Re: Nice, but...
Go back to school.
The browser is responsible for everything you see.
Vivaldi lets you disable GIF animations, or set them to only play once.
"It is not rocket surgery".
58 posts • joined 7 Nov 2015
Yeah but your lists will include all regular ad-services. Even the standard easylist is way bigger than the google list.
Vivaldi are only blocking bad sites, not annoying sites, hence the use of the phrase "...on the very naughty list."
I would agree that a bigger list is in order, but trackerless ads should still be allowed.
Companies don't drop everything for 1 individual that can't use the browser properly.
Whop-de-do they changed the icon several times (so have the other browsers). This affects the browser how ?
Drag-n-drop of bookmarks works just fine or the manager page would be rather pointless.
Vivaldi is nothing like Chrome to use. You are mistaking Chromium core for Chrome browser.
Email is coming and being tested internally. It is not a core browser component so has different priorities
"all kinds of Phillips hue colour nonsense". 1 optional GUI enhancement that was easy to add is hardly all kinds of nonsense, and oooh now there is Razer support so make that 2.
Yes a whole 2 of them !
WhatsApp oh dear, 1 (admittedly major) feature has been broken between updates. This is a common "feature" of the modern world of software, get over it.
If you think you can build a top-flight browser from scratch in 2019 you need a reality check.
Vivaldi is best for nerds, researchers and people that know what they are doing, rather than stroppy kids.
Do you have anything to contribute to the article topic ?
Feel free. You will soon realise how often it fits.
Think of most politician and management meetings where the results leave everyone under them scratching their heads wondering why they feel like they just got scammed.
Not so true thankfully.
Install DNSCrypt which has DoH and DoT support, then import your block list into that.
DNSCrypt is also available for Rasbery Pi, Routers and Android, so those same block lists can be used where you need them.
Simply changing the OS to a resolver with DNSSec and DoH does not give you any way to authenticate the resolver.
No browsers test or display DNS validation errors so even if you think you are using the DoH resolver you set, you may not be.
...and another thing...
They are in a no-win situation. If it comes down to it we will just see the same level of accelerated interest in using HOSTS and Pi-hole blocking as we did with tracker and advert blocking extensions.
They are just pushing a bubble around the wallpaper. They cannot stop it, just make it less convenient.
"42 per cent of malicious extensions use the Web Request API."
Of course they do, it is a common function. I bet they all use another common API just as much if not more.
100% of them use chrome and the google store.
Most of the malware use google adverts, so how about we restrict the functionality of adverts ?
Anyone else fancy slapping some random Venn diagrams on this ?
If they are worried that they will not be able to block "exposure" to problem domains, it should be pointed out that they do have the choice of having the sites taken down.
Apparently leaving child exploitation sites running is fine, but we take down malware sites.
Why bother to actually remove a problem when you can just block a handful of people from accessing it ?
Ultimately, tough luck. Crying over spilled milk.
DNS over TLS has been around for a while, now we have DNS over HTTPS. We also have DNSCrypt, DNSSec, and the ability to choose any resolver we want.
Unless Governments force OS vendors remove the ability to change your DNS there is nothing they can do but cry about it.
Even without improved DNS, there is still nothing they can do, other than block all VPN nodes and offer a Chinese or Russian style state sanctioned VpN (small P as no privacy).
...or . . .they could take down the problem sites ?
disgruntled coder at GameFace.LLC. "How do you expect users to trust using any app on the Microsoft Store when they keep having a browser popped open with an obvious scam site?"
disgruntled user at Home. "How do you expect users to trust using any app on the Microsoft Store when they keep having adverts in them ?"
Ummm, so if you download software from a developers own site and spams you with adverts, that is called Adware and blocked by AV.
But if you download it from an official appstore where they take a cut of the revenue, it is not Adware and so AV should not block it.
Isn't that called anti-competitive practice ?
As ever our politicians think that saying they will throw a load of money away will change anything useful.
We can be sure most of the money will disappear in meetings, greasing already greasy palms, and funding Capita to do another bang up job of marketing a life of happy hackers all having fun.
GCHQ already have a problem attracting newbies. The past year we have seen many tie-ins with BBC shows to show the shiny friendly face of espionage.
Ah I know ! They are going to lure IT students with promises of wealth !
