How safe are web browser extensions?

Firefox doesn’t track you!

[Sorry, your comment has been edited to align with our community guidelines. Please keep comments polite. https://conversation.which.co.uk/commenting-guidelines/. Thanks, Alex.]

Your opinion isn’t supported by scientific fact Larry but conjecture and belief on the advertising by Mozilla , it “phones home ” on startup which is not publicized for a start . You do know that ticking the box DO NOT TRACK is only voluntary and websites can ignore it —dont you ? and why put that there if ,as you say, FF doesn’t track you ?

[Sorry, your comment has been edited to align with our community guidelines. Please commments polite. https://conversation.which.co.uk/commenting-guidelines/. Thanks, Alex.]

I dont usually reply in that nature but the rudeness of the remark left me no option.

If you look at FF T& C,s you will find they admit they track you.

Removing both discourteous comments seems the best solution. Has that happened between USA and N. Korea?

More or less, I think, Malcolm. Both sides were posturing for home consumption and the fundamentals are strong so neither side wanted to be the one to pull the plug on a dialogue. Trump might have his eye on a peace prize one day – such is his ego it knows no bounds. Be funny if the other man got it.

I’m with you on that Roger. I use several browsers and do clear them many times a day but I really can’t be bothered to manage them.

But what GDPR has highlighted, is the unimaginable extent of the minefield of abuse these companies inflict on our computers and personal data.

Indeed. At one time it seemed likely that users might have to pay for web browsers, but the free versions proved compelling and now we have advertising and tracking. Perhaps it will become so bad that positive action will be taken to control this. Back in the 80s I thought that people would stop watching commercial TV because of the amount of advertising, but I’m one of the few who seems to have done this.

I’m stupidly still paying for a TV licence, even though my aerial cable has been disconnected for a few weeks now. Thanks to YouTube and Netflix, I can get by without any terrestrial TV.

Sometimes the advert breaks are an opportunity to slip out to the brain and check on emails and latest comments, make a cuppa, load the dishwasher, read a bit of Private Eye, go to the…., but I would not miss one of the good programmes on a commercial channel just to spite the adverts. Just ignore them. I expect with a modern tv, AI will know when I’m avoiding my duty and penalise me in some way?

Malcolm, if you watch terrestrial TV via a PVR, then you can just press the pause button anytime you need a break.

My technology is not up to scratch, Derek.

I see that Which? are giving me advice on “How to buy the best TV for the 2018 World Cup
Read more: https://www.which.co.uk/news/2018/05/how-to-buy-the-best-tv-for-the-2018-world-cup/ – Which?“.

One day I’ll need a new tv, no doubt with pause technology, but I hope it might also have a “no-football” button as well.

I always watch TV via the PVR so that I can pause TV programmes and listen again to something interesting. I have a radio with the same facilities.

I hate when they change te homepage! My Grandma’s homepage used t change constantly! Turns out Windows Embedded was the answer to that

I detest Rapport but use it on on the computer I use for online banking. I don’t know about the PC version but the Mac version slows has slowed down every Mac I’ve tried it on.

Each to their own Vynor , I believe in secrets that adversely affect the public being “outed ” , there again I hold radical beliefs of a non-conformist nature knowing what goes on “behind the scenes ” Look at my post on Apple Mail I have just posted , nothing is impenetrable , any system can be got at , look how long the US Congress and Military Establishment is taking to decide whether Amazon/Google / etc can win the contract for their very secure Cloud Storage contract to hold all US military secrets. ordinary Cloud Storage isn’t up to its advertising in security for the public , its already been hacked.

Vynor – I recall you told us about the buying of Amanda Louise, in the Rhyming Room. I do read your contributions. A quick guess suggests that you are now the proud owner of a yacht.

Yes – I think Sir Philip Green had one for sale recently.

I’m just booking my berth in Cannes for lunch with * *!

🙂 Keep in touch on your travels then.

Not if you dont want to be tracked.

Which one tracks then??

I wasn’t going to answer you due to your post but in case anybody thinks I am dodging something in not replying to you lets just take ONE of your apps you quoted –Hide Twitter Guff not only does this app track you but my new blocking app completely blocked access to the owners website – which is ocadia even though its related to git hub its not good . I will give you the URL but NOT as a click on in Which convo as I would be letting down the British public’s web protection , most browsers wont spot it or stop access to it so be warned ! Do NOT try to use this URL -its https—www–huge—domains.com/ domain –PROFILE –cfm?d=OCADIA &e=com Wavechange- Roger – Derek do NOT join this URL up its dangerous !!! By the way when I used Yandex to reach the download website of the maker the websites AI BLOCKED one of my apps to stop it blocking its tracking and downloading . Not so my better browser which is real open source which showed it as it really is a powerful tracking app that gathers all your info. Now I have TWO browsers that have blocked the makers download website with the same details and tracking server.

