zlacker

[return to "The FBI now recommends using an ad blocker when searching the web"]
1. emacdo+hQ[view] [source] 2023-02-24 01:30:32
>>taubek+(OP)
I recommend using an ad-blocker while visiting that site :-/

Lately, I find myself using more and more plugins to make the "modern web" tolerable. To list a few:

Channel Blocker (lets me block channels from search results on Youtube); uBlock Origin; Disconnect; F.B Purity; Consent-O-Matic (auto fill cookie consent forms); Kagi Search; PopUpOFF; Facebook Container; Privacy Badger; ClearURLs; Return YouTube Dislike

Basically, if I visit a website and don't like the experience, I either never go back (Kagi lets me exclude it from search results) or find a plugin to make it tolerable.

What I really want now is the ability to exclude entire websites from any permissions I grant to plugins. I feel like in the last year, I've read a couple stories about companies buying successful plugins and then using them to track you or show ads or whatever. I'm worried this will be the next stage in the battle for our attention -- best case: companies will buy popular plugins to track us and show us intrusive ads; worst case: nefarious actors will buy them to scrape information we think is private and collect it.

IE: I just want to be able to say "Hey, Firefox... those permissions that I granted to plugins x, y, and z? They don't apply to www.myfavoritebank.example.com"

Is there a browser that has that feature yet? I spent a few hours trying to figure out if Firefox did. It did not appear to.

edit: Added semicolons to separate plugins in list b/c HN stripped the newlines from my comment.

◧◩
2. panark+421[view] [source] 2023-02-24 02:59:58
>>emacdo+hQ
Do you use a password manager? Do you visit websites for banks or brokerage firms?

If so, how do you ensure that none of these plugins and extensions steal your data?

◧◩◪
3. emacdo+H31[view] [source] 2023-02-24 03:14:05
>>panark+421
Heh, you got me. A password manager is the ONE plugin I have installed in my profile that I use to access my banks.

Simply put, I trust the password manager. Recently, however, I have considered uninstalling that plugin and using only the desktop version of the password manager -- and then copy/pasting username/pw from the password manager to websites.

One reason I don't do that, though... is because having the password manager as a browser plugin guarantees (?) that the password it presents to me is for the site I am visiting. If I end up on a webiste with an IDN that was chosen very carefully to look like my bank's domain, my password manager plugin won't present me with a password -- which will trigger my paranoia.

If you can't tell, I wrestle with this decision pretty regularly...

◧◩◪◨
4. TedDoe+L91[view] [source] 2023-02-24 04:14:37
>>emacdo+H31
Use the built-in browser password manager. It is safe and it only auto fills for the correct URL… exactly what you mentioned. You should be able to export from your current PW manager and import into the browser’s. Then turn on browser sync to make sure those passwords are available on all browser instances.
◧◩◪◨⬒
5. nidnog+KW1[view] [source] 2023-02-24 12:17:13
>>TedDoe+L91
This is the last thing I expected to see on HN but after reading this I have to ask - is it ever remotely safe? Asking for a friend.
[go to top]