Being so brass-necked about hacking back at the drop of a hat, is a marvellous way to attract exactly that situation.
Well done you prize prat, the challenge is now issued. I hope our best bods are on the case.
It seems that the more times you say he is a journalist the more true it apparently is.
He is not a journalist and never was, and he has not claimed as such.
Releasing information that other people hand you does not constitute journalism.
Tweeting about data dumps does not make you a journalist either.
Even if he was a regular blogger calling him a journo would be a thin stretch.
Considering we must assume that all top secret traffic between security agencies will be encrypted and sent via a VPN, what could the Chinese Gov collect ?
Well just ask the NSA how their project to collect all the encrypted data flows, in that massive and flammable data centre has worked out for them.
Would GCHQ, NSA or the CIA really be using unencrypted communication over their mobile phones, or use landlines and encryption ?
If there was an issue it would (or should) not effect them as long as they don't do things they currently should not do.
The Kaspersky case is a good comparison. The CIA operative took classified work home, and didn't think about all good modern AV will upload unknown files.
Maybe their concern is exactly this situation, that their dozy operatives will lead to China getting hold of secrets.
They seem to have not noticed there are several decent AV tools from China that are used all around the world. If the threat is credible, why not warn us all off using Chinese AV and security tools ?
Both these will need a PC with the android drivers installed, and ADB access enabled in the phone.
You can avoid messing with CLI and downloading the ADB binaries as both come with the required files (feel free to update with newer versions)
The easiest to use for everyone is APK Installer.
And for total control or for the more nerdy, a TotalComander / GhostCommander ADB plugin
Happy de-bloat day \o/
When he gets here I hope they give him a tour of the GCHQ/Huawei center, and he can kindly point at the kit with the backdoors that we can't find, and show us where to look.
Maybe someone should present him with a list of Huawei CVEs and a list of Cisco CVEs, while covering the names at the top and ask him to choose which networking kit he would use ?
The given reasoning that MS AV must be good is because of the probable good quality of the company as a whole.
No evidence given ?
Unfortunately some crappy AV and vendors are being used as the gauge to measure against.
Avira has never given me any problems since swapping to it, and never seems to show in the lists of vendors doing stupid things.
Microsoft are not virus experts. Just like Symantec they bought into the AV scene and have failed to impress or progress with their AV products.
Not 1 AV comparison site shows Defender or MSE as being any better than low-average.
Microsoft themselves have said that their AV should be considered "Baseline".
The baseline is not the bar you are aiming to climb to, it is the lowest you should ever fall to.
I often have to repair people PCs that rely on only MS protection, and know that the AV I then use to fix it, would have protected it if they used it.
MS AV does not stop people going to bad sites, and does not scan web-page content unless you use MS browsers.
It does not even have a sandbox like all good AV, so unknown files are still allowed to run
Yes education is the key, but it is not happening so throw that idea out unless you are actively doing something about it.
Do you trust your Mum to retain the nerd-info you gave her enough to spot a phishing site ?
I don't and I am glad my Mum has Avira keeping her virus-free for the past 5 years (and yes I regularly scan with a standalone).
I am now trialling an AV that also notifies about, and blocks keylogging and webcam activation.
Which part of MS security does that ?
People need to stop comparing how geeks protect themselves, to the needs of the majority users who cannot be bothered with white-lists or regular audits.
They want a MacOS style world where you push a button and it works.
You can teach them to be secure, but it will not last.
AV are never going to be the perfect solution, but as the rate of viri and hacks continues to rise, the sheer stupidity of advising people ditch good AV and rely on only "Baseline" is an act of criminal insanity.
Good tech support means you have tested the options and give evidence based recommendations.
Just because VW did some stupid things with their tests, does that mean all other car makers are as crap and guilty ?
Whould you recommend people stop using seat-belts in all cars, if only some car makers had faulty seat-belts ?
The CIA very recently explained their criteria for establishing blame.
1) if hackers ask for money they are criminals (bad actors)
2) if hackers give it away they are state sponsored actors.
No room for the vast majority of mischief makers and vandals or those hacker types that join Anonymous, or just do it because of the challenge.
Wonderful to have such a black and white view of hackers.
Shame people have forgotten how Venn diagrams work.
Released hacked data is blamed on "State actors" because it is not offered for sale.
