Next I searched around and found various versions on sourceforge, but the latest seemed to be adblock version 75 (and/or perhaps synchs with KM 75.x). Any suggestions regarding this "default" adblocker and why I don't seem to have it? If it is there, how do I update the definitions or add my own? Prior extensions for adblock plus that I've used have included a UI where I can run updates or add my own site blocking rules manually. Maybe this is because I installed it by hand from the 7z file (and the "portable" version) rather than an installer, I don't know. Well, if there is, I sure don't see any evidence of it (in the various settings, the "about plugins" dialog, etc.). So I looked to see if there was some ad blocking available.įirst, I found a post that said there was something built into 75.1. In a very similar situation later, another site wanted to install something I hadn't requested. However, one problem I ran into was what seemed to be a nefarious site coming up (with one of those "are you sure you want to navigate away from this page" messages) that I suspected resulted from an advertisement on a prior page. I decided to try this out with version 75.1 for various reasons and as I had hoped, it is working much better than my current browsers (such as Firefox) in most cases and I've been fairly pleased with it. Also, I'm not very good at searches, so if any of these questions are already answered, please point me to them - thanks (that said, I did come across some related discussions that I didn't fully understand so I thought starting a new thread would make more sense) I'm new to this forum so please forgive any mistakes in my post. Please also keep in mind that most of these smaller web browser projects are volunteer efforts by small teams with lives and families of their own.I have some questions about installing extensions for this browser and ad blocking for this browser in general. You need to decide for yourself what is an isn’t an acceptable security risk for you. However, you should be aware that alternate web browsers will be lagging behind the original projects when it comes to security updates. I’m not trying to convince you not to explore different web browsers. I reached out to the project’s account on Twitter (no other point of contact was provided on the project’s website), but haven’t heard back. They appear to have dropped the ball on the second security update, however. Waterfox is mostly a one-man project, but managed to deliver the first security update in a timely manner. Their project commit log shows that a developer had done the work required to update their codebase on Monday, but it still took them until Friday to push out the update. The Tor Project caters to people who need strong security and privacy, and it’s good to see them keeping up with the latest developments.Ĭliqz was slower, and took three days to release the first update, and then didn’t release the second update until I prompted them about it a week later for this article. The Tor Browser was quick to release an update for both issues. Pale Moon is a true project fork from Firefox and no longer shares the vulnerable components that were affected by the recent security issues. Both the current and EST versions of Firefox were vulnerable to the zero-day security issues. The most popular browsers unsurprisingly has the most resources to track upstream releases more closely.Ĭliqz and Waterfox ship the latest version of Firefox, and the Tor Browser ships the slightly older Extended Support Release ( ESR) version. The above table is sorted by the estimated number of active users for each web browser. The below table shows how many hours it took after Mozilla Firefox had released an update before downstream projects released an update to address the problem:ĭownstream project hours to release after Firefox upstream release I’ll use the same Firefox derivatives I’ve featured before: Tor Browser, Cliqz, Waterfox, and Pale Moon. Mozilla released Firefox 67.0.3 and 67.0.4 two days apart to address each of these issues. The two security vulnerabilities in question, CVE-2019-11707 (MFSA-2019-18) and CVE-2019-11708 (MFSA-2019-19), were both zero-day critical security vulnerabilities that were known to be actively exploited on the web. This provided an excellent stress test and case study for how quickly Firefox derived web browsers ship security updates. Mozilla released two security updates to their open-source Firefox web browser just two days apart.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |