Search Results for 'brinkmann'

LastPass Authenticator’s Cloud Backup option explained
By Martin Brinkmann | May 23, 2017

LastPass Authenticator is a free application for Android and iOS devices that can generate two-factor authentication codes for you.

The application is compatible with LastPass accounts, but works also with other services that support two-factor authentication such as Google or LogMeIn. The app supports all services or apps that use Google Authenticator, or TOTP-based two-factor authentication.

Once you have added an account to the app, it either generates two-factor authentication codes continuously when open, or displays confirmation prompts that you need to respond to, to sign-in to the selected service.

LastPass Authenticator is compatible with the company’s password manager application, but does not require it. Some functionality is limited however when you don’t connect LastPass Authenticator to a LastPass Account.

 
Read the full article here

Martin Brinkmann has updated the ghacks.net Security overview, to 23 May 2017. “There are two types of Anti-Ransomware software programs: those that p
[See the full post at: Anti-Ransomware Software Overview Update]

6 users thanked author for this post.

Ascaris, Elly, SueW, Bobc, JDeC, AJNorth

Note this new post from Martin Brinkmann:

https://www.ghacks.net/2017/05/08/detect-and-mitigate-intel-amt-vulnerability/

Intel-SA-00075 version 1.0.16

With respect to the MSRT and the question of telemetry, Martin Brinkmann has a useful article at gHacks, “Disable Microsoft Windows Malicious Software Removal Tool Heartbeat Telemetry” (2016.10.20): https://www.ghacks.net/2016/10/20/disable-microsoft-windows-malicious-software-removal-tool-heartbeat-telemetry/ .

Also, as the MSRT does not actually install, but rather is placed in the C:\Windows\System32 folder as MRT.exe (and initially run when downloaded), for those not concerned about having it on-board, another approach would be to simply delete the file (the latest version can always be downloaded and run as a stand-alone on-demand scanner from https://www.microsoft.com/en-us/download/malicious-software-removal-tool-details.aspx).

AKB 2952664: Telemetry in Win7/8.1 – KB2952664, KB2977759, KB2976978, & KB3150513

By @PKCano

Published 21 March 2017 rev 1.0

Telemetry has been a part of Windows from the beginning. An example of this is the Customer Experience Improvement Program (CEIP). If the User opted into CEIP, data about the computer usage was sent to Microsoft.

What is considered by many to be excessive data collection has been built into Win10 from the beginning. But beginning with the “Get Windows 10” (GWX) campaign, the amount of data collected from individual Win7/Win8.1 computers has greatly increased. Not only has that raised privacy concerns, but the act of collecting itself can use significant computer resources. If the data collection is done over limited (metered) connections, cost may also become a factor.

What data is being gathered? We don’t have any idea, and don’t have any way to know, unless Microsoft suddenly decides it’s in their best interest to tell us. Don’t hold your breath. Some people think the whole thing’s overblown. Others are cautious. They don’t trust Microsoft.

The most obviously telemetry/compatibility related patches…

For Win7 SP1:

KB2952664/KB3150513
KB3021917
KB3068708
KB3080149
KB3022345 (this patch has been superseded by KB3068708, so it won’t show up in a clean install. But it may still show up as installed on the computer)

For Win7 RTM
KB2977759/KB3150513

For Win8.1
KB2976978/KB3150513
KB3044374
KB3068708
KB3080149

The collection of data about PC hardware/software, and how it is used, is probably more significant to Win10 which receives major version upgrades every eight months and frequent feature changes in between. But for Win7/8.1 users, particularly those with older hardware, who have no intention of upgrading to Win10, we’ve found no correlation between increased data collection and better patches.

Major offenders are:

Customer Experience Improvement Program (CEIP). CEIP has been around for years. Microsoft says it collects the information about how products are used to “improve the products and features” and to “help solve problems.” Microsoft’s statement is here

KB2952664 (Win7 SP1) Compatibility Updater
KB2976978 (Win8.1) Compatibility Updater
KB2977759 (Win7 RTM) Compatibility Updater

According to Microsoft:

This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program. The diagnostics evaluate the compatibility status of the Windows ecosystem, and help Microsoft to ensure application and device compatibility for all updates to Windows. There is no GWX or upgrade functionality contained in this update.

The Compatibility Updater is prerequisite for KB3150513, which provides updated configuration and definitions for the Compatibility Updater.

According to Microsoft:

This update provides the latest set of definitions for compatibility diagnostics that are performed on the system. The updated definitions will help enable Microsoft and its partners to ensure compatibility for all customers who want to install the latest Windows operating system. Installing this update also makes sure that the latest Windows operating system version is correctly offered through Windows Update, based on compatibility results.

@MrBrian, one of the contributors to AskWoody, did extensive research on the effect of CEIP, with and without the Compatibility Updater installed, on Win7 SP1. His results can be found here.

A synopsis of his findings:

1. CEIP is voluntary and can be turned off.
2. The Diagnostics Tracking Service sends data to Microsoft
3. Computers without the Compatibility Updater installed and with CEIP turned off, did not experience episodes of data being sent by Diagnostics Tracking Service to Microsoft.
4. Computers without the Compatibility Updater installed collect data to send data to Microsoft using the ProgramDataUpdater task in Task Scheduler located in Microsoft\windows\Application Experience.
5. The installation of the Compatibility Updater adds the Microsoft Compatibility Appraiser task to the Task Scheduler and changes the action for task ProgramDataUpdater, both located in Microsoft\Windows\Application Experience.

@MrBrian’s findings were:

anonymous wrote:

Here is the full list of what I found for Windows 7 x64 that violates the operating system’s Customer Experience Improvement Program setting:

1. Pre-KB2952664 task ProgramDataUpdater (but not post-KB2952664 task ProgramDataUpdater) can use significant CPU and disk resources.
2. Task Microsoft Compatibility Appraiser (from KB2952664) can use significant CPU and disk resources.
3. Diagnostics Tracking Service sends some data to Microsoft after task Microsoft Compatibility Appraiser runs, although a lot less than compared to when the operating system’s Customer Experience Improvement Program setting = Yes.

Reference

@abbodi86’s conclusion

abbodi86 wrote:

Appraiser KB2952664 and Telemetry DiagTrack are built-in Windows 10 since RTM

Both KB2952664/KB3150513 are only needed for upgrade they have nothing useful for current Windows 7 (well, except providing MSFT with Appraiser statistics)

Reference

@MrBrian’s RECOMMENDATIONS FOR REDUCING TELEMETRY (DATA COLLECTION BY MICROSOFT

MrBrian wrote:

Here are my recommendations based on my test results so far (for Windows 7 x64 computers):

If you set operating system’s Customer Experience Improvement Program setting = No, some data is still sent to Microsoft telemetry within 35 minutes after task Microsoft Compatibility Appraiser (added by KB2952664) finishes running, as shown in screenshot https://i.imgsafe.org/42b131eb08.png.

If this is unacceptable, then do at least one of the three following actions (in addition to setting operating system’s Customer Experience Improvement Program setting = No):

Action 1) In Task Scheduler, disable task Microsoft Compatibility Appraiser (located in MicrosoftWindowsApplication Experience). This also stops Microsoft Compatibility Appraiser from sometimes consuming a lot of CPU and disk resources.

And/or Action 2) In firewall or router, block traffic to DNS endpoints settings-win.data.microsoft.com and vortex-win.data.microsoft.com, or equivalent (for now anyway) IP addresses 64.4.54.253 and 64.4.54.254. To do this in Windows Firewall, see http://www.easysecurityonline.com/how-to-protect-windows-7-and-8-from-getting-windows-10-privacy-intrusions-too/. I verified that this blocks Diagnostics Tracking Service telemetry using Process Monitor.

And/or Action 3) Disable service Diagnostics Tracking Service. I verified that this stops Diagnostics Tracking Service telemetry using Process Monitor. Microsoft recommends to not disable this service at https://blogs.technet.microsoft.com/netro/2015/09/09/windows-7-windows-8-and-windows-10-telemetry-updates-diagnostic-tracking/. Third-party programs can also use this service to send telemetry.

There are advantages and disadvantages of each of the above 3 actions. I will probably do Action 2 very soon in Windows Firewall, and also Action 1 if task Microsoft Compatibility Appraiser exists on my computer in the future.

Notes:
1. It’s possible that existing or future Windows updates, or perhaps even other situations, could re-enable Microsoft Compatibility Appraiser or Diagnostics Tracking Service if they are disabled. This makes Action 2 attractive.
2. I don’t know if any of the above actions causes problems. I didn’t notice any problems during my tests though.
3. There is no guarantee that following this advice will be effective on your computer. It was effective in my tests though.
4. I don’t know if following this advice is effective on Windows 8.1. I might test Windows 8.1 if there is enough demand, or if Woody asks me to do it.

Reference More on data collection

Further reference on data collection and telemetry:

Removing telemetry
https://www.askwoody.com/2017/martin-brinkmanns-deep-dive-into-removing-telemetry-in-win7-and-8-1/

Prerequisites for KB3150513 Compatibility Updater

10 users thanked author for this post.

jburk07, RetiredGeek, DLivesInTexas, Microfix, owdrtn, Elly, MrBrian, woody, ch100, Noel Carboni

Martin Brinkmann on Ghacks has a more detailed look.

He can’t find them, either.

Post coming soon in InfoWorld. Thanks to Martin Brinkmann, Ghacks.net.
[See the full post at: Turn off advertising in Windows 10 File Explorer]

1 user thanked author for this post.

PhotM

Hi Chip,
You should be able to uninstall KB3021917 without causing issues.
This article by Martin Brinkmann on ghacks.net may be of assistance to you.

Here is abbodi86’s post about KB3021917: https://www.askwoody.com/forums/topic/martin-brinkmanns-deep-dive-into-removing-telemetry-in-win7-and-8-1/#post-93764.

1 user thanked author for this post.

ch100

Martin Brinkmann has a discussion of two browser extensions — one for Firefox, the other for Chrome – called CloudBleed. CloudBleed scans your browsing history and tell you if you’ve ventured onto a leaky site.

Give it a try. See this ghacks article.

1 user thanked author for this post.

JohnW

@mark345
Recent blogposts @Woody published may be of some assistance to you. It could be a good place to start, if your W7 update concerns relate to telemetry:
https://www.askwoody.com/2017/martin-brinkmanns-deep-dive-into-removing-telemetry-in-win7-and-8-1/
https://www.askwoody.com/2017/a-way-to-mediate-the-telemetry-gathering-in-win7-and-8-1/

Hope that is of some help to you

? says:
Thanks for the heads up everyone appreciates all the extra security we can get these days…
I’m running persistent live cd usb’s so i’m not too worried about any more borking than I already do for myself. I ran all the telemetry blocking after you let us know about it the other day and no problems, so far.
Check with our security loving German compatriot Martin Brinkmann’s Ghacks.net for three more:

http://www.ghacks.net/2013/04/27/firefox-prefetching-what-you-need-to-know/

the way i’m running (on purpose) makes worries about viruses non existent
the big eye in the sky can look all it wants (it is going to anyway) so when i’m feeling extra frisky and bored i will lead it back onto itself… kinda like the endless loop (yes i did) on the old mainframe arpanet… see:https://en.wikipedia.org/wiki/ARPANET if interested.
anyway, enough from me (for now) and thanks again for having my back whilst on our journey riding the wild interweb today…

Recently I was given a rather old (from 2013) Lenovo nettop with Windows 10. After some service, including cleaning from the dust, restoring the original configuration (Windows 8 Single Language) and making snapshot of the clean system, I decided to perform a clean installation of Windows 8.1 Single Language. So, I prepared the USB installation media using the Microsoft Media Creation Tool. After installation and activation, the system was updated using the WSUS Offline tool.
Just in case, I checked the list of installed updates looking for the telemetry updates. Surprisingly, KB2976978 was found in the system with the install date 21.11.2014. It is impossible to uninstall it.
The WSUS Offline is known not to contain this update, but I additionally checked the updates downloaded by WSUS Offline and KB2976978 was not found. So, the only explanation is that KB2976978 was included to the installation image downloaded from Microsoft.
It should be noted that:
1) No other telemetry updates (at least from the list presented in Martin Brinkmann’s post) were found in the system.
2) The DiagTrack service is absent in the system.
3) According to the Task Scheduler, the system seems to respect the CEIP opt out choice – even with the corresponding “telemetry” tasks enabled and the triggers set, the “Last Run Time” is “Never” for CEIP tasks (except for Consolidator, which is expected), DiskDiagnosticDataCollector and WinSAT.
Hope this information can be useful.

Astoundingly, reader 715 has a formatted copy of most of the comments. They won’t be indexed and nested/indented the usual way, but here’s the feed:

February 12, 2017 at 7:49 am #93999 Reply

lizzytish
AskWoody Lounger
Think we can really owe a vote of thanks to Gunter!!!!
There will be a lot saying (me included) “Why am I not surprised!”

Feel the quotations are apt for both this post and also the one on Office.

Question of the Devil you know or the Devil you don’t…….

or Between the Devil and the Deep Blue Sea!

or Out of the frypan into the fire!
LT

This reply was modified 20 hours, 15 minutes ago by lizzytish.
February 12, 2017 at 8:43 am #94013 Reply

anonymous
Woody… Can’t find my password at the moment so I’m posting “anonymously” instead of as MikeFromMarkham… Anyway…

There is a switch under Settings to turn off the data transmission in this supposedly private browser…

But if you’re skeptical whether this actually works, you can turn it off yourself by accessing the browser’s “about:config” page (type about:config in the address bar and press Enter), and then search for and set the following values to totally disable data reporting:

datareporting.healthreport.uploadEnabled => false
datareporting.policy.dataSubmissionEnabled => false
toolkit.telemetry.enabled => false
toolkit.telemetry.unified => false

To change a setting, double-click on it, or right-click and then Toggle to change it.

The same settings can be set in the mainstream Firefox browser as well.

6 users thanked author for this post.

Elly, Noel Carboni, samak, ch100, woody, Cesar
February 12, 2017 at 9:11 am #94020 Reply

woody
Da Boss
If the “forgotten password” link doesn’t work, you can always email me.

February 12, 2017 at 6:02 pm #94203 Reply

MikeFromMarkham
AskWoody Lounger
Thanks, Woody, but I finally remembered where I stored it!

February 12, 2017 at 10:40 am #94071 Reply

RCPete
AskWoody Lounger
For what it’s worth, I’m not seeing those items in Pale Moon’s fork of Firefox. The closest is: toolkit.telemetry.rejected set to TRUE.

RCPete

February 12, 2017 at 10:07 pm #94267 Reply

satrow
AskWoody MVP
The Pale Moon dev does try to ensure that the browser (and the email client, Fossamail) is as clean as possible.

“toolkit.telemetry.rejected set to TRUE” looks like that telemetry is switched off (rejected). That telemetry is pointed back at Mozilla’s servers anyway from what I can tell, they’ll be rejected as Pale Moon doesn’t have the key to enable access – and Mozilla wouldn’t want Pale Moon’s telemetry data anyway.

Pale Moon doesn’t collect any telemetry, not even the basics like user numbers.

2 users thanked author for this post.

Rob, Elly
February 12, 2017 at 9:15 am #94021 Reply

Rob
AskWoody Lounger
I have firefox tweaks collected over the years of using the browser for use on setting up PC’s
Here are some more relating to telemetry:

Note: This is for PC users

Open firefox then type or copy the command about:config
Next a warning will pop up, accept it to continue.

Note: The bold text is what you need to change the setting to

In the search bar type or copy and paste:

1) toolkit.telemetry.unified (set to ‘FALSE’)
2) toolkit.telemetry.archive.enabled (set to ‘FALSE’)
3) toolkit.telemetry.enabled (set to ‘FALSE’)
4) datareporting.policy.dataSubmissionEnabled (set to ‘FALSE’)
5) datareporting.policy.dataSubmissionEnabled.v2 (set to ‘FALSE’) (pre v50 firefox)

Exit and restart firefox.

Once Firefox has opened hit the ALT key on your keyboard
(this brings up the File Menu bar at the top of your screen)
In the File Menu bar go to Tools / Options
Within Firefox options page go to the Advanced Tab/ Data Choices and untick all tickboxes.

Job done, no more reporting back to Mozilla.

| Group B Win 7 HP and Pro |.

No problem can be solved from the same level of consciousness that created IT.
AE
This reply was modified 18 hours, 49 minutes ago by Rob. Reason: formatting
This reply was modified 18 hours, 47 minutes ago by Rob.
5 users thanked author for this post.

Elly, satrow, JDeC, samak, Cesar
February 12, 2017 at 9:31 am #94024 Reply

anonymous
That’s quite a fair trade, ie consumers getting to use Firefox for free, in return for giving Firefox the ability to earn some marketing or ad revenue. Otherwise, Firefox may soon need to close shop. Similarly for Google’s free products and services.

February 12, 2017 at 9:48 am #94058 Reply

anonymous
In this day and age, they need to be asking for permission. Many of us have long since exhausted our after-the-fact forgiveness.

1 user thanked author for this post.

Elly
February 12, 2017 at 3:19 pm #94176 Reply

fp
AskWoody Lounger
Yes, if they disclosed what data and how they are using them. FULLY, which you can never be sure they do.

This reply was modified 12 hours, 47 minutes ago by fp.
February 12, 2017 at 9:16 pm #94246 Reply

anonymous
Fyi, ABC, CBS, NBC n FOX do not need TV users’ permission to display ads on the free TV shows running on the users’ TVs.

In comparison, people hv to pay to watch better quality TV shows on Cable TV or Satellite TV which are also filled with ads without the payers’ permission.

So, it is already common practice that users’ permission is not required when they use free stuffs from companies. IOW, if the users do not like what comes together with the free stuff, they can choose not to use it or pay to use another similar stuff which they like.

February 12, 2017 at 9:52 am #94062 Reply

woody
Da Boss
Martin Brinkmann has some additional information on the Ghacks site.

This reply was modified 18 hours, 13 minutes ago by woody.
February 12, 2017 at 10:12 am #94067 Reply

Ascaris
AskWoody Lounger
Firefox is up front with the telemetry. Right when you install it, you see an alert bar at the bottom that says that Firefox collects data, and it provides a button to take you to the settings.

I don’t have a problem with Mozilla doing this way I do with MS or Google doing it. Mozilla makes it clear that it is happening by default and gives you a clear path to change the settings. That’s quite different from Windows 10, for example, which (during the installation or the first time it runs for OEM preloads) has a big button to choose the express settings without explaining that it turns on the full amount of spying, with only a small link that isn’t that easy to see for custom settings. They know most people just see the button in the lower right corner (whatever it may be) as a “you have to click here to make stuff happen” button, so that’s where they put the button that doesn’t give the user any choice, or even any information that there will be considerable data collection if they choose that option.

In contrast, if people absent-mindedly click the button on the alert in Firefox, they are shown the telemetry options, so even if they missed the text in the alert bar they just clicked on, they still can see that the telemetry is on. Microsoft is being sneaky; Firefox is making it as hard to miss that they are using telemetry as they can. If Microsoft had a “yes, we collect user data, but you can click this button to change those settings” message that was prominently displayed during installation or first run, and the settings therein allowed all of the telemetry to be turned off, I would not have as much of a problem with it as I do now.

I also give more leeway to FOSS developers in terms of telemetry than I would to a huge commercial company like Microsoft. Part of the reason MS wants us to keep telemetry on and to have updates forced on us is because customers are now the beta testers, whether they want to be or not, since MS laid off most of the professional testers they used to have. I’m more forgiving when a community project (whose product is completely free) relies on the community to test it and report bugs than when a company that charges money for a product that comes with a lot of restrictions and limitations, then turns around and asks (or demands, in Microsoft’s case) that I take part in beta testing it for them for free.

I’m comparing Firefox to Windows 10 here, and I know it’s not a 1:1 comparison, but it is the only way to get Edge, and a comparison between Edge and Firefox is completely justified. Not all of the telemetry settings in Windows necessarily relate to Edge, of course… but when they intentionally weld the browser to the OS, the lines get blurred. How can we tell if it is Edge that is spying on you rather than Windows 10 itself?

I can’t compare Firefox to Chrome, as I have no experience with Chrome.

1 user thanked author for this post.

Rob
February 12, 2017 at 3:17 pm #94175 Reply

fp
AskWoody Lounger
I think you should be more careful than trusting ANYBODY just because they seem to tell you something upfront. I can see how this can be just the way to instill trust in you, while they do more than what they tell you. I would be surprised if this weren’t the case and as Noel’s analysis suggests just that.

February 12, 2017 at 11:32 am #94085 Reply

fp
AskWoody Lounger
As I keep repeating, violating privacy has become the almost exclusive business model of companies who discovered that its much easier, less costly and very profitable to do it than provide goods and services; and what is more, the gullible American public, who has never experienced tyranny, tolerates it while the govt lets them for its own purposes. So it would be irrational, under these circumstances, not to do it. It won’t end well.

Law prof explains how the road to bad law is paved with good intentions.
https://arstechnica.com/tech-policy/2017/02/american-spies-how-we-got-to-age-of-mass-surveillance-without-even-trying/

In fact, if you consider W10, vendors today develop upgrades for the almost exclusive purpose to enhance spying, not to improve user utility.

This reply was modified 16 hours, 31 minutes ago by fp.
This reply was modified 16 hours, 29 minutes ago by fp.
February 12, 2017 at 12:50 pm #94111 Reply

Noel Carboni
AskWoody MVP
Just a data point, observed during a test:

I don’t normally use FireFox, but when I start FireFox on my own home page (ProDigitalSoftware.com), FireFox accesses the domain I have listed on my home page, then a whole bunch more.

Note that ONLY ProDigitalSoftware.com is directly referenced on my home page. Some of the other pages deeper in my web page set (but NOT my home page) access secure.softwarekey.com.

ALL the others – bolded entries in the following list – are accessed by FireFox without any permission from me or even my knowledge. And I have configured it to the best of my ability to disable all “extra” features.

prodigitalsoftware.com A resolved from Forwarding Server as 66.96.149.32
prodigitalsoftware.com A resolved from Cache to 66.96.149.32
prodigitalsoftware.com AAAA not found by Forwarding Server
secure.softwarekey.com A resolved from Forwarding Server as 66.150.99.39
secure.softwarekey.com A resolved from Cache to 66.150.99.39
secure.softwarekey.com AAAA not found by Forwarding Server
shavar.services.mozilla.com A resolved from Forwarding Server as 52.43.198.160
shavar.prod.mozaws.net A resolved from Forwarding Server as 52.43.240.174
shavar.prod.mozaws.net AAAA not found by Forwarding Server
self-repair.mozilla.org A resolved from Forwarding Server as 52.35.8.196
shield-normandy-elb-prod-2099053585.us-west-2.elb.amazonaws.com A resolved from Forwarding Server as 52.89.80.240
shield-normandy-elb-prod-2099053585.us-west-2.elb.amazonaws.com A resolved from Cache to 52.89.80.240
shield-normandy-elb-prod-2099053585.us-west-2.elb.amazonaws.com AAAA not found by Forwarding Server
normandy.cdn.mozilla.net A resolved from Forwarding Server as 54.192.83.216
d6wjo2hisqfy2.cloudfront.net A resolved from Forwarding Server as 54.192.83.84
d6wjo2hisqfy2.cloudfront.net AAAA not found by Forwarding Server