Its a good start Tony try Waterfox ONLY download from here –I guarantee ZERO trackers / malware etc one of the few websites on the web with NO trackers https://www.waterfoxproject.org/en-US/waterfox/new/ but have to tell you the built in app in both refers to Google automatically that warns you of bad websites –you can disable it of course . Google run a “safe browsing app” service for lots of browsers and don’t enable ANY FF account because it goes to Salesforce MARKETING cloud which has its own policy DONT enable sync -dont enable website notifications either . Dont take this as very bad a lot of browsers are much worse.

Tony if you want a very small but lightning fast web browser without any “bells + whistles ” than can block Jscript , HTTPS compliant , cookie manager , history will not be stored if you zero day it, works on ancient computers , won best non commercial project at RISC -OS awards -2012/3 then click on http://www.netsurf-browser.org -designers website DONT download anywhere else positively zero trackers. Wont “phone home ” .

Duncan, thanks you those links. I was able to download NetSurf 3.2 from the Debian repository but, never mind being “lightning fast”, it would not even function with Which? Conversation.

WaterFox does not seem to be in the Debian repos, but the download you linked to includes an executable that (mostly) seems to work here. (It has crashed once, so far…). I did note that Waterfox comes with Bing (hello Redmont…) as its default search engine, so I changed that to DuckDuckGo. And, as evidenced by this, it seems to work for W?C.

You need to exercise caution when using Firefox-forks like Waterfox.

Netsurf is also something that needs care.

Derek NetSurf -3.2 is out of date , thats one of the good points of Pacman in Arch Linux it keeps up to date due to the complete constant system renewal every month of so (except for the core ) so there is never a “new version ” . Its now NetSurf 3.7 Which wont work without you ticking the Jscript box the boxes dont come filled in in Preferences . I dont use it for Which as no Jscript stops a lot of malware. Yes I use Duck-Duck Go too as Bing is just handing MS your data on a plate. On Saturday I got another system renewal including the Kernel being updated only took minutes but I have found a major problem on Sunday I got a Waterfox “rebuild ” as it didnt like the one from the Pacman repository . Normally in any other system its a 2 minute job (apart from Windows ) even a new version is done in double quick time but I was not expecting it to be a real rebuild –from scratch –but it was . I watched in amazement as a whole new Waterfox was constructed as if the designer was building it from his mind -bit by bit by bit –over half an hour it took never came across that before.

I dont agree with them Ian I know you always go for the “status quo ” I dont You picked the website in the USA I was kicked off for criticising their FINANCIAL backers , of course they will be defending FF they get PAID to defend MS/Fox “News ” / and a host of others. I criticised MS and another —Gooten Tag -Duncan – Verboten for their website . They neglected to mention that FF does gather your info –SECRETLY which Waterfox doesnt , In FF you need to go into-about:config to change just one tracker , I have already posted on this . NetSurf ? as I said to Derek Update to 3.7 and tick a few boxes and NO Ian it isnt “an old system” -latest version November -2017.

Funnily enough, I was just reading that website when you posted the link to it. I note some of the comments there challenge the veracity of the article text though…

As regards WaterFox, I didn’t relish the fact that I couldn’t download it from my linux repository ( “App store” ), because directly downloading 3rd party code eliminates the security barrier provided by those responsible for repository maintenance. Hence, this places more emphasis on trusting the software vendor (and any other available advocates).

Personally, if I were really paranoid about being “spied on” whilst on the ‘net, I’d start out by using a completely free and libre OS, e.g. one of the actual GNU/Linux versions like Tisquel and then work onwards from there. By doing that I coud be sure that I wasn’t vulnerable to any sneaky code in closed source apps or device drivers. That said, the common problem of unintended vulnerabilities in other code would still be present.

But, even I never personally logged onto the ‘net at all, it would still end up containing data about me.

Ian, I think the NetSurf hijacker and browser are probably not the same beast…

Duncan, having tried NetSurf 3.2 and found it to be essentially useless as released via Debian, I really don’t see any point in trying a later version.

For what I most need, Cromium works just fine…

Arch repository , as I said, holds Waterfox and Arch ,as I said, did a complete system REBUILD from SCRATCH ! over half an hour it took. I will ask a question if many here dont care about being tracked why then do they “care ” about the DATA being used as thats the way its obtained ??. I keep on saying I used my real name from the beginning as I knew it was a waste of time trying to hide it Google et al including all the security services in the West know all about us , you do know all our data is now sent to US servers including the latest medical records ? WE are foreigners in USA eyes but this never sinks in the same as GCHQ is used by the NSA/CIA to spy on US citizens because US citizen protection is better BY LAW than ours . Germany has now proclaimed “its copying the UK ” in massive snooping (no holes barred ) but its been sending German data to the NSA for many years .

Works okay in Arch Derek. Its very basic unlike Ian who likes the “big boys ” who constantly gather your data, small -CROWD FUNDED browsers dont I trust small groups of enthusiasts much more than devious major actors because the change the basic programming to stop snooping or design from scratch . This upsets many websites .

Your right Derek.

