Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Browsers
Web Extensions
Which Ubo filters do you use ?
Message
<blockquote data-quote="ForgottenSeer 97327" data-source="post: 1053909"><p>[USER=80838]@Jan Willy[/USER]</p><p></p><p>These topics are a bit colored by uBO fans. It is not untrue what they are posting, only also not fully true either.</p><p></p><p>Firstly there are more ways of getting stuff in or out of a website (websocket, webrtc, xmlhttprequest, fetch and even with plain html), so medium mode is only a half baked feel good protection in regard to XSS-protection.</p><p></p><p>Only when you block all third-party I agree that uBO offers protection against server side XSS. But be honest how many websites function properly in hardmode? On top of that. I bet that in 99% of the websites you have to noop, provide the website your visiting with content. Nevertheless for third-party exposure applies less is more. I also agree fully with</p><p>[SPOILER="Yuki advising to use two profiles "]</p><p>[ATTACH=full]277974[/ATTACH]</p><p>[/SPOILER]</p><p> <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /> See thread : <a href="https://malwaretips.com/threads/using-two-or-three-profiles-on-chromium-based-browsers-for-better-security-and-privacy.124797/" target="_blank">Using two profiles for more privacy and security</a>.</p><p></p><p>XSS attacks are stil daily reality, but that is more because the website builders mess up their code. The browsers have gotten better protection against client side XSS and web-standards and coding best practices have evolved. I think your (Jan Willy's) rule to allow only third-party of some common Top Level Domains and using two different profiles is a much more pragmatic way of dealing with this hyped risk. Nevertheless I have added NetCraft extension on my wife's laptop (she uses only 1 profile) Better be safe than sorry, Netcraft is s non-intrusive extensions and has a good reputation in phishing protection also.</p></blockquote><p></p>
[QUOTE="ForgottenSeer 97327, post: 1053909"] [USER=80838]@Jan Willy[/USER] These topics are a bit colored by uBO fans. It is not untrue what they are posting, only also not fully true either. Firstly there are more ways of getting stuff in or out of a website (websocket, webrtc, xmlhttprequest, fetch and even with plain html), so medium mode is only a half baked feel good protection in regard to XSS-protection. Only when you block all third-party I agree that uBO offers protection against server side XSS. But be honest how many websites function properly in hardmode? On top of that. I bet that in 99% of the websites you have to noop, provide the website your visiting with content. Nevertheless for third-party exposure applies less is more. I also agree fully with [SPOILER="Yuki advising to use two profiles "] [ATTACH type="full" alt="1692461522388.png"]277974[/ATTACH] [/SPOILER] :) See thread : [URL='https://malwaretips.com/threads/using-two-or-three-profiles-on-chromium-based-browsers-for-better-security-and-privacy.124797/']Using two profiles for more privacy and security[/URL]. XSS attacks are stil daily reality, but that is more because the website builders mess up their code. The browsers have gotten better protection against client side XSS and web-standards and coding best practices have evolved. I think your (Jan Willy's) rule to allow only third-party of some common Top Level Domains and using two different profiles is a much more pragmatic way of dealing with this hyped risk. Nevertheless I have added NetCraft extension on my wife's laptop (she uses only 1 profile) Better be safe than sorry, Netcraft is s non-intrusive extensions and has a good reputation in phishing protection also. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