What this list says quite clearly is that

1) FireFox apparently accesses pages linked from the page I’m showing – presumably to anticipate my visiting them – something I have NO interest in having it do. I’ve configured it to be as private as possible. If there are other (hidden) configuration options I don’t know them.

2) FireFox accesses a number of sites that have NOTHING to do with the page I’m requesting. Self update checks? Telemetry/snooping? Tracking? Who knows?

The above is what I saw when starting FireFox 51.0.1 on Win 8.1.

-Noel

February 12, 2017 at 1:18 pm #94113 Reply

Rob
AskWoody Lounger
Pre-caching all the links on your chosen homepage in anticipation for quicker web browsing?
Remember the browser wars years back..Netscape Navigator, IE, Firefox (when Google was a search engine and Microsoft missed out big-time)
They were all looking for a faster browser experience and I’m sure this is the way Firefox works to achieve the speed.

Given that Firefox is open source, I don’t think it’s anything untoward, been using Firefox since the end of the Phoenix days back in 1999 and never had an issue other than coding bugs which are promptly fixed for Windows and Linux and later apple OSX.

There’s too much to lose from Mozilla’s perspective..trust being the major factor.

| Group B Win 7 HP and Pro |.

No problem can be solved from the same level of consciousness that created IT.
AE
February 12, 2017 at 1:47 pm #94122 Reply

Noel Carboni
AskWoody MVP
I’m not so concerned about the pre-fetch stuff as the other, but hey, if there are configuration options explicitly telling it NOT to resolve all the links on those other pages (not to mention deleting history on exit), it shouldn’t be doing it.

But no matter, it’s not my browser of choice. As it turns out, it’s SO not my browser of choice, and after gaining the added knowledge that it’s visiting half a dozen sites at startup behind my back, that I just removed it entirely from my main workstation. When I need to test web pages in alternate browsers I’ll do it in a Virtual Machine.

Heh, regarding FireFox being open source… Have you personally taken the time to read through all the sources? What’s the lines-of-code count? In the millions? I wonder how many have actually read through it… Yes, I realize having it open to all active developers, assuming at least some developers have integrity, IS a measure of security. Still, things can be hidden in plain sight.

-Noel

February 12, 2017 at 3:13 pm #94173 Reply

fp
AskWoody Lounger
I don’t think ANYBODY can be trusted these days. The tolerated profitability of private data is too strong a temptation to resist, particularly for vendors of mature software–it’s hard to come up with new really useful features for which users are not prepared to pay for/buy. Everybody wants rent income now.

February 12, 2017 at 3:50 pm #94181 Reply

Rob
AskWoody Lounger
I think the Tor Browser speaks for itself which is based on..? and has been developed and used by..?
So bouncing communications around a distributed network of relays would surely be more secure in..?

There are certain tweaks and settings required to assist in securing firefox further via about:config which are evolving continuously and the devs at Mozilla are doing a d**ned good job. There are some default settings which need tweaked also but hey, what browser doesn’t?

I’m very happy with firefox as there are certain security measures which can be manipulated that I’m familiar and satisfied with and has stood the test of time, circa 13 years in my experience.

It’s all a matter of personal preference.

| Group B Win 7 HP and Pro |.

No problem can be solved from the same level of consciousness that created IT.
AE
February 12, 2017 at 6:18 pm #94204 Reply

anonymous
Some searching of the web reveals… Normandy, it is Mozilla’s server-side component part of a project named SHIELD. SHIELD is Mozilla’s user interaction project. The Shavar domains are apparently related to Mozilla’s safe browsing service. I’m not sure what the use of the Cloudfront domains are for, maybe it is providing bandwidth and/or redundancy for the Mozilla services or the dns prefetch.

Normandy project collection on Github and documentation
https://github.com/mozilla/normandy
http://normandy.readthedocs.io/en/latest/

SHIELD project Wiki
https://wiki.mozilla.org/Firefox/SHIELD

Shavar Github and Wiki
https://github.com/mozilla-services/shavar
https://wiki.mozilla.org/Services/Shavar

3 users thanked author for this post.