Duncan Lucas says:
Today 10:29

Works okay in Arch Derek. Its very basic unlike Ian who likes the “big boys ” who constantly gather your data,

Duncan, a lot of what you claim is unsubstantiated, but this is simply uninformed and wrong. You have no idea about which browsers I use or favour, and you have no idea why. So stop claiming you know things which you don’t and stick to what you can prove, please. Trolling in here is unacceptable and your post (above) is an example of that.

You sound like a company troll Ian trying trying to make the public believe that they can “trust us ” .You are also worried that confidence in HMG,s propaganda forcing the British public to “use the Web ” can be shown to be not safe . Fake news is unsubstantiated but the UK/US put it out all the time but what you are saying is they DONT — I am in utter disbelief at that suggestion , YOU are trying to control me by dissing me with YOUR unsubstantiated post . Go on Ian -report me and that will show the level of your willingness to suppress views other than YOUR OWN ! Reality backed up by technical bods well above me agree have shown I am telling the truth . Okay Ian PROVE me wrong ??

Your comment Ian brings into question the freedom to post technical engineering posts here I know you dont like that but the LOBBY comes under TECHNOLOGY/not cartoons/jokes yet it has been subverted . I have posted what a TROLL stands for from the Webster dictionary its to swear/ ridicule/ and use low intelligence comments to “bring down ” other posters that the TROLL doesn’t like NOTHING to do conglomerates/Big Business so you are totally wrong in your judgement . You spend your time protecting them by innuendo that I or others “cant substantiate ” what we say thats usual government “jargon ” when I posted links you weren’t happy and still arent . Your attack is a personal attack on me thats what trolls do IAN. I will not accept it –ever.

Duncan, if you calm down for a moment and read what I’ve written you will see that it’s postings of yours where you claim to ‘know’ what I think about things eg:

“unlike Ian who likes the “big boys ””

“You are also worried that confidence in HMG,s propaganda forcing the British public to “use the Web ” can be shown to be not safe”

“YOU are trying to control me by dissing me with YOUR unsubstantiated post”

which is where I take exception. Unless you’re possessed of psychic capabilities such as mind reading you cannot possibly ‘know’ what you claim about me. And when you make those comments which I’m sure you know are provocative, you are trolling: a Troll is a person who sows discord on the Internet by starting quarrels or upsetting people, by posting inflammatory, extraneous, or off-topic messages in an online community (such as a newsgroup, forum, chat room, or blog) with the intent of provoking readers into an emotional response.

It obviously upsets YOU IAN but many posters over the years agree with me and still do since I came here I said I was FOR the public not intrinsically “For ” anybody else although I have a high regard for Wavechange . I am not trying to provoke an emotional response but a REBUTTAL of what technical points I have posted , .Try to contradict the technical points and then we can intercommunicate normally . You say they are all safe –PROVE IT ??? I have never been part of a “group ” although I could have joined the Mason,s I dont hold to their philosophy of “giving a helping hand to each other ” –nod-nod -wink -wink. when I lived in London I was asked to join an “Order of the Elephants ” or a name like that , I declined as it would put me in a better position work wise than Joe Bloggs I do have principles which , yes hurt me financially but I go to sleep with a better moral sense. Nobody is perfect including myself but I have stood alone all my life and “lean ” on nobody.

You say they are all safe

Were did I say that? Please post the reference. Or withdraw the comment.

Duncan, thanks for that post.

Am I right in thinking that the “proof” you’re citing comprises claims hosted by a rival software product “AdGuard” ?

If so, is that useful proof – or just “hurt & rescue” marketing?

You could use the same logic and theory on Google /Microsoft and a lot of other big digitally run companies . I get several from Germany as well as the USA telling me about hacks etc . If several of those tech. companies agree then its not just a case of “self publicising ” to obtain recognition but you are equally allowed to not believe it but think of the reputations of those software engineers working for those companies , their names would be mud if it was a lie . You saw the heading and introduction of where the last piece of malware came from and that was proved correct . Warnings come to me constantly including a well known guy I think you know of international “fame ” who has been warning people for a long time but also from big name international malware and investigative tech companies , I have yet to find any of the ones I rely on turn out to be fakes . I get all the background investigation but I got the “message ” here keep the tech. down so I do but if you question the reality of my warnings and then complain about -“too much engineering ” if I go into detail isn’t that suppressing proof to prove another conclusion ? Look Derek I have been given no reason to trust the “big boys ” in the digital media they are devious , conniving, etc in their information gathering and getting worse now so if somebody even a small company “bursts the lid ” on their wrong doings its worth listening to at least . I also check up on system programming websites to see if they agree and advise implementation of changes to my programming which is more possible on my system than many , to protect myself so I dont just take one viewpoint I take a range of views . It might not seem it but I do believe in capitalism with a small “c” why shouldn’t an investigative company give itself a pat on the back if it finds out hidden malware ? as long as what it says is truthful –nobody has questioned this report so far.

So the answers to my questions were “yes” and “no – just normal marketing and sales”?