This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
SoylentNews is people
SoylentNews is powered by your submissions, so send in your scoop. Only 12 submissions in the queue.
SoylentNews
You are confused; but this is your normal state.
(Score: -1, Flamebait) by Anonymous Coward on Friday January 06 2017, @08:18AM
Hey here's an idea since you're integrating shady crap into firefox. Make the browser automatically tunnel past Comcast login portals and make every xfinitywifi spot go straight to tor effortlessly. Seriously. Do it. I want to see which method you idiots choose to use (there are at least four ways into xfinitywifi) and how soon Comcast locks you out.
(Score: 0) by Anonymous Coward on Friday January 06 2017, @08:30AM
Post all four ways.
(Score: -1, Troll) by Anonymous Coward on Friday January 06 2017, @08:48AM
Dude you're supposed to whine "you lying bro cuz I seen every video on youtub and mac spoofing is the only way so fuk u their cant be 4 like no."
(Score: 0) by Anonymous Coward on Friday January 06 2017, @08:52AM
If FireTorFox does MAC spoofing I will laugh my fucking ass off.
(Score: 0) by Anonymous Coward on Saturday January 07 2017, @01:10AM
is lame, lame, lame. Lame!
Tor is for morons, right? Morons who can't even get around a captive portal. Bunch of dudebros being all nonymous like whoa. Morons.
(Score: -1, Troll) by Anonymous Coward on Saturday January 07 2017, @01:42AM
Show proper respect for the undeniable awesomeness of TOR.
Onion onion onion jihad.
(Score: 1, Interesting) by Anonymous Coward on Friday January 06 2017, @09:00AM
Yawning Angel was the ship who was sent by the Culture to spy on the Sleeper Service. Yep. No way Yawning Angel is a government spy tasked with ensuring Tor Browser is insecure by design. Not even possible.
(Score: 0) by Anonymous Coward on Friday January 06 2017, @04:02PM
Yeah because when you are a government spy you deliberately chose a name that gives away your intentions.
That's totally how professional spies work. Opsec? We don't need any stinking opsec,
(Score: 4, Touché) by PiMuNu on Friday January 06 2017, @10:48AM
This is great. Mozilla actually implementing a useful new feature in firefox...
(Score: 2) by opinionated_science on Friday January 06 2017, @12:17PM
a process/task manager would be nice - now they have multiprocessing ;-)
(Score: 1, Interesting) by Anonymous Coward on Friday January 06 2017, @05:28PM
I still think there are two huge improvements for security on the web. First would be to gut the user-agent header to just be a generic "Firefox" string. The reason is that this would drastically cut down the ability to track based on things like OS and processor architecture and would also affect how easy it is to get new 0-days. The reason for the latter is that once a few versions get out like that, it will be impossible to tell them apart and the malware people would have to decide to try and infect everyone with the latest or give themselves away by potentially using patched vulnerabilities.
Second would be to add salt and hashing on the client side for passwords or other data. The reason is that it would help with MITM and other attacks. And yes, I know it isn't a replacement for doing it on the server side as well.
(Score: 2) by LoRdTAW on Friday January 06 2017, @03:02PM
FTFY
On a more serious note: (tl;dr) web page should only render content, no play/stream media or control anything outside of the page rendering layout.)
If you want to truly make the web browser great again, give the user back full control. I want to see all window control disabled either permanently or by default. No resizing (which is already thankfully default), no opening new tabs, windows or anything. Completely kill any ability to ever enable pop-overs/unders. And kill the dialogue box while your at it ("Are you sure you want to close this page?" - yes motherfucker, I'm quite sure.) How many nefarious sites and poison ads have trapped stupid fucking chrome and FF in an endless loop of dialogue boxes (chrome only fixed last year FFS). The most insulting part is chrome locks up and gives only focus to the dialogue box, cant open the menu, cant switch tabs, can't even close the damn browser. What ever retard though that was a good idea should be stoned to death with mouse balls. Next is to disable HTML 5 audio and video playback by default to thwart infrasound de-anonymizing attacks and hyper annoying video ads. It can be designed so a warning is displayed saying this page is attempting to play audio/video, allow/deny?
Yea yea, there are add-on's. But think about it, we need third party add-on's to make a browser useful. How stupid is that? It was like people defending the Windows 8 UI disaster by telling complainers to buy a windows shell utility to restore classic start menu functionality. Fuck you, fix the shitty anti-consumer designs.
(Score: 2, Insightful) by Anonymous Coward on Friday January 06 2017, @03:55PM
The page about first party isolation, linked in the summary, is a great read. At least it was for me as I've been thinking a lot about the issue - especially using the URL in the urlbar as the key for each "identity." Their thoughts on spoofing (they call it randomization) were insightful and have almost convinced me that spoofing is not worth the effort because spoofing requires more developer work than equivalent uniformity coverage and developer resources are the gating factor.
I just hope that in implementing uniformity they don't exclude the potential for spoofing via plugins. I could see Mozilla thinking that they don't want to let a plugin deliberately fiddle with fingerprintable characteristics because of the potential for a malicious plugin deliberately making the browser fingerprintable. But, Even if spoofing is not effective against the most dedicated fingerprinters it still has potential against 'casual' fingerprinters and sites that just do stupid things because they think they know your browser better than you do.
(Score: 0) by Anonymous Coward on Friday January 06 2017, @08:23PM
its 2017, tor is still a thing? really?!?
(Score: 0) by Anonymous Coward on Saturday January 07 2017, @01:18AM
Totally still a thing. It's so fucking trendy to see movies about the dark web now.