Lenny_Fox]

Using Adguard DNS (with adguard DNS the TOP500 blocklist is all I need)

Opera (using for dodgy browsing):
- running with incognito switch (--private)
- set Opera flag: #freeze-user-agent (enable) for a plain Chrome user agent
- WebRTC (disable non-proxied UDP)

Extensions:
1. AudioContext Fingerprint Defender
2. Canvas Fingerprint Defender
3. Font Fingerprint Defender
4. WebGL Fingerprint Defender
5. uBlockOrigin with Top500 and My Filters (see below)

! Block insecure (HTTP) third-party content except stylesheet, image and media
HTTP://*$3p,~stylesheet,~image,~media

! Block third-party scripts and (i)frames except on the listed (top level) domains
HTTPS://*$3p,script,frame,domain=~com|~eu|~info|~net|~nl|~org

! Block plugins, pings (sending beacons) and popunders on all sites
||*$object,ping,popunder

! Strip Google Search (results page) from ads and notices (you might have to change google.com to your country e.g google.ca)
google.com##.xFNJP
google.com###taw
google.com###rhs
google.com###fsl
google.com###bottomads
||google.com/pagead
||id.google.com
||gstatic.com/shopping$domain=google.com
!
! Strip Google Youtube from ads and notices
!
youtube.com###ticker
youtube.com##.ytd-popup-container
||youtube.com/*/scheduler.js$script
||youtube.com/ptracking
||youtube.com/api/stats
||youtube.com/youtubei
||youtube.com/pagead
||gstatic.com/inputtools/images/$domain=youtube.com
/.*instream.*/$domain=youtube.com
/.*midroll.*/$domain=youtube.com

P.S. I like the Opera malware site warning

 

[Gandalf_The_Grey]

1. AdGuard
2. LastPass
3. Browsing Protection by F-Secure
4. Certificate Info

Under review: Microsoft Editor

My extensions now:

Microsoft is working on getting Bitdefender TrafficLight in the store.

 

[LDogg]

@Gandalf_The_Grey in your divine wisdom, which is better Nano Adblocker or Adguard?

If Adguard, what settings would you advice?

~LDogg

 

[scorpionv]

My extensions now:
View attachment 238393
Microsoft is working on getting Bitdefender TrafficLight in the store.

Can't your load the 'I don't care about cookies' extension in AdGuard? I know I can in the AdGuard application, but I'm not sure about the AdGuard Extension.

Personally still yo-yo-ing between MB Browser Guard and BitDefender TrafficLight. I like BD TrafficLight, but I'm not sure I should pick it above MB Browser Guard.

 

[oldschool]

Can't your load the 'I don't care about cookies' extension in AdGuard?

I believe you mean IDCAC filters, not the extension. Yes, this list may be added.

 

[Gandalf_The_Grey]

@Gandalf_The_Grey in your divine wisdom, which is better Nano Adblocker or Adguard?

If Adguard, what settings would you advice?

~LDogg

I would prefer uBlock Origin over Nano Adblocker because it's the original and currently the best maintained of the two.

Comparing uBlock Origin/Nano with AdGuard is like Android to iOS.
You can tinker more with uBlock Origin/Nano and I really like their dashboard.
AdGuard is more like set and forget and slightly more difficult to see what's blocked.
I like the fact that I can use only +/-52000 rules to get great ad blocking out of the box.

Sites load a little bit faster with uBlock Oigin compared to AdGuard, but that's probably because of the malware protection of AdGuard.
You can turn that feature off.

My settings are here: Q&A - Adblock Detection: How to circumvent

 

[scorpionv]

I believe you mean IDCAC filters, not the extension. Yes, this list may be added.

Uhm yes, that's what I mean, slip of the tongue. Thanks for clearing that up.

 

[LDogg]

I would prefer uBlock Origin over Nano Adblocker because it's the original and currently the best maintained of the two.

Comparing uBlock Origin/Nano with AdGuard is like Android to iOS.
You can tinker more with uBlock Origin/Nano and I really like their dashboard.
AdGuard is more like set and forget and slightly more difficult to see what's blocked.
I like the fact that I can use only +/-52000 rules to get great ad blocking out of the box.

Sites load a little bit faster with uBlock Oigin compared to AdGuard, but that's probably because of the malware protection of AdGuard.
You can turn that feature off.

My settings are here: Q&A - Adblock Detection: How to circumvent

Cheers bro, think I may leave Nano on atm then, cheers again bro

~LDogg