Search found 118 matches

by morganism
Sat Feb 15, 2020 4:33 am
Forum: Security
Topic: Firefox url stripping of tracking info
Replies: 2
Views: 3094

Re: Firefox url stripping of tracking info

oh, and this looks like local storage, don't know how it goes into the SQL profile... "Private Bookmarks enables a special password-protected bookmark folder. Your private bookmarks are encrypted with your chosen password. This is not an online service, and you are in control of what data leaves you...
by morganism
Sat Feb 15, 2020 4:30 am
Forum: Security
Topic: Firefox url stripping of tracking info
Replies: 2
Views: 3094

Firefox url stripping of tracking info

This looks pretty sweet, i can't check it tho... "This extension will automatically remove tracking elements from URLs to help protect your privacy when browse through the Internet. Many websites use tracking elements in the URL (e.g. https://example.com?utm_source=newsletter1&utm_medium=email&utm_c...
by morganism
Sun Apr 28, 2019 8:42 pm
Forum: Security
Topic: The inception bar: a new phishing method-( captive site)
Replies: 0
Views: 3013

The inception bar: a new phishing method-( captive site)

this is a browser capture method, and may trap you at the site if you dont have NoScrpipt active. "I don’t want to keep you any longer. If you’re still stuck here, one way to get out is to go to the Hacker News discussion and upvote this article." "In Chrome for mobile, when the user scrolls down, t...
by morganism
Sat Feb 16, 2019 8:46 pm
Forum: Web Tech
Topic: Adblockers Performance Study
Replies: 0
Views: 1141

Adblockers Performance Study

Duck Duck doesnt fare so well...

https://whotracks.me/blog/adblockers_pe ... study.html

"That all popular content-blockers are very efficient, having sub-millisecond median decision time per request"
by morganism
Sat Feb 16, 2019 8:05 pm
Forum: Web Tech
Topic: Artificial intelligence, algorithmic pricing, and collusion
Replies: 0
Views: 1057

Artificial intelligence, algorithmic pricing, and collusion

"This column uses experiments with pricing algorithms powered by AI in a controlled environment to demonstrate that even relatively simple algorithms systematically learn to play sophisticated collusive strategies. Most worrying is that they learn to collude by trial and error, with no prior knowled...
by morganism
Sun Oct 21, 2018 9:46 pm
Forum: Security
Topic: Redirect Detective
Replies: 0
Views: 82495

Redirect Detective

Learn where the redirects go... http://redirectdetective.com/ Redirect Detective is a free redirect checker that allows you to see the complete path a redirected URL goes through. "Some of the many uses for Redirect Detective are: See where an affiliate link goes to and what affiliate network is bei...
by morganism
Wed Oct 17, 2018 8:22 pm
Forum: Security
Topic: Reverse engineering of a Huawei P20 from China
Replies: 0
Views: 82554

Reverse engineering of a Huawei P20 from China

Reverse engineering of a Huawei P20 from China

https://twitter.com/fs0c131y/status/1051568180748013569

In this request, the phone is sending - your country - your province - your city - phone locale - the website you requested
by morganism
Sun Sep 23, 2018 11:19 pm
Forum: Security
Topic: ungoogled-chromium is a set of configuration flags, patches,
Replies: 0
Views: 85443

ungoogled-chromium is a set of configuration flags, patches,

"due to Chrome’s new user-unfriendly forced login policy — I won’t be using it going forward." https://blog.cryptographyengineering.com/2018/09/23/why-im-leaving-chrome/ "ungoogled-chromium is a set of configuration flags, patches, and custom scripts. These components altogether strive to accomplish...
by morganism
Sat Sep 22, 2018 8:52 pm
Forum: Security
Topic: Mozilla is malware, sorry but no other way to put it.
Replies: 1
Views: 86578

Re: Mozilla is malware, sorry but no other way to put it.

"But this time I had to go further and open the “Debug add-ons” page, and there I saw two add-ons not listed anywhere else — fxmonitor@mozilla.org.xpi and telemetry-coverage-bug1487578@mozilla.org. https://medium.com/@neothefox/firefox-installs-add-ons-into-your-browser-without-consent-again-d3e2c8e...
by morganism
Sat Aug 18, 2018 10:27 pm
Forum: Security
Topic: Is serverless insecure? Let's find out..aws
Replies: 1
Views: 85296

Is serverless insecure? Let's find out..aws

Is serverless insecure? Let's find out.. "This is a simple AWS lambda function that does a straight exec. Essentially giving you a shell directly in my AWS infrastructure to just run your commands. A security teams worst nightmare. Do whatever you want. Ultimate goal: take over the account, escalate...
by morganism
Sat Feb 17, 2018 11:44 pm
Forum: Security
Topic: Stealing Data With CSS: Attack and Defense
Replies: 0
Views: 87103

Stealing Data With CSS: Attack and Defense

CSS exfil this didn't come up in search, so will post https://www.mike-gualtieri.com/posts/stealing-data-with-css-attack-and-defense "By utilizing CSS alone, browser protections like NoScript can't block the egress of data (although NoScript's XSS auditor is more effective than Chrome at blocking so...
by morganism
Wed Jan 24, 2018 7:31 pm
Forum: Security
Topic: 7-Zip: Multiple Memory Corruptions via RAR and ZIP
Replies: 0
Views: 87267

7-Zip: Multiple Memory Corruptions via RAR and ZIP

In the following, I will outline two bugs that affect 7-Zip before version 18.00 as well as p7zip. The first one (RAR PPMd) is the more critical and the more involved one. The second one (ZIP Shrink) seems to be less critical, but also much easier to understand. https://landave.io/2018/01/7-zip-mult...
by morganism
Thu Jan 18, 2018 12:03 am
Forum: Security
Topic: New free public DNS service blocks malicious domains
Replies: 9
Views: 90270

Re: New free public DNS service blocks malicious domains

ugh, you guys were right.

Here is a DNS lookup over HTTPS that may help

https://github.com/curl/curl/wiki/DNS-over-HTTPS

Do DNS resolves over HTTPS for privacy, performance and security. Also makes it easier to use a name server of your choice instead of the one configured for your system.
by morganism
Sat Jan 13, 2018 12:43 am
Forum: Security
Topic: Real World Crypto 2018
Replies: 0
Views: 87142

Real World Crypto 2018

live talks on crypto implemention in streaming and cloud Real World Crypto 2018 Real World Crypto Symposium aims to bring together cryptography researchers with developers implementing cryptography in real-world systems. The conference goal is to strengthen the dialogue between these two communities...