It suits the Governments to put hackers into 2 brackets, either Criminals or State actors.
This leaves out the majority of hackers that simply hack for fun and knowledge.
If Russia were truly so well equipped and constantly hacking, why are they so low in the hacking list ?
Surely they can do better than that ?
in 2008 I captured the Tesco tech support page because I was shocked at it being 2 years out of date.
The drivers on the site are obsolete version 1s, and intended for XP SP1 or earlier.
They were obsolete when they were posted, as upon investigation I found the chipsets to be EOL by their own manufacturers, but they had driver updates for newer OSs.
In 2013 they finally updated the site !
....and still had the same drivers.
It is now almost 2017 and guess what ?
Yes 10 years down the line Tesco are still only offering drivers for products they no longer sell, and almost nobody can use.
Tesco do the bare minimum they can get away with to tick a legal box.
Customers shrug and put up with it.
Customer and technical support have no idea who made the Technika products, or if they contain any vulnerabilities, so if they did, no way to offer any solutions.
Heaven forbid any mug buys a Technika brand IoT device.
Are you reporting that SSL is not available outside the googleverse ?
...or can we assume that this statistic applies for all browsers that correctly support TLS.
How about the fact that Firefox has extensions that Google do not allow, that add extra SSL robustness and multi-party validation, so HTTPS is possibly even safer than in Chrome.
Google are simply taking credit for other people upgrading their sites.
BT created Openreach so they could remove Cable and Wireless from the picture.
BT put out an open tender as they are required to do, but low and behold Openreach offer the best price, so get the contracts every time.
They always run over time and over budget, because they promise things they cannot deliver, such as "Genuine Super Fast".
When customers try to complain to BT about poor internet, they are told "That is not us, BT Openreach is a different company".
All ISPs that are unlucky enough to lease their lines from BT, are all kept at lower speeds than BT, so BT can claim they are the fastest amongst a list of knobbled ISPs.
Once BT and Openreach are split, BT may actually start giving contracts to other cable companies with a better record.
Yes indeed, I never said Mcafee was ever good, and I tar Symantec with the same brush.
Buy a big brand name and some average software, put them together and, bingo.
Peter Norton went from being the premier name in disk tools, to being Norton a brand of self-destroying crapware, with a friendly looking man on the cover, who never coded a single line of the contents.
Software so average, they have to pay other companies to trick you into installing it, or starting with it.
Microsoft bought a "reputedly" big (Giant) anti-spyware and kept it as average as it ever was. At least Microsoft admit that their current shoddy AV is considered the baseline and you should go no lower in protection (some people think baseline means good, not "base"line).
Then intel decided they wanted a slice of lucrative AV pie, so bought McAfee thinking only of the captive barrel-fish, not about the fact they bought a turd that needed a lot of fixes and maintenance, hence was on the market.
Without a background in AV, and the same McAfee team, there was never any hope of intel improving their turd.
All they could do was polish that turd within an inch of its life, and continue to buy or trick their way into peoples PCs, until they find a mug to offload it to.
When other companies try to give you extras with a download, we call it "Adware" and "Potentialy Unwanted Program".
Adobe and Oracle are as guilty as McAfee, Symantec and Google for using delivery methods commonly blocked by most AV.
Oh the irony.
"Given McAfee's leading global market position, loyal customer base, and trusted technology, we see a compelling opportunity to invest in a highly strategic platform that is growing consistently and addressing significant and evolving market demand."
...or in plain English;
"Given that it is pre-installed by OEMs, and non-technical people always install it with Java or Flash, we think this massive barrel of blind fish will make fine pickings."
Companies that buy-in to security software or anti-virus to gain a foot-hold in that territory (eg. intel and microsoft) do not have the specialist background needed, and so continue to degrade whatever software they bought until some other suckers buy it.
Considering over a third of the worlds hacking comes from the USA, shouldn't it be the rest of the world telling them to stop it ?
My patched XP box got its updates today just as normal, and there are still AV products that install in XP.
However, we can be sure that the Met. have not used the EPOS patch, and are still using the original install of Norton AV that stopped updating years ago.
Considering that Google have been paying to have Chrome shovelled into everyones PC with java and flash updates, I think it is a bit of a cheek.
