Mozilla Firefox to Enable Hyperlink Ping Tracking By Default

Mozilla Firefox to Enable Hyperlink Ping Tracking By Default

Mozilla has told BleepingComputer that they will be enabling the tracking feature called hyperlink auditing, or Pings, by default in Firefox.

Internet Explorer exploit lets hackers steal your data even if you never use it

Internet Explorer exploit lets hackers steal your data even if you never use it

“Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted .MHT file locally,” writes Page. Current web browsers do not use the .MHT format, so when a PC user attempts to access this file Windows opens IE by default.

Adblock Plus Filters Can Be Exploited to Run Malicious Code

Adblock Plus Filters Can Be Exploited to Run Malicious Code

An exploit has been discovered that could allow ad blocking filter list maintainers for the Adblock Plus, AdBlock, and uBlocker browser extensions to create filters that inject remote scripts into web sites.

Петиция · Simple option to disable Pocket in Firefox · Change.org

Петиция · Simple option to disable Pocket in Firefox · Change.org

Firefox browser comes with Pocket extension built-in and the Settings option does not disable the service completely. 1) Add a simple and intuitive option in Firefox Settings to disable Pocket extension entirely:. - ensure that Pocket sites and API endpoints are not queried without user's explicit intent.

How to Stop Amazon From Listening to Your Alexa Recordings

How to Stop Amazon From Listening to Your Alexa Recordings

According to a Bloomberg report , Amazon employs thousands of workers to transcribe recordings of Alexa users for the purpose of improving the voice assistant's recognition algorithm. You can review a number of things here, including our voice history, skill permissions, and other data settings.

Facebook Showed Me My Data Is Everywhere And I Have Absolutely No Control Over It

Facebook Showed Me My Data Is Everywhere And I Have Absolutely No Control Over It

And this is likely how a Maserati dealership in Scottsdale ended up on my advertisers “who use a contact list” page — its agency works with a data broker who has uploaded a massive contact list.

If You Want to Protect Online Privacy, You Need to Hit the Data Brokers Where It Hurts

If You Want to Protect Online Privacy, You Need to Hit the Data Brokers Where It Hurts

These little bits of info are then collected by data brokers who then piece them all together to create comprehensive digital profiles containing your age, race, gender, height, weight, phone number, email address, physical address, marital status, occupation, income, investments, net worth, home ownership status, religious affiliation, political affiliation, product preferences, and even health issues .

Here is all the information that your browser reveals about you

Here is all the information that your browser reveals about you

In the case of the geographic information, information gathered through GPS will be significantly more accurate on average than browser estimated values. That may indicate that your browser is not sharing that information or it does not apply to you (such as accelerometer and gyroscope information while you are using a desktop computer).

Encrypt that SNI: Firefox edition

Encrypt that SNI: Firefox edition

As promised, our friends at Mozilla landed support for ESNI in Firefox Nightly, so you can now browse Cloudflare websites without leaking the plaintext SNI TLS extension to on-path observers (ISPs, coffee-shop owners, firewalls, …).

Launching the Mozilla Plugin Privacy Test Database

Launching the Mozilla Plugin Privacy Test Database

The results are interesting from a passive collection perspective - plugins that store user data when clicked are significantly safer than plugins that track all web activity all the time.

Major Browsers to Prevent Disabling of Click Tracking Privacy Risk

Major Browsers to Prevent Disabling of Click Tracking Privacy Risk

A HTML standard called hyperlink auditing that allows sites to track link clicks is enabled by default on Safari, Chrome, Opera, and Microsoft Edge, but will soon have no way to disable it.

Android TV update puts home-screen ads on multi-thousand-dollar Sony Smart TVs

Android TV update puts home-screen ads on multi-thousand-dollar Sony Smart TVs

Google is trying out a new "Pilot Program" that puts a row of advertisements on the Android TV home screen. As we explore new opportunities to engage the user community, we're running a pilot program to surface sponsored content on the Android TV home screen.

Protect yourself against a pure CSS data stealing attack called Exfil

Protect yourself against a pure CSS data stealing attack called Exfil

Mike Gualtieri, the researcher who discovered the vulnerability, published several proof of concept attacks designed to steal usernames, passwords, and other data on web pages it is used on. Just install the extension in a supported web browser to protect your data against attacks exploiting the issue.

Facebook Caught Asking Some Users Passwords for Their Email Accounts

Facebook Caught Asking Some Users Passwords for Their Email Accounts

However, Facebook has been found asking some newly-registered users to provide the social network with the passwords to their email accounts, which according to security experts is a terrible idea that could threaten privacy and security of its users.

StartPage beats Google Search in test. Reason? Privacy

StartPage beats Google Search in test. Reason? Privacy

Back in 2013, I proclaimed that it was time to switch to the search engines DuckDuckGo or Startpage .The German customer tests behemoth Stiftung Warentest tested search engines in its latest print issue and concluded that Google provided the best search results.

