m0unds

Member
  • Content count

    109
  • Joined

  • Last visited

Community Reputation

3 Neutral

About m0unds

  • Rank
    Forum Regular

Profile Information

  • Gender
    Not Telling
  • Location
    Albuquerque, NM

Recent Profile Visitors

6134 profile views
  1. that's what google would prefer, yes. browser mfgs would prefer third parties stop injecting code into their processes - you already can't do it with edge because of appcontainer isolation, and google and others are tired of being blamed for every browser crash that could be caused by third party code they have no control over. additionally, there are instances where code injection can unintentionally compromise browser security. re: hosts stuff, i would avoid writing large lists to your hosts file as it will significantly slow DNS queries as system has to examine it first. @Ken1943 - as i mentioned, other browsers using chromium (open source project) are merging in the same changes being made to chrome, as is mozilla with firefox (q4 2018 / q1 2019) so this is not purely a "google wants to know everything" concern.
  2. that's fun. firefox doesn't block code injection yet, but it's on their roadmap for q4 2018/q1 2019. i'd also expect opera to start doing it if they merge upstream changes from chromium. *EDIT* Opera is tracking Chromium 69 for Opera 56, and Vivaldi is tracking Chromium 69 for Vivaldi 2.x.
  3. m0unds

    PENDING BB size request

    make that two requests - it'd be a nice QoL improvement, imo
  4. m0unds

    Update Server Problem ?

    Same here, connection error in SW USA
  5. thanks for the reply; glad to hear that, hope we see it soon.
  6. that's great and all, but appcontainer lockdown still breaks EAM's surf protection.
  7. I'm not the OP, but I didn't want to start a new thread, as this one already exists: Is this something you guys are going to be able to work around? Surf Protection still isn't working with Edge on my system (and I can reproduce the issue w/AppContainer lockdown and Chrome as well).
  8. m0unds

    What is JS:Trojan.Emeka.204(B)

    yea, BD's name for it is strange. it's a banker/dropper trojan (fareit family)
  9. will your filtering be further impacted when the chromium project (and chrome by extension) start blocking third party code injection altogether?
  10. m0unds

    Need Help

    Seems to me like it might be a bug with isthisfilesafe.com
  11. m0unds

    DNS Servers

    yea, DNS cache poisoning is increasingly rare because common DNS servers like bind, unbound, etc. do it by default
  12. m0unds

    DNS Servers

    Yup, you're correct. OpenDNS has limited malicious/bad site blocking (they focus on long-lived stuff like botnets) and phishing protection. Quad9 uses a bunch of vendors' threat intelligence feeds to block malicious and phishing sites. Comodo is vague, but claim they use RBLs. They aren't RFC-compliant with regard to DNS TTLs. No idea whether they redirect on NXDOMAIN (I don't trust Comodo as a company, so I haven't used this svc) Norton uses their own threat intelligence feeds to block phishing, malicious sites, etc, but last I checked, they redirect instead of returning NXDOMAIN, and partner with ask.com for that monetization stuff (yuck).
  13. m0unds

    DNS Servers

    Quad 9 is another good option w/malicious site blocking, but they're still working out some routing quirks in certain regions (Oceania, Eastern Europe, South America)
  14. Seems like it's this blocklist: https://iplists.firehol.org/?ipset=bbcan177_ms1 this particular list hasn't been touched since january 8, 2018 - not like stuff on the internet changes all that often, right? imo, a lot of these user-submitted lists are junk and are really poorly maintained - this particular list includes IP ranges belonging to CDNs used by a ton of reputable services including github (and emsisoft, and any other customer of highwinds). maybe that's why the maintainer hasn't updated - he can't push his changes to the git repo
  15. i agree, this would be a nice feature - you can always query https://www.isthisfilesafe.com with the file hash (sha-1 or md5) or executable name, but that's a bit unintuitive