Rob, Woody posting as an MVP, MikeFromMarkham
February 12, 2017 at 1:55 pm #94125 Reply

ch100
AskWoody MVP
This is the location in settings where the GUI configuration is done.

Mozilla-Data-Collection

The GUI configures settings like those mentioned above by MikeFromMarkham and Rob.

I have been very tempted recently to give Chrome another try purely for functional reasons.
There is no point for me in wasting time with this telemetry/snooping discussion forever.
Those concerned with intelligence agencies collecting data do not want to admit that those agencies known by various names and which operate in every country of the World exist exactly for that purpose and have always collected data, in the East, West, North or South. They have better means to do this than having Microsoft or other companies building backdoors in their product.

Attachments:

You must be logged in to view attached files.
3 users thanked author for this post.

Rob, Woody posting as an MVP, JDeC
February 12, 2017 at 3:07 pm #94172 Reply

fp
AskWoody Lounger
You want to avoid MS spying by switching to Google/Chrome??????????

February 12, 2017 at 2:12 pm #94144 Reply

Noel Carboni
AskWoody MVP
ch100 wrote:
This is the location in settings where the GUI configuration is done.

Yep, all that was configured to the most private settings, along with all the other things that could cause online contacts. And still 6 servers were unexpectedly contacted when I started FireFox. Perhaps some of them have legitimate reasons for being (a self check for updates, for example). Hard to imagine all 6 need to be contacted.

I just checked very carefully. IE, configured as I have it, even after IPCONFIG /FLUSHDNS doesn’t contact ANY other sites than my home page URL when I start it.

People often dis Microsoft’s Internet Explorer browser, but there was arguably more serious work to promote security and privacy put into its security model than the others. It just isn’t configured to be particularly secure out of the box! For example, who, today, would really want to run ActiveX controls from the wild internet? That can easily be disabled.

I can’t say how much of that security model has been carried forward into Edge. My guess, based on limited testing when Win 10 version 1607 came out and before I deleted Edge, would be not much. There are simply not enough settings presented to be able to tailor the security model to particular needs. And so Windows 10 becomes all the more a toy.

-Noel

February 12, 2017 at 2:44 pm #94161 Reply

ch100
AskWoody MVP
There is one more basic setting which ideally should be done in Firefox to avoid excessive advertising and tracking. This is to disable third-party cookies and allow only first-party cookies.

Mozilla-First-party-cookies-only

Beyond that ad-block plus is safe, but all other add-ons enhancing security break functionality.

Attachments:

You must be logged in to view attached files.
February 12, 2017 at 11:24 pm #94284 Reply

anonymous
In my experience, disabling third party cookies, even if it is something I would find desirable, sometimes caused issues with some sites. As mitigation, and I don’t know if it is any good, I accept the third party cookies, but automatically erase all cookies when closing Firefox. If I ever find a situation where I really would like to save a cookie on a website between sessions, I add the site to the exception list, but that is not something I remember doing for a very long time.

As for your assertion that all other add-ons besides adblock plus break functionality, I find that quite bold. Adblock plus can sometimes cause a website to not load and might even require to be disabled and not just disabled for the page. I like adblock plus a lot, but I wouldn’t say it doesn’t break functionality. Also, I use Noscript with allow scripts globally to not interfere with users experience on people I help machines (Noscript can be a real pain) but to still provide cross-site scripting protection. I can’t comment about other add-ons because I don’t use them and don’t find a need to, although I think it is possible somebody here could convince me that some extension could be valid.

February 13, 2017 at 12:23 am #94306 Reply

fp
AskWoody Lounger
Not just: it can also block certain features on a page that sometimes are important.

February 12, 2017 at 3:04 pm #94170 Reply

fp
AskWoody Lounger
Perhaps, but when IE was designed there was no MS focus on spying. Practically all corporations that can are focused on spying these days and so it MS. Witness W10 and Edge.

February 12, 2017 at 4:13 pm #94187 Reply

Rob
AskWoody Lounger
Woody, in answer to your thread title, no I don’t think it is on PC’s but phones are a different kettle of fish!
PEBCAK with bad practices.

| Group B Win 7 HP and Pro |.

No problem can be solved from the same level of consciousness that created IT.
AE
February 12, 2017 at 4:40 pm #94191 Reply

Noel Carboni
AskWoody MVP
anonymous wrote:
datareporting.healthreport.uploadEnabled => false
datareporting.policy.dataSubmissionEnabled => false
toolkit.telemetry.enabled => false
toolkit.telemetry.unified => false

To change a setting, double-click on it, or right-click and then Toggle to change it.

Thanks, I missed this post before somehow.

Setting the above has eliminated all the extra sites I saw contacted during FireFox startup, but apparently FireFox is still walking my site since I still see a server my site uses but not on the home page.