Chrome rose to dominance via foisting itself on you, same as the crappy Norton and Mcafee scanners, which are also distributed via legitimate Java and flash installers.
Point the finger at the mirror Google. You helped to legitimise this behaviour.
Make all sites liable for the advertising they carry.
When they respond "but we cannot be responsible for 3rd party delivered ads", they should be told "and that is the problem that led us here, you are not being responsible".
At the point companies and sites are held liable for advertising content, they will start picking it by hand and actually know about it.
At that point it moves in-house and you can wave goodbye to endless middleware providers of malvertising.
For malvertising to exist would require that you hack the actual site, so at that stage malvertising is a moot point.
twit.tv is a good example. It cannot supply 3rd party malvertising, because its ads are validated first and done in-house.
Any site that says it specifically chooses every ad displayed, I will trust to show me ads.
Sites that have no idea what they are showing, I will not trust.
Hardly unusual behaviour for any free version of anything.
WinRAR keeps bugging me to upgrade, so does Trillian. I chose to ignore it, and I don't feel it affects my trust in them.
Many free AV are lacking features useful to all, so are more likely to make you feel the need to upgrade.
Start with a free AV that has a clear upgrade option without hidden extras, and you know when the time comes if you need to upgrade.
While everyone is waffling on about Champagne for some reason, nobody has pointed out that the picture is not even a traditional Cornish Pasty.
A proper 'ansome "Cornish Pasty" is made with chunks (never minced) of beef steak (either Chuck or Skirt).
The picture looks like a chicken or lamb filling.
This is a modern invention for fussy buggers that don't actually want a Cornish pasty, but want to look like they have one.
Vaping is being promoted as a safe and more attractive option, that comes in a rainbow of fruity flavours.
Don't look in the pub or club, look around an area of town where the younger generations congregate.
Look at the people gathered in the trendy new vape-shops, and ask yourself if the teenagers you see started with tobacco. Better still ask them.
I know plenty of people that just like to show off an expensive toy they do not need.
Only 2 of the people I know are using vaporisers to quit smoking, the rest of them just like gizmos and wearing their money for all top see.
Why is it that when you walk around town, it if full of teenagers puffing fruity yummy tasting nicotine dispensers, that get them equally as addicted to a highly taxed product they never used before.
Yes vaporisers deal with the smoke pollution, but do not deal with addiction when they make it tastier and more desirable than ever.
..oh, yes, the key there must be the "highly taxable" bit.
If it were not for the tax, all nicotine products would be as illegal as cannabis.
Where I live, If you don't have an expensive vaporiser or the right shoes on campus, you are nobody.
I keep hearing students complaining that it is costing them too much because they have no desire to stop smoking it, or how much is bad for them (duh!)
When you reach the end of a ciggy, it is gone and you have a clear cut-off point.
If you want to see the truth of it, look at who the Tabasco companies are marketing at.
One of the vape shops in my town even looks exactly like a sweet shop, even down to the little touches. Most are somewhere an over 30 would feel out of place in.
Yes the managers lay out the shops, but the teen-centric promo material and pictures are supplied by the tobacco companies.
The now old fashioned tobacconists was not a place of social gathering, and funnily enough always have sold tobacco in plain packaging (therefore also cheaper).
So if keeping people addicted to a more expensive form of nicotine is OK, if there is no smoke, can we have the same consideration for other smokable consumables ?
If you don't count vaporiser users as smokers any more, then would cannabis users not count as dope smokers, if there is no smoke ?
Bring back licensed purveyors of fine tobaccos, sold in plain bags and you will see teens turning away from it.
Ban the addition of the added chemicals they keep warning about, instead of putting bigger warnings on.
Formaldehyde is not allowed in other consumable products, so why allow it in tobacco ?
Or, if Governments really have such a problem with tobacco, why not simply make it illegal and the problem is gone like any other drug (yeah right), oh no, so is all that loverly tax revenue.
There are measures the Governments could take to make tobacco products less toxic and carcinogenic, but they are ignored.because we don't eat or drink it.
If the cocktail of chemicals added to tobacco and nicotine based products was in your lasagne, there would be uproar.
In the past the pool of talent was mostly people with a genuine interest in computers and computing.
They want to learn to make them self more skilled, not simply more valuable.
