back to article Firefox fires blockers at trackers, Exim tackles command exec flaw, and RDP pops up yet again

It wasn't just fake CIA agents, database mega-hacks and Bing flings in the security world last week. Here are a few tidbits beyond what you've read in El Reg. Exim bug resurfaces with improbable exploit Are you running the latest version (4.9.2) of Exim on your Linux box? If so, you can go ahead and skip down to the next item …

  1. Headley_Grange Silver badge

    Problematic?

    This might be a problem for some users. I set FF privacy blocking to "strict" by default, which blocks (what Firefox thinks are) trackers and 3P cookies and it breaks a fair number of sites. It's OK for me cos I can decide whether to make an exception for sites but users like my mum will just be confused when sites won't load. I guess it could change sites' behaviours if they see hits declining, but I doubt it.

    1. iron Silver badge

      Re: Problematic?

      Just tell your mum if it doesn't work its not secure for her to use. I'm sure she can find other sites with the same content that don't insist on following her around the web like a creepy stalker.

      I've been blocking 3rd party cookies since the 90s and block more trackers than FF and I don't have many problems. Of course I don't use any Facebook products, I imagine they would be borked to hell and back in my browser.

      1. big_D Silver badge

        Re: Problematic?

        Yeah, I use the strict blocking and I use Pi-Hole for DNS at home, with most tracking sites blacklisted. So far I haven't had any problems with day-to-day surfing.

        My daughter did complain that my Internet wasn't working - she said she couldn't get onto Instagram; I told her that Facebook is an untrusted destination in my house, she argued "but it's instagram", I then pointed out that Instagram was also Facebook and she said she would think about using it in the future.

    2. msknight

      Re: Problematic?

      Firefox has been problematic for me, for ages.

      And it's getting worse.

      I get warnings but when I click on, "I want to take the risk" it still stop me from going where I want to go.

      The updates don't allow you to turn it off completely, so the lowest setting I can go, is to have Firefox nag me that updates are ready.

      The in built blocks are getting in the way of controlling local equipment which have built in web interfaces.

      And more. Firefox has become a real nanny that thinks it's the policeman of the internet, and the arbiter of what I can, and cannot, browse to.

      I am the arbiter of my risk level and the tools I use to defend myself... not Mozilla.

      1. Anonymous Coward
        Anonymous Coward

        Re: Problematic?

        "I get warnings but when I click on, "I want to take the risk" it still stop me from going where I want to go."

        Correct me if I'm wrong but I don't believe those warnings are cookie related.

        Usually certificate warnings or a website that has been flagged by Google's Safe browsing will through a warning that takes user intervention to bypass.

        Unless you are referring to warnings that your browser is out of date?

        1. katrinab Silver badge

          Re: Problematic?

          https://192.168.0.1, or even http://192.168.0.1 will generate these sorts of warnings, and you can't get valid ssl certificates to make them go away.

          1. Anonymous Coward
            Anonymous Coward

            Re: Problematic?

            "https://192.168.0.1, or even http://192.168.0.1 will generate these sorts of warnings, and you can't get valid ssl certificates to make them go away."

            The browsers "same origin" policy is probably causing this.

            https://crypto.stanford.edu/dns/

      2. Kiwi
        Flame

        Re: Problematic?

        The in built blocks are getting in the way of controlling local equipment which have built in web interfaces.

        And more. Firefox has become a real nanny that thinks it's the policeman of the internet, and the arbiter of what I can, and cannot, browse to.

        I am the arbiter of my risk level and the tools I use to defend myself... not Mozilla.

        This. So much this!

        I run my own sites and while I use certs via Letsencrypt, it used to take some faffing around to get the certs working - different domains on different hardware but in the same IP - so one web server uses different port. Before the text challenge via DNS was available it wasn't trivial to get working certs to the right domains. Sometimes I wouldn't bother for a while.

        Other stuff, as pointed out elsewhere in the thread, needs self-signed certs (192.168 stuff).

        And then there's the sites that give family members a scare. I'd like to take a good look at them to evaluate the extent of the damage. I have VM's I can create and destroy quite quickly (virtualbox 'linked clone' or even 'full clone' if I wish - pretty sure 'linked clone' keeps a separate copy of changed files but sometimes I am not willing to take the risk - but then my VM's are throwaway anyway though one has been in use so long it's almost like a family member).

        I'm a grown up. If I want to let an infection run its course to better understand the risk, get out of the way and let me see what's going on.

        Maybe FF needs a "Pink Floyd " setting in about:config setting that gives us "we don't need no though control" mode?

        (El Reg needs a "Flaming Homer" icon - combines the beer icon with the pissed-off flame icon!)

    3. Ben Tasker

      Re: Problematic?

      > I set FF privacy blocking to "strict" by default, which blocks (what Firefox thinks are) trackers and 3P cookies and it breaks a fair number of sites.

      Something amusing happened to me earlier.

      I was clicking through a few sites earlier looking for domains to add to my adlists, and hit a few sites that are known to through up weird and wonderful shit.

      3 of those are sites that are owned by the Daily Mail group - though the third one I hadn't initially realised was.

      Now, I don't know if you know how EFF's Privacy Badger works, but basically it watches your requests and keeps track of calls for third party resources. If it seems the same third party being referenced by completely different domains it decides there's a good chance it's a tracker.

      So, it seems that the Mail's lot have referenced mailonline content from some of their other sites (like Metro). Privacy Badger has now decided that dailymail.co.uk should be blocked, and I'm not inclined to tell it otherwise.

      The reason I posted this little anecdote, is partly because it amused me, but also because I wonder whether Firefox is going to fall into similar traps (as I assume they're using similar logic under the hood, I've not looked).

      1. GnuTzu
        Thumb Up

        Re: Problematic?

        I use Ghostery and EFF Privacy Badger in Tandem. Ghostery's database and categorization are really informative and useful. Privacy Badger's temporary cookie handling is fabulous. Throw in a nice JavaScript blocker and you can get a really decent education about the indecent crap that's on the web.

        1. Kiwi

          Re: Problematic?

          you can get a really decent education about the indecent crap that's on the web.

          My nephew's into volcanoes. When he was younger he did a search on "hot eruptions".

          He sure got an education that day! (as did his parents - about keeping a closer eye and how ineffective family filters are)

  2. James O'Shea

    there's a difference?

    "users tired of having their comings and goings monitored by sketchy sites and ad agencies."

    Pray explain the difference. Inquiring minds wanna know.

    1. Steve Foster
      Joke

      Re: there's a difference?

      Sketchy sites have *some* morals...

  3. This post has been deleted by its author

  4. Anonymous Coward
    Terminator

    Yet another RDP attack surfaces?

    we have determined that this behavior does not meet the Microsoft Security Servicing Criteria for Windows .. As long as it is connected, the client will cache the credentials used for connecting and reuse them when it needs to auto-reconnect (so it can bypass NLA)."’ except it'll bypass the lock screen on remote sessions.

    a. See locked RDP session.

    b. Pull ethernet cable.

    c. Reconect ethernet cable.

    d. Get full access to session.

    e. Not a security vulnerability.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022