Question Which do you prefer for blocking malware and phishing --> DNS, separate web filter extension or malware/phishing list in µBO, etc.?

oldschool

Level 70
Thread author
Verified
Top poster
Well-known
Mar 29, 2018
5,998
I see a discussion going on here at Wilders about the best list to use in µBO for malware and phishing protection. I wonder what method you prefer for blocking malware and phishing --> DNS, separate web filter or filter list added to an anti-tracking extension? and why?
 
Last edited:

ErzCrz

Level 13
Verified
Top poster
Well-known
Aug 19, 2019
607
I see a discussion going on here at Wilders about the best list to use in µBO for malware and phishing protection. I wonder what method you prefer for blocking malware and phishing --> separate web filter or filter list added to extension? and why?

I use WD's SmartScreen in Edge and then I use the UBO medium mode variation described here Extension - uBlockOrigin flexible modes which seems to work pretty seamlessly for me. I think the extended lists just slow down my browsing and I'd rather just blacklist the common abused TLDs as described in that post by @Lenny_Fox
 

plat

Level 28
Verified
Top poster
Well-known
Sep 13, 2018
1,692
Ideally both but prefer a minimal browser configuration. Getting rid of some un-needed and largely obsolete filter lists helps a lot, thanks to Wilders. Surprisingly, Vivaldi in Sandboxie opens in 2-3 seconds. Edge opens in 1-2 sec on here.

I replaced two of the three default malware domain filters with one import and am also using SmartScreen.
That uBlock Origin thread is awesome. A treasure-trove of good information by people with a lot of expertise. (y)
 

TairikuOkami

Level 32
Verified
Top poster
Content Creator
Well-known
May 13, 2017
2,117
separate web filter or filter list added to extension
I prefer DNS filtering, but if I would have to choose, I choose privacy. Web filtering extensions send URL home and even if it is encrypted (mostly not), the owner of the extension can see. Filter list checks URL offline, but I was never able to find any malware filter anyway, most block ADs, so I use only those:
 

Attachments

  • capture_06182020_231757.jpg
    capture_06182020_231757.jpg
    110.2 KB · Views: 318
F

ForgottenSeer 85179

Best protection is before browser level, e.g. at DNS level.
Then the browser and browser extension need a lot less work and performance is better.

Mostly it doesn't depending on used filter lists as many just use the same or copy from other lists.
For example currently I use PiHole with 20-30 filter lists but the same can be archived with nextdns "stock" lists.

Also always use browser internal protection to be on safe side.
 

HarborFront

Level 62
Verified
Top poster
Content Creator
Oct 9, 2016
5,196
Last edited:

TairikuOkami

Level 32
Verified
Top poster
Content Creator
Well-known
May 13, 2017
2,117

Attachments

  • capture_06192020_091328.jpg
    capture_06192020_091328.jpg
    170.1 KB · Views: 312

Back3

Level 13
Verified
Top poster
Apr 14, 2019
606
I've been using Ublock Origin for the last 6 months in medium mode without the malware protection. Added a few filters. They do the job. 1Hosts ( mini), Malvertising filter by Disconnect and StevenBlack/hosts. TrafficLight for web protection.
 

Attachments

  • 2020-06-19_03h28_48.png
    2020-06-19_03h28_48.png
    79.1 KB · Views: 296
Last edited:

Lenny_Fox

Level 22
Verified
Top poster
Well-known
Oct 1, 2019
1,124
I see a discussion going on here at Wilders about the best list to use in µBO for malware and phishing protection. I wonder what method you prefer for blocking malware and phishing --> DNS, separate web filter or filter list added to an anti-tracking extension? and why?
1. DNS level (because all the filtering is done on the servers of the DNS)
2. Browser build-in (because Microsoft Smartscreen and Google Safe Browsing are top-notch)
3. Antivirus extension (BitDefender Traffic Light would be my choice because I like single purpose extensions and url detection is a numbers game).

I simply can't believe than a (community) based blocklist can beat the crawling and honeypot infrastructure of an Antivirus company or monitors as much traffic as a DNS service (e.g. Quad9 or NextDNS) or an OS (Microsoft) or a search engine (Google). It is as likely as Luxemburg winning the world cup soccer. URL filtering is a numbers game,.

NOTE
I am a firm 'less is more' fan, but for URL filtering 'bigger is better'.
 
Last edited:

Lenny_Fox

Level 22
Verified
Top poster
Well-known
Oct 1, 2019
1,124
Top