Edit: And… Changing network.prefetch-next to false did not correct that.
Edit 2: Setting network.dns.disablePrefetch to true DID correct it.

This level of configurability is growing on me.

-Noel

This reply was modified 11 hours, 24 minutes ago by Noel Carboni.
This reply was modified 11 hours, 11 minutes ago by Noel Carboni.
1 user thanked author for this post.

satrow
February 12, 2017 at 7:46 pm #94215 Reply

Ascaris
AskWoody Lounger
fp wrote:
I don’t think ANYBODY can be trusted these days. The tolerated profitability of private data is too strong a temptation to resist, particularly for vendors of mature software–it’s hard to come up with new really useful features for which users are not prepared to pay for/buy. Everybody wants rent income now.

Firefox has been using telemetry (and telling its users about it) for diagnostics since the beginning… from long before this trend of spying on people for advertising revenue purposes. I don’t see any reason to believe their reasons have changed since then… they’re not an advertising company like Google has always been, and like Microsoft is trying to become. Unlike MS or Google, they’ve done nothing to violate my trust (relatively speaking; I don’t trust anyone completely) that they have built over the last 16 years. They’re making a litany of dumb design decisions, but nothing so far to make me suspect them of a violation of that trust.

2 users thanked author for this post.

Rob, Noel Carboni
February 12, 2017 at 11:39 pm #94291 Reply

anonymous
I agree completely. I use Firefox as my main browser and as my user’s browser since the beginning and although they did some bad design mistakes sometimes, I do trust them, relatively and much more than any other, and I am very satisfied with the current browser version.

One setting you might configure if you have an SSD and you don’t want Firefox to write tons of data on it to save full session state every 15 seconds is to go to about:config and change the value of browser.sessionstore.interval to something different than 15000 ms. I don’t know if they fixed that issue but previously some people complained it wrote about 20gb of data per day because they left many tabs open for long periods of time. However, be aware that the less often session data is saved, the more risk you run of loosing your session state should Windows 10 restart your computer for you and close Firefox or if you crash. I set mine to half and hour because my Firefox 64 bits don’t crash, really and I am on Win 7 annd don’t experience loss of sessions really.

1 user thanked author for this post.

Rob
February 13, 2017 at 12:19 am #94305 Reply

fp
AskWoody Lounger
The fact that you don’t see any reason does not mean they don’t.

My point was not to accuse them, but to alert people that in this day and age what they don’t see does not mean it doesn’t exist. The temptation exists, everybody’s doing it and profits and as far as I know they do have some problems. I’ve seen so many cases of promises of not ever doing it that did not survive that I simply don’t believe any assurances.

But that’s just me and my advice, which you’re free to ignore.

February 13, 2017 at 1:19 am #94309 Reply

anonymous
I personally prefer WaterFox which is a 64-bit fork of FireFox. It’s quite good. As far as I know WaterFox doesn’t do that telemetry. I don’t really like FireFox. It’s just become bloated and slow.

February 13, 2017 at 3:15 am #94323 Reply

Rob
AskWoody Lounger
So, from this:

Noel Carboni wrote:
But no matter, it’s not my browser of choice. As it turns out, it’s SO not my browser of choice, and after gaining the added knowledge that it’s visiting half a dozen sites at startup behind my back, that I just removed it entirely from my main workstation. When I need to test web pages in alternate browsers I’ll do it in a Virtual Machine.

To this:

Noel Carboni wrote:
This level of configurability is growing on me.

in a few hours, wow! Firefox must be SO not good then?

[This part edited because it’s just personal hogwash.]

Oh and still awaiting the reply regarding the Tor browser questions I put forward to you..

| Group B Win 7 HP and Pro |.

No problem can be solved from the same level of consciousness that created IT.
AE
This reply was modified 12 minutes ago by Rob. Reason: rephrase to avoid misinterpretation
Author
Posts

1 user thanked author for this post.

Elly

As for Mr. Brinkmann’s suggestions, I found I had already installed KB2976978 and KB3080149. I uninstalled them today. The Diagnostic Tracking Service is already disabled and the other KB’s he recommends I can’t find that they’re installed on my 8.1 machine. If I discover them later, I’ll get rid of them. As for KB3044374 (to upgrade from 8.1 to 10); I’ll keep that for now. I still want to upgrade to Windows 10 (hopefully for free). I’m not in the CEIP, so that peeper is taken care of… for now.
UPDATE: After I uninstalled the updates above, KB3080149 reappeared; Recommended but unchecked. Not letting Windows Update the ability to install anything but Important. However, KB3121461 reappeared as Important. Not part of the list; a Security Update published on 1/11/2016.

Bought a refurbished Windows 10 64-bit, currently updated to 22H2. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again...