25 Nov 2016

And Then, What To Trust...

Remember wot I said about computer posts? Forget that for now as this could prove a tad important for a few readers.

For some strange reason, known only to Google, I got an E-mail notification of a new comment but can find no sign of it on the Foggy place. It’s not pending nor is it stuck in the spam locker. Anyhoo, my response could be of interest, obviously to Ripper, to many of you that may use Firefox with the add-on, Web of Trust which, it seems, has been downloaded many more times than once thus my reply to Ripper is below rather in reply to a comment I can’t find.

Glad to hear your sad day went well. Best wishes.
Thanks for the heads-up regarding the removal of Windows Apps and your link -
- and here’s a heads-up right back at ya.
   I went in search of Web Of Trust and the add-on that popped up was ‘WOT ratings in Ecosia’ and in the add-on preamble was this wot I’ve pasted below for your information. Please note the bits I’ve cleverly made bold:
“Warning: Web of Trust (WOT), which this extension is NOT but merely complements, has been caught selling users' browsing history. Please review available information and decide for yourself whether or not you want to continue using Web of Trust.
If you're wondering why you can't find the actual WOT page: Mozilla has removed WOT from Addons.Mozilla.org.”
It seems Google have removed it from their store as well.
Check the link below for a little more info which includes this;
“The WOT add-on can execute arbitrary code on any page, including privileged browser pages.
Impact and severity: Critical. If WOT wants to, they can do anything ranging from stealing banking credentials to installing malware on the user’s computer.
At the time of analysis, this functionality was not abused.”
   And Another;

   Make of all that what you will but I’m sure the safest way to stay safe on-line is simply to stay off-line. How about using Firefox dressed up in Tor?
   Possibly good for anonymity; good for safety? Nothing’s totally safe is it? Who’s actually ‘driving’ all these so-called safety products anyway? All we can do is the best we can do then it’s just a case of click an’ hope.

Quote;  Dave Barry.

"While you are destroying your mind watching the worthless, brain-rotting drivel on TV, we on the Internet are exchanging, freely and openly, the most uninhibited, intimate and, yes, shocking details about our "CONFIG.SYS" settings."


Ripper said...

Mac - I begged for that one didn't I? WOT has been removed without even bothering reading on, and thanks for the heads up, I will probably go back to McAfee Site Advisor.

There is one saving aspect to this and that is, strangely enough, Windows 10. Concerning WOT's ability to install and run malware code, Microsoft blocked 3rd party access to the kernel starting in Win Vista. Any attempt to run malware code is met with the User Account Control. I'm not saying that its not possible but Windoze now has much better defence against this kind of thing.

As to the theft of banking information, only a fool would keep these on the PC, but nevertheless I run Trusteer Rapport which protects against stuff like keylogging and non genuine bank sites. You can also set it up to protect any web site where you need to log in.

The Tor browser is good but rather slow. For anonymity I prefer a small program called Psyphon 3 which is basically a proxy but with VPN tunnelling capabilities.

Other extensions I run are Abine Blur (formerly known as Do Not Track Me), though Firefox now has built in tracking protection and malware site blocking, and Adblock Plus. Blur is also a password manager and masks your email address if that floats your boat. Have tried others as well such as Lastpass and Ghostery. There's no complete defence, just do whatever we can.

Mac said...

Happy to help but, trust me, it was pure luck; I headed over to install WOT. If I’d already had it, I’d probably never have discovered the downside.
Trusteer has been a problem recently with slow catch-up to FF 50 then on and off address bar icon, not opening the consul, unable to shut down or repair via the install procedure. Today I downloaded the IBM safe uninstall thingy, did that and reinstalled Trusteer from base zero. So far, so cool but time will tell if that’s sorted the ‘stability’ issues.
Happy clicking and hoping...