Search found 256 matches

by kukla
Fri Aug 02, 2019 4:13 pm
Forum: NoScript Surrogates
Topic: NoScript Surrogates dead?
Replies: 3
Views: 84458

NS 10 surrogates?

Are there any? Maybe already announced, but haven't kept up.
by kukla
Thu Jul 11, 2019 7:41 pm
Forum: Security
Topic: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)
Replies: 16
Views: 1357

Re: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)

This is actually one of the main reasons I use Waterfox. Disabling that stuff in Firefox settings is not as thourough as what Waterfox does, and wouldn't be sufficient for me. Also, disabling stuff in Firefox doesn't solve the problem of Firefox adding more crap in new releases, that you then have ...
by kukla
Thu Jul 11, 2019 2:17 pm
Forum: Security
Topic: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)
Replies: 16
Views: 1357

Re: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)

Thanks, just got around to updating. Awaiting a patch, had been using FF for so long I quite got used to it. Now WF looks a bit strange to me. I realize that, besides being able to run the older XUL addons, at least in the 56.2, one of WF's main purported advantages, is that it doesn't send all that...
by kukla
Wed Jul 10, 2019 1:28 am
Forum: Security
Topic: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)
Replies: 16
Views: 1357

Re: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)

I would *not* feel comfortable risking the combo of a known zero-day "gateway vulnerability" that's been sitting around a while + a fresh batch of publicly known vulnerabilities. That doesn't sound good at all. There's a bunch of new vulns. I will look into those suggestions for getting some kind o...
by kukla
Mon Jul 08, 2019 5:45 pm
Forum: Security
Topic: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)
Replies: 16
Views: 1357

Re: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)

I'm in no position to evaluate this claim by the WF dev, but just wonder if this really lets WF unpatched for #2 zero-day off the hook: Unfortunately I am travelling and it’s difficult. But from what I’ve seen in the bug reports this is a sandbox escape, which in of itself needs another exploit to d...
by kukla
Wed Jun 26, 2019 2:38 pm
Forum: Security
Topic: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)
Replies: 16
Views: 1357

Re: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)

Looks like there's a lot of complacency around security for most WF users, at least those who participate in the support site. And sometimes, especially for this issue, the dev included, who's trying to juggle too many balls at once, wants to be all things to all people -- different devices, formats...
by kukla
Tue Jun 25, 2019 1:38 pm
Forum: Security
Topic: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)
Replies: 16
Views: 1357

Re: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)

... and 56 is now patched as well - https://github.com/MrAlex94/Waterfox/commit/887055d42092e4ea4aec1d938fc4c379b17bccee Above, for the 68, you say "I'm going to do a new build later today." Not seeing anything new for the 56 actually released to users. This is well above my pay grade, but do you m...
by kukla
Mon Jun 24, 2019 1:54 pm
Forum: Security
Topic: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)
Replies: 16
Views: 1357

Re: Firefox zero-day exploit (CVE-2019-11707 and CVE-2019-11708)

Hi barbaz, not sure I understand the implications of the link in your second post (including Alex's eventual reply), but, apparently, as the second zero day has still not been patched, neither in the 52.6 (what I use) nor in the 68, I'm reluctantly running the FF ESR until a WF patch arrives. Can't ...
by kukla
Wed Jun 19, 2019 1:58 pm
Forum: Web Tech
Topic: (SOLVED) barbaz (or anyone running Waterfox and uMatrix) re. uMatrix rules import
Replies: 2
Views: 288

(SOLVED) barbaz (or anyone running Waterfox and uMatrix) re. uMatrix rules import

If you are still using WF, 56.2.10, are you able to replicate the following with Matrix (1.3.16) My rules ->import from file: After selecting and opening a given .txt file, Commit button stays greyed out, in other words, nothing happens. (Tested in uM earlier version 1.3.14 same behavior as well.) W...
by kukla
Wed May 22, 2019 10:46 pm
Forum: NoScript Support
Topic: [RESOLVED] Unable to install NS to Waterfox
Replies: 3
Views: 246

Re: Unable to install NS to Waterfox

That link worked for him to install at WF. Thanks.
by kukla
Wed May 22, 2019 9:30 pm
Forum: NoScript Support
Topic: [RESOLVED] Unable to install NS to Waterfox
Replies: 3
Views: 246

Re: Unable to install NS to Waterfox

Had been trying different things, legacy collector highest version is the 5.1.8.4. At your suggestion, advised to get the 5.1.9 directly. If that still doesn't work, you may hear from them directly. Thanks.
by kukla
Wed May 22, 2019 7:32 pm
Forum: NoScript Support
Topic: [RESOLVED] Unable to install NS to Waterfox
Replies: 3
Views: 246

[RESOLVED] Unable to install NS to Waterfox

Not me, I have no problem installing the 5.1.8.4 to my WF 56.2.10 from this link (and then returning to the 5.1.9), but someone I know elsewhere can't install NS from https://legacycollector.org/firefox-addons/722/noscript-5.1.8.4.xpi Gets the following https://i.postimg.cc/ts6pQb9w/Screen-Shot-2019...
by kukla
Tue Nov 20, 2018 10:45 pm
Forum: Web Tech
Topic: TLS 1.0 and 1.1 are slated for the chopping block
Replies: 7
Views: 80277

Re: TLS 1.0 and 1.1 are slated for the chopping block

For Waterfox, from https://www.ssllabs.com/ssltest/viewMyClient.html

Not good if it allows 1.0. Just set security.tls to from 1 to 3 (security.tls.version.min;3)

Image
by kukla
Sat Jun 02, 2018 1:33 pm
Forum: Metaforum
Topic: Informacton forums and new GDPR?
Replies: 2
Views: 84942

Re: Informacton forums and new GDPR?

Thanks for your feedback on this.