Almost Secure

[...] Note: This is explicitly posted in my private blog rather than the Adblock Plus blog. This post represents my own opinion only. It is likely unwise to rant about a competing [...]

[...] each Reuters web page trust this way. I found this statement hard to believe so I disabled Adblock Plus and opened a random Reuters article. I then copied the list of scripts from the list of [...]

[...] For a while, I have been occasionally misusing the Adblock Plus project blog for articles that had no relation to Adblock Plus whatsoever. I posted various [...]

[...] encryption. After analyzing the SSL handshakes on one of the filter download servers used by Adblock Plus, I am now mostly confident that the reason is proxy servers essentially conducting Man-in-the- [...]

[...] of your frame script (e.g. add "?" + Math.random() to it). Bug 673569 means that all frame scripts run in the same shared scope prior to Firefox 29, so you should make sure there are no [...]

[...] ). However, the amount of harm such a malicious extension can do depends on your browser: Internet Explorer: extensions are typically installed with administrator privileges, this can give a malicious [...]

[...] SSLv3 support but it turns out that you might lock out more users than just those using Internet Explorer 6. For reference, how did I recognize the browsers in the ssldump output? This turned out to [...]

[...] fit nicely into the OS X user interface. Wine doesn’t allow configuring the icon however, the source code shows that it will read the icon from the application resource unconditionally. Well, not [...]

[...] of course (I answered it in the meantime). Given the lack of documentation, studying the source code is the only option. The important function here is macdrv_compute_keyboard_layout() that does [...]

[...] -TLS, yet it should cover most use cases and be much easier to use. Enjoy! For reference, the source code is available on GitHub. [...]

[...] started out as an open project. They used Google Code hosting to make sure people can see their source code and contribute. However, that code repository was abandoned in August 2013. The new project [...]

[...] and don’t collect unnecessary data. But what about the code hosting service and their content delivery network? You now have two more parties that can collect data of your site visitors, do you have [...]

[...] images.intellitxt.com, js.moatads.com, platform.linkedin.com, s2.reutersmedia.net Akamai Content Delivery Network nexus.ensighten.com, ping.crowdscience.com, config.parsely.com Amazon AWS Cloud [...]

[...] website used: Codero was used to compromise RSA Conference website, and Taboola to compromise Reuters website. Why was it possible for Codero and Taboola widgets to completely take over the websites [...]

[...] A few days ago I outlined that the Reuters website relies on 40 external parties with its security. What particularly struck me was the use of [...]

[...] the project growing and more people joining I am no longer the only person posting to the Adblock Plus blog, treating it as my private blog isn’t appropriate. So a while ago I decided to set up a [...]

[...] Note: This is explicitly posted in my private blog rather than the Adblock Plus blog. This post represents my own opinion only. It is likely unwise to rant about a competing [...]

[...] and listed as recommended) add a set of filters to whitelist Mixpanel tracking on the AdBlock website. AdBlock 2.7 (2014-06-06): Calling home functionality has been extended. It now sends [...]