Abrowser recommended privacy/security extension

11 replies [Last post]
cejfi
Offline
Joined: 06/29/2018

Hello!

I just started using Trisquel GNU/Linux, also tried PureOS (which is a nice free distro) but I didn't feel at home (mostly due to GNOME 3).

Anyway, now on Trisquel I see the default browser is Abrowser. One thing I don't like is that it is not up to date (security concerns) so I installed Brave browser, then again it somehow doesn't feel good to use Brave (can't tell you why) and now I try again to switch to Abrowser. There are many extensions out there, for me it is a mess. Brave already contains the necessary privacy/security extensions which is good for non technical person which I am not....

Questions (feel free to answer any or all of them):
1. What extensions are you using to browser with Abrowser, currently I downloaded uBlock Origin and NoScript....what about AddBlock? Is it still used? Or Ghostery?
2. What is the difference between NoScript extension and disabling JavaScript in the Abrowser?
3. How do you think about Abrowser not being up to date?
4. What is your main browser in Trisquel?

Kind Regards

Geshmy
Offline
Joined: 04/23/2015

'What is the difference between NoScript extension and disabling JavaScript in the Abrowser?'

A lot of web pages have links to javascripts running from more that one domain. With NoScript you can allow scripts by domain whereas the Abrowser no javascript setting is just that, no javascript.

https://en.wikipedia.org/wiki/NoScript

NoScript also adds Anti-XSS protection, and Application Boundaries Enforcer (ABE) among other things.

One thing I have noticed, with it enabled, if you look at about:networking you will see that it links up with various IPs:
https://forums.informaction.com/viewtopic.php?f=7&t=20790
I guess it's all in the name if better security.

I edit my /etc/hosts file on a regular basis using
https://github.com/StevenBlack/hosts
That list sends over 60,000 bad web sites to the bit bucket if my browser ever tries to link up with one. The /etc/hosts file answers DNS queries before they go out to nameservers and answers with an ip address of 0.0.0.0 which goes nowhere.

cejfi
Offline
Joined: 06/29/2018

Well I am now taking a probably radical approach, will see how long it lasts:

I block everything in ublock origin and site by site I allow just what is needed to load the page... Sometimes I don't even commit (temporary allow). The thing that annoys me is that I have to every time allow connections to the same domain, cant find the filter option to automate this...

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

I would like to grab the opportunity by the ballz and recommend umatrix -> https://github.com/gorhill/uMatrix/wiki

cejfi
Offline
Joined: 06/29/2018

Damn and I just got comfortably with ublock origin custom filtering.... :D

cejfi
Offline
Joined: 06/29/2018

Ok that was fast, ublock origin uses some kind of umatrix, but umatrix gives you more information.

Please tell me what do I need beside umatrix, which addons would work well with umatrix?

Currently I have:
uMatrix
HTTPS Everywhere
Privacy Badger

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

I wouldn't know what would you need but I can tell I only use these addons (I really think this is more than enough when set properly):
noscript
umatrix
httpseverywhere

I also use this user.js -> https://github.com/pyllyukko/user.js/

I also firejail and apparmor my browser.

https://firejail.wordpress.com/

cheers o/

cejfi
Offline
Joined: 06/29/2018

Well looking into user.js and firejail I think they are too much for my taste, but keep pushing the limits :D

Thx and kind Regards.

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

>user.js and firejail I think they are too much for my taste

I'm not sure what you mean by taste, but they are both 'set and forget'. It would take you half an hour to set it, even less to forget it. On the other hand the benefits last indefinitely.

cheers and push da limit o/

cejfi
Offline
Joined: 06/29/2018

I won't say that I don't trust them, its just that I like to understand what I apply. And looking at: https://github.com/pyllyukko/user.js/ I would need a lot of time to understand all that.

But noscript is worth to keep, thx for the input!

SuperTramp83

I am a translator!

Offline
Joined: 10/31/2014

>I won't say that I don't trust them, its just that I like to understand what I apply.

each line is commented, so you just need to read it once to know what it does.

aloniv

I am a translator!

Offline
Joined: 01/11/2011

Don't forget RequestPolicy Continued, which controls cross-site requests:
https://addons.mozilla.org/en-US/firefox/addon/requestpolicy-continued/