Media

  1. Feb 1
    Show this thread
  2. 24 Nov 2019

    An article discussed on HN's front page () has the following footnote (see pic). Browsers have their own DNS cache, and extensions can create their own cache so as to avoid having to DNS-lookup every network request. The statement ignores this fact.

    Show this thread
  3. 1 Nov 2019
    Show this thread
  4. 22 Oct 2019
    Show this thread
  5. 19 Sep 2019
    Replying to

    Adblock (from BetaFish) is also be affected: it's using the ABP filtering engine code and enforce Eyeo's "Acceptable Ads" -- which I guess makes "X-Adblock-Key" a requirement.

  6. 17 Sep 2019
  7. 3 Sep 2019
    Replying to

    I don't see the site being broken with EasyPrivacy enabled. Requests to `report-uri .com` were not blocked, except for only one because of the filter `ga.min.js`.

  8. 25 Aug 2019

    As per GitHub, Adblocker Ultimate is from "Secure Download Ltd". I found a Bulgaria commercial registry for that company: (Google-translated in pic)

    Show this thread
  9. 25 Aug 2019

    Activity in issue tracker -- Adguard left, AdBlocker Ultimate right. (AdBlocker Ultimate's activity fits in one pic)

    Show this thread
  10. 25 Aug 2019

    First page of commit history -- Adguard left, AdBlocker Ultimate right. (AdBlocker Ultimate's history fits in one pic)

    Show this thread
  11. 25 Aug 2019

    Overview of commit history -- Adguard left, AdBlocker Ultimate right.

    Show this thread
  12. 25 Aug 2019

    So a week ago or maybe more I filed an issue at about their policy of forbidding 'unsafe-eval' on AMO not being enforced, along with those extensions as example. The issue disappeared and I haven't heard a word about this. The extensions are still there.

    Show this thread
  13. 25 Aug 2019

    I reported this one and others weeks ago because of remote code execution ability, using the "Report this add-on for abuse" button. The extensions are still there.

    Show this thread
  14. 17 Aug 2019
    Replying to

    It's a rip-off of an old AdBlock version. Removed: GPL license/copyright notices. Added: permissions for explicit remote code execution in extension context and ability to modify proxy settings.

  15. 2 Aug 2019

    Authors who nurture the confusion with such mistake highlighting lack of basic research get a share of the blame when users are fooled into installing the sleazy AdBlock-owned "uBlock":

    Show this thread
  16. 2 Aug 2019

    Serious mistake in your article : You confused "uBlock Origin" (w/ more than 15 millions active users) with AdBlock-owned "uBlock", despite the prominent warning to dispel confusion. See

    Show this thread
  17. 18 Jul 2019

    Nowadays it's best to presume the world wide web is highly hostile to users, and installing a *trusted* content blocker is the best mitigation.

    Show this thread
  18. 18 Jul 2019

    Meanwhile, ignoring the more important issue of remote code execution in extension context opens the door to dubious advice. Don't be fooled: it's possible to have more trust in an extension than the browser on which it runs, or the websites which you visit.

    Show this thread
  19. 18 Jul 2019

    So something is not being said in this article and the report makes no mention of this either: For an extension to be able to execute remote code in their own context, they need to explicitly declare `unsafe-eval` in their manifest.json.

    Show this thread

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·