Problem: http://www.blackhat.com/html/bh-us-10/bh-us-10-briefings.html#Heffner
Solution: http://hackademix.net/2010/07/28/abe-patrols-the-routes-to-your-routers/
asyn
thanks, that’s interesting…although I got to admit that I almost don’t use Firefox anymore…for now, and NS is badly missing in Chrome. When the devs at Mozilla finally decide that it’s time to implement jägermonkey (complementary javascript engine to TraceMonkey), and if it does what it says on the paper, I might change my mind.
I know I’m off topic, sorry about that, but NS is bound to Firefox, and I hate to say it but my latest experience with Firefox 4 beta isn’t very conclusive. They spend more time trying to mimic Chrome and Opera at a very superficial level (Operalike button on the top left corner, tabs on top, pinned tabs renamed “app tabs” etc…)than bringing it on par in terms of speed. May be the new extension manager is fine…
Noscript is a fantastic tool, that doesn’t have a fantastic browser anymore. If they don’t move their ass, it might all end up like it did with Netscape a few years ago.
Netscape a few years ago.The browser every one used till IE came along.... wow, the more things change, the more they stay the same....
Time for NoScript or something just like it to find it’s way into Chrome.
…yeah, the problem is that Maone (NS developer), keeps saying that NS implementation in Chrome is impossible if they don’t modify the API. He was in touch with the Google Chrome team who promised to collaborate, and they just don’t it seems…
Yes, we are definitely way OT here by turning this into another “Firefox is doomed” and “I don’t like it anymore” discussion. If you two want to continue this discussion, could you start a new topic instead of hijacking this one? (And yes, I was guilty too.)
A lot will change between Fx 4 beta 2 and Fx 4 final, which I bet won’t be released until January. I’m not about to abandon a perfectly good browser just because I may not like where it will be six months from now. I probably won’t bother looking at Fx 4 again until it’s ready for release.
Or maybe I misunderstood, Logos. Have you been using the development version of Fx 4 because you’re unhappy with Fx 3.6.8? It would be a very small world if Firefox was everyone’s favorite browser, but it’s been working pretty well for me so far. When Chrome or one of the other browsers becomes as customizable as Firefox, then I’ll consider them again.
Edit: Added mea culpa and new topic suggestion.
OK, back on topic – I hope for good.
It will be interesting to see how this turns out. I hope Giorgio didn’t DOS himself with this new feature. The NoScript forums seem to be slow or unavailable right now.
Like always Giorgio have made a great work developing this great addon.
@ Alan Baxter: how can you blame me for being off topic when there’s not a word referring to NS in your post ??? : I know you admitted it already but then again, how can you ask us to start a new topic and not hijack this one when you’re just commenting the off topic stuff…
okay…yes I admit I switched to FF 4.0b1 then b2, mainly because of FF3,6 being too slow, and I do know that all FF4 features aren’t implemented yet (as said in my last post mainly jägermonkey)…but it takes time and I don’t have much patience. Opera managed to re-do almost everything from scratch in very short space of time >>> the end result is they now got a faster js engine then Chrome, using their own technology. So what’s up with Mozilla??? declarations and videos on YouTube about tabs on top, the video is half and hour long …It’s a bad habit in the opensource world to mimic proprietary software to get market share : …reminds me of some Windows like start menu on some Linux distros, with a Vista background pre-loaded at install time. Don’t get me wrong I like Linux and Firefox, as long as they stick to their own homemade stuff
I wouldn’t be unhappy with FF 3.6 if Chrome didn’t exist. I know and I said it myself many times on this forum, that Firefox outperforms any other browser in almost every way, except one little thing: SPEED >>> startup speed and browsing speed, the difference is just stunning. The extensions in Chrome are crap, they can’t compare to FF, I know that too, and as said, NS is missing.
I got Minefield installed and updated everyday, if it breaks it breaks doesn’t matter (so I’m on 4.0b3/pre now) because I just got it to check how things go, and to display a few pages that Chrome can’t display for some reason (?)…I haven’t decided to ditch Firefox yet, I will decide about that when FF4/RC1 will be out later this year. And no that’s not a trivial thing to do, I’ve been on FF since version 1.0, about two months before 1.5 came out to be precise
Hi Logos,
I have less problems with speed with the Mozilla browser(s) with NoScript and RequestPolicy both active, it is speedier because all of the crap it does not have to load and with a good deal also blocked from loading through ABP+ and firekeeper malware list, I am a happy man, only I fully load scripts etc. on the actual page, forget the rest of the crap that is requested by third party domains etc. (unless absolutely needed and temporarily allowed) and then the page load is somewhat slightly longer but reasonable enough to take that into the bargain.
