https://t.me/hentailoliconstory/355
向作者询问后直接测试了下,结论是目前除了 Fx 的 private browsing 自带 blocker 之外,向网站泄露的信息量和 Cr 是差不多的。
Extension 方面 Cr 的 incognito 默认禁用,简单粗暴解决整个攻击面的同时也带来了不便。Fx做的隔离在没漏洞的前提下的确用户体验更好,但是对 Cr 的评价还是有偏颇。
另外,Fx60 开始要吞 referrer,估计会触发一堆网盘的防盗链……
向作者询问后直接测试了下,结论是目前除了 Fx 的 private browsing 自带 blocker 之外,向网站泄露的信息量和 Cr 是差不多的。
Extension 方面 Cr 的 incognito 默认禁用,简单粗暴解决整个攻击面的同时也带来了不便。Fx做的隔离在没漏洞的前提下的确用户体验更好,但是对 Cr 的评价还是有偏颇。
另外,Fx60 开始要吞 referrer,估计会触发一堆网盘的防盗链……
Telegram
Mozilla 能吃不?好吃不?
为什么说Chrome的隐私模式是掩耳盗铃?
Chrome的隐私模式做的事情无外乎两件事:
处理浏览历史与痕迹;(默认)禁用扩展
分开来说:
处理历史浏览痕迹无非是清空历史 cookie 与 LocalStorage等,但是那也发生在浏览结束之后,就网站(服务器)得到的数据量而言没有任何改善
默认禁用扩展可能会一定情况下改善来自商业化扩展的data mining,但是Chrome并没有阻止其在正常运作下的一些收集行为
Firefox的区别在于:
不仅仅会在在浏览结束之后处理浏览历史与痕迹,并且得益于分层式的Cookie…
Chrome的隐私模式做的事情无外乎两件事:
处理浏览历史与痕迹;(默认)禁用扩展
分开来说:
处理历史浏览痕迹无非是清空历史 cookie 与 LocalStorage等,但是那也发生在浏览结束之后,就网站(服务器)得到的数据量而言没有任何改善
默认禁用扩展可能会一定情况下改善来自商业化扩展的data mining,但是Chrome并没有阻止其在正常运作下的一些收集行为
Firefox的区别在于:
不仅仅会在在浏览结束之后处理浏览历史与痕迹,并且得益于分层式的Cookie…
https://t.me/hentailoliconstory/358
预加载如果赌得准的话真的可以提速的……过渡动画才是性能换错觉
预加载如果赌得准的话真的可以提速的……过渡动画才是性能换错觉
Telegram
Mozilla 能吃不?好吃不?
https://mikeconley.ca/blog/2018/01/11/making-tab-switching-faster-in-firefox-with-tab-warming/
两个半月之前
有位基友开始做 tab warming
到现在 根据他的原话
I'm confident enough to bring this to all release users upon next ESR (v61).
不过需要注意的一点就是
这个功能的本质是略微牺牲性能来换取心理错觉
记住这点就可以
两个半月之前
有位基友开始做 tab warming
到现在 根据他的原话
I'm confident enough to bring this to all release users upon next ESR (v61).
不过需要注意的一点就是
这个功能的本质是略微牺牲性能来换取心理错觉
记住这点就可以
THERE IS A SET OF VULNERABILITIES AFFECTING PGP AND S/MIME, PLEASE IMMEDIATELY DISABLE AND/OR UNINSTALL TOOLS THAT AUTOMATICALLY DECRYPT PGP-ENCRYPTED EMAIL, STOP SENDING AND ESPECIALLY READING PGP-ENCRYPTED EMAIL UNTIL THE VULNERABILITIES ARE FIXED. THIS IS NOT A DRILL, REPEAT, THIS IS NOT A DRILL.
https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
Licensed under CC BY, please spread this warning as much as possible.
https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
Licensed under CC BY, please spread this warning as much as possible.
ChannelNotFound
THERE IS A SET OF VULNERABILITIES AFFECTING PGP AND S/MIME, PLEASE IMMEDIATELY DISABLE AND/OR UNINSTALL TOOLS THAT AUTOMATICALLY DECRYPT PGP-ENCRYPTED EMAIL, STOP SENDING AND ESPECIALLY READING PGP-ENCRYPTED EMAIL UNTIL THE VULNERABILITIES ARE FIXED. THIS…
中文:发现了一系列影响 PGP 和 S/MIME 的安全漏洞,请立即禁用或卸载相关扩展和软件,在漏洞修复前停止发送和阅读经 GPG 加密的电子邮件。这不是演习,重复,这不是演习。
ChannelNotFound
THERE IS A SET OF VULNERABILITIES AFFECTING PGP AND S/MIME, PLEASE IMMEDIATELY DISABLE AND/OR UNINSTALL TOOLS THAT AUTOMATICALLY DECRYPT PGP-ENCRYPTED EMAIL, STOP SENDING AND ESPECIALLY READING PGP-ENCRYPTED EMAIL UNTIL THE VULNERABILITIES ARE FIXED. THIS…
Workaround for enigmail has been released
https://youtu.be/AXAouosx95Y 毛骨悚然……
YouTube
One Minute Exploration in Crypko Space
Crypko: the next generation cryptocollectible
Crypko: 次世代仮想コレクション
https://crypko.ai
This video only shows the generated space of the Crypko beta test model. The model would change in the final release on Ethereum Main Network.
このビデオはCrypkoベータ版に使うモデルの生成空…
Crypko: 次世代仮想コレクション
https://crypko.ai
This video only shows the generated space of the Crypko beta test model. The model would change in the final release on Ethereum Main Network.
このビデオはCrypkoベータ版に使うモデルの生成空…
https://www.ghostery.com/blog/ghostery-news/ghostery-email-incident-update/
笑死,发隐私协议更新结果发出隐私事故了
笑死,发隐私协议更新结果发出隐私事故了
Ghostery
Ghostery Email Incident Update - Ghostery
Dear Ghostery Users, We are very sorry! Ghostery sent out an email yesterday that resulted in the exposure of account holders’ email addresses to other Ghostery account holders and Ghostery users. We would like to provide some clarification and transparency…
https://www.eff.org/opportunities/jobs/staff-technologist-javascript-developer
San Francisco 有大佬感兴趣的吗
San Francisco 有大佬感兴趣的吗
Electronic Frontier Foundation
Staff Technologist – JavaScript Developer
The Electronic Frontier Foundation (EFF) is seeking a full-time Staff Technologist to work with our Browser Extensions team as the lead developer for HTTPS Everywhere. This is one of our efforts to encrypt the web and make it easy for all users to browse…
https://pouet.it/@piks3l/100145373483977067
It's not just nostalgia...
It's not just nostalgia...
Pouet
♇ ⚷ ♄ ♃ (@piks3l@pouet.it)
Look and 10 to 20 years ago there was IRC, torrent, forums. UX was shit but content was accessible. Now we are on Slack, Twitter, Netflix and Spotify. I fucking need to use Soulseek or obscure torrenting sites to be able to find content without having to…