Twitter locks all new user accounts in order to force them to give up their phone numbers

Twitter locks all new user accounts in order to force them to give up their phone numbers

I am not a fan of their actions recently and I cannot even get onto their platform to begin tweeting since I don't want to give them my phone number.

Google will give Android users a choice of browser and search engine in Europe

Google will give Android users a choice of browser and search engine in Europe

Related Google is unbundling Android apps: all the news about the EU’s antitrust ruling “On Android phones, you’ve always been able to install any search engine or browser you want, irrespective of what came pre-installed on the phone when you bought it,” Walker says.

The ultimate guide to DuckDuckGo

The ultimate guide to DuckDuckGo

Once you have it set as your default search engine, you’ll be able to use the URL bar in Chrome, Firefox, Safari, and others to search DuckDuckGo directly, just like you were with the (probably) default Google search engine.

Firefox to add Tor Browser anti-fingerprinting technique called letterboxing

Firefox to add Tor Browser anti-fingerprinting technique called letterboxing

Firefox users will first need to visit the about:config page, enter " privacy.resistFingerprinting " in the search box, and toggle the browser's anti-fingerprinting features to " true ." Image: ZDNet Firefox's letterboxing support doesn't only work when resizing a browser window but also works when users are maximizing the browser window, or entering in fullscreen mode.

Facebook Still Wants Your Friends to Engage When You’re Dead

Facebook Still Wants Your Friends to Engage When You’re Dead

The platform offers the option to your family members to either delete or archive your account as a “memorial page.” (Family members will need to provide documentation to Facebook in order to make any changes to your account.) Now, Facebook is adding a new feature that will allow people to continue posting on your memorialized page in tribute.

Google Project Zero team reveals ‘high severity’ flaw in macOS kernel, working w/ Apple on a patch

Google Project Zero team reveals ‘high severity’ flaw in macOS kernel, working w/ Apple on a patch

Most recently, the team at Google has reported and publicly disclosed a “high severity” flaw in the macOS kernel which can grant an attacker access to a users computer without their knowledge.

Facebook Doubles Down On Misusing Your Phone Number

Facebook Doubles Down On Misusing Your Phone Number

(Although Facebook stopped requiring phone numbers for 2FA enrollment last May , phone number-based 2FA can still be the most usable option for many people.) In response to a tweet from a Page administrator pointing out this critical problem, Facebook has been forced to respond to user concerns and media reports.

Don’t Worry About Selling Your Privacy To Facebook. I Already Sold It For You

Don’t Worry About Selling Your Privacy To Facebook. I Already Sold It For You

See, the thing is, the way you place the Like Button on your site’s pages isn’t by downloading an image or a script and running it from your own site.

How to Delete Google Search History

How to Delete Google Search History

Why is it not enough to know how to erase Google search history to delete all traces of your activity? This information about searches and queries is saved in the ‘ My activity ’ section on the Google website, where you have the possibility to check your google history and manage them.

Does 2-Factor Authentication Stop Phishing Attacks?

Does 2-Factor Authentication Stop Phishing Attacks?

There are various methods that can be used to bypass 2-factor authentication, for instance, if a user is directed to a phishing page and enters their credentials, the hacker can then use those details in real-time to login to the legitimate site.

Enhanced Tracking Protection Testing: Protecting users’ privacy by default

Enhanced Tracking Protection Testing: Protecting users’ privacy by default

As part of the study, selected users will receive an onboarding experience which explains how to disable Content Blocking functionality like Enhanced Tracking Protection on specific websites.

My own Creepy Facebook Surveillance Moment

My own Creepy Facebook Surveillance Moment

TL;DR: Blank Facebook account I opened 8.5 years ago and never used receives recommendation, out of the blue, to check out a small store I only just learned existed and started patronizing.

New Release: Tor Browser 8.0.5

New Release: Tor Browser 8.0.5

This release features important security updates to Firefox. This new release updates Firefox to 60.5.0esr and Tor to the first stable release in the 0.3.5 series, 0.3.5.7. The full changelog since Tor Browser 8.0.4 is:

Blocking Unwanted Connections with a Hosts File

Blocking Unwanted Connections with a Hosts File

Select a Tip HostsNews blog & Updates To contribute a listing for our resources, or any other comments: Contact If you find the MVPS HOSTS file useful ... These updates are posted to most major security related sites, Newsgroups, and mailing lists, blogs etc.

Websites can steal browser data via extensions APIs

Websites can steal browser data via extensions APIs

The researcher also created a tool that lets users test if their extensions also contain vulnerable APIs that can be exploited by malicious websites. More details about Somé's work are available in a research paper entitled "EmPoWeb: Empowering Web Applications with Browser Extensions," available for download in a PDF format from here or here .

More