I liked GoogleChrome or Iron also and the security of the separate processes running therein but all the silent browser updates ruining my ABP+ extension settings again and again made me give up on it, and also the fact that I cannot toggle to kill script there as I like it with NoScript makes GoogleChrome a “non non”. Do not blame the GoogleChrome developers for not taking NS aboard, because in Firefox and Flock NS also never has made it as by default, vested ad driving sponsor interests apparently just weighed more heavy into that decision then full security gained to let users find the full security of NS by their own accord or word of mouth. On the other hand GoogleChrome makers know that with harboring NS they could deal the final blow to the competition of the Mozilla browser minus a few die-hard fanboys that will cling on to the old slyfox, and take all the NoScripters of all lands aboard. We just wait and see what’s in store for us?
polonus
@ Polonus:
I have less problems with speed with the Mozilla browser(s) with NoScript and RequestPolicy both active, it is speedier because all of the crap it does not have to load and with a good deal also blocked from loading through ABP+
definitely not here, and as you know I run AB+ and NS in Firefox. I got AB blocking ad servers now in Chrome, but in terms of speed that doesn’t make any difference, I could turn it off…loading all the Internet adware crap doesn’t slow down Chrome at all, it’s still at least twice as fast as Firefox. May be it’s your connection, I don’t know. Connections to multiple servers are run in parallel, and it’s impossible to saturate my bandwidth with that. Pages load generate in terms of bandwidth, including the adware stuff, not more then a few hundred KB/s.
Hi Logos,
I am on Mozilla/5.0 (Windows; U; Windows NT 6.0; nl; rv:1.9.0.16) Gecko/2010021011 Firefox/3.0.16 Flock/2.5.6 ID:2010021011 and I made a connection speed of 1 MB in between 7.6 seconds and 9.9 seconds’ time in the browser,
polonus
Well, if you just want to blow off steam in somebody else’s topic, there’s nothing I can do to stop you – except ask nicely, I suppose, which I’ve already done. I’m not going to ask again. Good job of hijacking, Logos.
thanks
Hi forum friends,
The topic started by Alan Baxter was snowed under more or less, but last night NS’s ABE made I had a long time logging in to a certain site, now it seems fine. The issue is very hot and I explained elsewhere that we need this protection (lot of postings on XSS and firekeeper detections) because where you want to go online can sometimes be taken out of your hands now as we experience (CPAlead, XSS, DNS-redirects that may slow you down (akamai-rerouting-issues), GEO-preferences to hide or show content, etc. etc.). Once with the Sony DRM case then the Sony spokesman openly declared that they (these parties of vested interests) would take to using every trick in the book to ensure the continuation of their revenue streams at whatever level it takes (firewall, ISP, routing, etc.), so we need to have some means now to check on those that check us,
polonus
Once with the Sony DRM case then the Sony spokesman openly declared that they (these parties of vested interests) would take to using every trick in the book to ensure the continuation of their revenue streams at whatever level it takes (firewall, ISP, routing, etc.), so we need to have some means now to check on those that check us,Damien, Aren't you digging up ancient history with that statement ??? ;D
Hi bob3160,
Could not come up with a more recent uttering of that sort, alas the practices are still with us, while some hope is glimmering on the horizon in the States at least: http://www.eff.org/press/archives/2010/07/26
To get back on topic,
People that want to test can do an open relay test here: http://www.antispam-ufrj.pads.ufrj.br/test-relay.html
and here Steve Gibson to help us: http://www.grc.com/dns/crashtest.htm
and http://www.grc.com/dns/benchmark.htm
Or why abe works: http://samy.pl/natpin/
(be aware that plug-ins like Flash, Silverlight etc. also can open raw sockets)
http://hackademix.net/2010/01/08/nat-pinning-and-abe/
and finally: http://www.wikihow.com/Test-Network-and-Internet-Latency-(Lag)-in-Microsoft-Windows
polonus
P.S. and when you need a black hole to get rid of attacks: http://blogs.techrepublic.com.com/networking/?p=452
D
Latest info…
http://www.h-online.com/security/news/item/Router-access-through-the-back-door-1049263.html
http://hackademix.net/2010/08/01/al_9x-was-right-my-router-is-safe/
asyn
Hi Asyn,
Yes, we saw this coming. Of course it is also because loads and loads of users do not know how to protect themselves and were never taught to change their router passwords, Giorgio Maone also closed the other holes that were there by design,
mind you the Internet was never invented with security in mind, that is why it is so hard to make it a little bit more secure now, see this latest OpenDNS insecurity through acting improperly: http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0412.html
polonus
See the second link I just added to my prior post…!
asyn