zlacker

[return to "Notepad++ hijacked by state-sponsored actors"]
1. Saris+8G1[view] [source] 2026-02-02 16:37:30
>>myster+(OP)
I guess my habit of running a firewall and not allowing programs to access the internet unless they actually need it is helpful for stuff like this.

Absolutely no reason a text editor needs internet access.

I only update stuff through winget, which fetches the installer from github in a lot of cases, and changing a package requires a PR to the winget repo AFAIK. Not foolproof of course though.

◧◩
2. just_t+o92[view] [source] 2026-02-02 19:02:36
>>Saris+8G1
Which firewall software do you use? I should probably start using firewalls in my computers as well...
◧◩◪
3. Saris+Ki2[view] [source] 2026-02-02 19:48:45
>>just_t+o92
I've been using Fort: https://github.com/tnodir/fort

It's the best one I found after trying a few, because it's pretty easy to use, and lets me disable notification popups which is a part that always frustrates me about other options.

◧◩◪◨
4. valbu+u93[view] [source] 2026-02-02 23:20:15
>>Saris+Ki2
Why am I hearing about that specific FW in year 2026, this seems really good, at least the features written if it really supports rules based on parent processes, wildcards, SvcHost granularity without gotchas. Been wrangling with Windows FW for ages, trying to get some badly behaved programs to update like Discord, Teams and others that change install paths or updater executable names or hiddenly use msedgewebview2. PolicyAppId and tagging based rules have given some success but Windows FW is still really broken. Definitely giving Fort a try.
[go to top]