Now it is polluted by people that just want to earn money with as little effort as possible while sitting down.
They immediately turn their new skills into a crappy apps and sites that only exists to create revenue via adverts.
In the past management came up through the ranks and understood the jobs they were allocating, so would also know when NOT to allocate a wasted space.
Now it is polluted by people hired in because they were a manager elsewhere, in a job that roughly related, but has a questionable and self-set pay-packet.
This is also the problem within the Universities, where they are being mismanaged by people with no background or interest in education or teaching, only the freakishly high self-awarded salaries which would attract any con-persons worth their salt.
The best/worst of the con-people in management will always take a sicky just before leaving the sinking ship, and then pop up in the same position in another company or University.
They never stay to fix anything, so never learn (not that they want to).
The only measure of success modern managers know is size and expansion.
This does not make for good quality education establishments or practices.
It just ticks boxes and puts bums on seats.
Why would the management care if they can just easily go on sick leave, and then leave for another management job of equal value before someone looks behind the curtains ?
Casting a bigger net is gaining us poorer catches.
If you want IT talent you must look at the college students that keep up their abilities while studying and holding down a job.
The ones that know what "optimise" means for performance and stability issues.
The ones that are worried about their existing customer base they have privately established.
The ones that always build their own PCs.
The ones that know their Kb from their KB.
The designers that know the difference between screen DPI and print DPI.
The ones that don't have aspirations of management, because they enjoy the challenges of real work.
Mostly, if you want quality IT, you hire the ones that say in answer to a real tough question
"I have not dealt with this yet, but it shouldn't take me long to learn about it."
and not "Yeah, yeah, we covered that early on so I'm a bit hazy".
(Note: I know many managers do really manage, but the above comments relate to the type that should be renamed to "delegators").
Try complaining about your internet service to BT, and you are told very clearly that "Openreach is not BT, it is a different company".
You obviously ask "but why does it say BT Openreach on the van ?", and the disembodied voice on the phone answers with something to the effect of "these are not the droids you are looking for".
When it suits them, they hide behind it, or hold it at arms length.
About time to make the final cut, or admit they are the same.
However if they admit they are the same company, then their tenders for cabling jobs to them selves look as shady as they really are.
before Openreach, the infrastructure was nothing to do with the ISPs, it was done by independent cable companies who could equally compete for real, not pretend, or as a token.
Now we are often stuck with having to get a competing ISP only if you have a BT line.
There should be no limitation to which ISP with which bit of cable. or phone service.
That model has borked choice in the USA, and we can learn from it.
Hmmm... what else have BT done to limit our options ?
BT brought us the change from monthly, quarterly, and annual payments to a minimum of 18 months (because of rapid customer turnover, due to poor service and over-subscription).
BT brought us the cancellation charge, so they can make also money for not providing a service (because of rapid customer turnover, due to poor service and over-subscription).
BT brought us the end of phoning Ofcom for support tickets, because Ofcom could not handle the level of calls about BT.
BT brought us fibre to the box at the end of the road (compared to the other companies that were connecting to the home).
At every step of the way BT have been screwing users and the government, because they are not as capable as they pretend.
Unfortunately the lifestyle sold by Apple is not yours. The i in iPhone does not mean MyPhone.
You are renting it, and the landlord requests that you do not look in the attic, and especially never go into the cellar, even if you think a burglar is there.
Any engineer that has worked on the expensive Bang and Olufson equipment will know the difference between what you see, and what is in the box (and why engineers don't buy them after losing too much blood and skin in them).
Just like Apple they learned from the Wizard of Oz, that if you let the public see behind the curtains, the illusion will break.
Too little too late.
The geeks have left the building, and we are not coming back (including Opera staffers).
Vivaldi caries on from Opera 12, and you can use that with a free VPN account (eg. ProXPN).
Avira have a privacy and security focus in their browser "Scout" and also offer a free VPN.
I would go with Avira Scout + VPN if I need privacy.
"“Where would a phone maker get an alternative to Google’s location services? There isn’t one,” says Edelman."
A quick search of F-Droid (Open Source apps) finds alternatives
Q: Why are the same criticisms not being directed at Apple ?
All Androids have a tick-box option to allow you to install from other sources, but Apple does not.
Android is the more open eco-system.
Biting the hand that feeds IT © 1998–2019