Was just browsing the Internet in a VM with script-blockers turned off for a bit, and half the sites were like "IT PUTS THE DATA IN THE BASKET OR IT GETS THE HOSE AGAIN!" with multiple videos, dozens of ads and and 99 pieces of third-party Javascript loading in the background. The amount of advertiser profiling and data sharing that goes on when you visit these noisy sites with a mobile device is even higher and more invasive, which might explain why I do most of my web browsing inside a VM (but with script blockers turned on).
Discussion
Loading...
Discussion
i occasionally use a script blocker on my mobile devices but not enough and it makes me feel ashamed.
on desktop workstations my default "i clicked a link" handler is "Opener.app" (got it via #setapp) which presents a menu of browsers and flags, and first choice is a browser with no javascript enabled so i can make an informed decision about witnessing it in all its glory. in safari you can use profiles and extensions like 1blocker, etc.
@briankrebs Hey there handsome how are you, I have something for you. I will like to introduce to you if you are interested in booking a massage appointment and I will do my best to accommodate your schedule.
Telegram is.. @JoyMary426
Hi, add my Zangi private number for confidential correspondence and calls.
1060848107
https://services.zangi.com/dl/conversation/1060848107
@briankrebs
That’s why I can not use the internet anymore without my #Firefox + #uBlock Origin + #uMatrix ( + Containers)
Not for everyone but I guess you are not everyone 😁
@briankrebs another braindead normie post by kreb. it's the age of mass surveillance (since 2000s), you are just finding this out?
@briankrebs
that's off-topic, sorry - is it correct that DHS is running Russian software? After all these bans on Kaspersky, still?
https://xcancel.com/pepel_klaasa/status/2024985497194442976#m
@briankrebs that's why we ship parrot with ublock origin pre-installed and enabled by default. couldn't live without
@briankrebs Without an ad blocker, there are many news sites that cause my iPhone to heat up and mobile Safari to crash, just so I can read a text article. Do they not realize they are losing revenue by crashing browsers? Or do folks have a higher tolerance for this stuff than me, and they’re willing to put up with it to get to the content?
@ramsey @briankrebs I am regularly surprised by how few people outside of tech circles are aware of how big of a difference even a simple ad blocker makes.
@sindarina @briankrebs I didn’t even use one until the last year because I thought it was wrong to block the thing those sites use to make money, but after trying one and having a much much better browsing experience, I decided it was more ethically wrong for them to disrupt/harm my browsing experience than it was for me to deny them fractions of a cent for viewing their content.
@ramsey @briankrebs Ad blockers are best practice for security and performance, and everyone should be using them.
If their business model does not provide alternatives that do not depend on ads, that is their problem, not yours.
@briankrebs Some of the public secure dns servers can block most trackers and adds. That will work on all OS's. Mullvad and Adblock for example.
@briankrebs I use NextDNS with site filtering on all my routers and on my mobile devices. Some sites are now breaking with messages to “disable your adblockers” and others get stuck in a reload loop. And that makes me realize I don’t really need those sites after all.
@briankrebs Home Network is pi-holed. Browsing on other networks is now so horrendous I usually avoid it.
@briankrebs Over the holidays we went to visit family and I watched one of them open a recipe website on their iPad to start cooking and the amount of junk and ads almost completely blocked out the view of the recipe. I pointed their iPad at NextDNS and refreshed the page. They actually gasped when all the ads went away and they could read the recipe.
@briankrebs I don't know how anyone can go without at least an ad blocker. Most websites seem borderline user hostile without one.
@briankrebs The other side of browsing from VM is a clear signal "a PIO (person of interest) is browsing". Like in early days of TOR. Configuring browser to hide it is on VM is not that easy. For the concerned about having somewhere a joint profiles I'd advise to have a separate device. And if VM, browse in "private" windows always. Just my ¢2.
@briankrebs I block javascript by default and use nextdns in combo witha vpn and i not only have a denylist but also about 12 active heavy blocklists like hagezi multi ultimate. Recently whenever possible i try to keep offline resources that I use constantly whenever possible. These sites are insane
@briankrebs No wonder half the software developers I know have wuit the industry and become woodworkers. 
@briankrebs
Sadly, your experience is why I found a use case for copilot at work.
Work blocks browser extensions and it's bad enough out there that I use copilot, with all it's flaws, just to avoid having to go to websites at all.
@briankrebs whenever I heard marketing/advertising people yearn for the web of yesteryear I want to punch them in the throat.
@briankrebs For my mobile devices I used apps that run as a VPN to block sites. I've been testing Rethink DNS on a GrapheneOS phone. Pretty good at blocking known advertisers, etc. On my Android phone run DuckDuckGo App Tracking Protection. Helps with blocking what few apps I use.
p.s. both run as a VPN but just so they can monitor all network traffic and block sites collecting data.
Sorry. VM=Virtual Machine, like Parallels, VMWare or VirtualBox, which let you load another operating system as a guest OS and run it on top of your host OS. The nice thing about a VM is that you can configure it how you like, save a snapshot, and then revert to that snapshot when you're ready to shut down.
@briankrebs if you have not seen @howardnoakley's impressive collection of free software you may not know that he offers several excellent options for #virtualization on #appleSilicon.
we're talking elegant, powerful software that hooks into core frameworks most people ignore entirely (containers, xhyve/bhyve that sort of thing). you gotta check these out imo. i use them for handling malicious code and for agents to use contained desktop environments. #infosec #bestof
@briankrebs I seriously love VMs and I always have one or two open.
And instead of clicking a link I copy it into an empty VM which is completely disconnected from the host and then see. in worst case I just throw away the VM and in 30 seconds I have a new one. I usually create one master VM and just clone it.
@briankrebs I'm too lazy to browse from a PC most of the time, so tend to rely on:
Browser: FF with ublock origin and privacy badger
Apps: DDG App Tracking Protection
Belt and Braces: Pi-Hole server.
@briankrebs "What does THIS malware do?" #Sandbox
@briankrebs I have been using less and less add blocker and it’s honestly making me just not browse much. Almost every news website I have checked has been borderline unusable. 😵💫
@zachery_delong @briankrebs I use uBlock Origin. Firefox on Linux and Windows. Supermium on my Win7 machines. Kiwi on Android (rarely - mobile sucks.) I wrote my first adblocker in 1998. Have learned a few techniques to defeat news sites. Here's one.
If the article appears and is then blocked by something, reload, CTRL-A CTRL-C, open a word processor, and paste.
That usually works and requires no special tools.
A lot of sites I have stopped using because of paywalls or login required to read.
@briankrebs same here brave, mullvad & browser for the win in the VM tho this concerns me tbh
https://cyberinsider.com/vpn-anonymity-undermined-by-new-adbleed-fingerprinting-technique/
And disabling adblock is no option either to much predator software around 🤷
@briankrebs Not just on mobile.