|
From: | brn |
Subject: | Re: Preliminary work on IceCat 78 now pushed to the 'master' branch |
Date: | Thu, 10 Sep 2020 12:58:19 +0800 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 |
Hi, (again, apologies to Mark for double posting, not enough sleep on my part.) On 10/09/20 06:00, Mark H Weaver wrote:
Hi, brn@iinet.net.au writes:Regarding unwanted connections: You've all most likely seen the recent paper below, but just in case you haven't: https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf The reference above details methodology deployed to analyse various browsers network activity at "rest". Firefox was one of the browsers tested.I hadn't seen it, thanks! Among other things, it brought my attention to 'mitmproxy', which may be a good tool to decrypt HTTPS connections. Mark
I am glad that it has proven itself as a useful resource. The thanks major is indeed to Doug Leith, the paper's author, and also to Martin Brinkmann, who alerted his readership of the existence of the paper via:
https://www.ghacks.net/2020/02/25/study-finds-brave-to-be-the-most-private-browser/Upstream Firefox is certainly a time consuming headache to silence 'out of the box':
One feature (among others) that worries me is the automatic connections Firefox makes to check the revocation and security status of installed certificates and extensions/plugins. These happen at any time unless deactivated via more than one setting via what was "about:config" or via a local user.js file, or a system wide config file(s). I have historically deactivated this via the required (unlocked) settings in an autoconfig file and then manually re-enabled them via "about:config" for a session wholly dedicated solely to checking the status of installed certificates and extensions. The autoconfig file ensures that the required settings are deactivated again after the session is extinguished and a new session launched.
What deeply unsettles and irritates me; is that Mozilla do not offer a location where new blocklists and similar are published along with the respective signatures and checksums, thereby allowing those of us who wish to manually check things, to download via wget(1) or similar, and install at our own pleasure, not Mozilla's.
All that said, I watch this project with intense interest and will offer any assistance which may be useful, when I have the opportunity to do so.
My kindest regards, BRN.
[Prev in Thread] | Current Thread | [Next in Thread] |