Tracking protection and NSS SSL secrets logging (two security questions)?
Posted: 2016-07-17, 06:28
Title: Tracking protection and NSS SSL secrets logging (two security questions)?
---
I have been a Firefox user since it became, out of Netscape. A Linux user, Gentoo in the last near one decade (also a little Debian, and planning on Devuan too).
I hear good things a lot about Pale Moon, I have studied quite a few forum posts here, and searched a lot (with the duck-engine, I don't like beeing tracked, so no Goog).
I had my strong doubts about Firefox dissipated forcefully with the advent of tracking protection feature, by which even Goog's own tracking itself is being really left out (the https://disconnect.me do, appears to me, a good job), I know Goog's is being disconnected also because I trace (with Wireshark's dumpcap) whenever I go online and later often read the network.
I haven't yet installed Pale Moon, because the tracking protection in Firefox
has made me very content.
I haven't been completely convinced by the renewed privacy protections in Firefox, because I keep checking on everything, and I want to know for sure about things (very hard!). But I surely have no grounds to distrust it or complain about it. At least as yet.
I really wonder what Pale Moon offers to protect users from tracking? Is it as strong a protection as Firefox is? Is it the same tracking protection feature Firefox uses?
That was one thing.
Another thing is actually connected with my claim that I (often) read the network after I was online.
I surely couldn't really do that if there wasn't the NSS and if I didn't set the SSLKEYLOGFILE env variable (as per https://wiki.wireshark.org/SSL) and if I didn't patch the NSS library with the small patch at:
>=dev-libs/nss-3.24 - Add USE flag to enable SSL key logging
https://bugs.gentoo.org/show_bug.cgi?id=587116
because the SSL decrypting is what rare users really do... And that convenience is not anymore readily available for security concerns (I have a grsecurity-hardened kernel and hope to be able to keep secure though).
So the other question of mine is if the SSL secrets logging via NSS library is available in Pale Moon so the above method of mine can be deployed?
Regards!
---
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr
Try refute: rootkit hooks in
kernel,
linux capabilities
for intrusion? (Linus?)
---
I have been a Firefox user since it became, out of Netscape. A Linux user, Gentoo in the last near one decade (also a little Debian, and planning on Devuan too).
I hear good things a lot about Pale Moon, I have studied quite a few forum posts here, and searched a lot (with the duck-engine, I don't like beeing tracked, so no Goog).
I had my strong doubts about Firefox dissipated forcefully with the advent of tracking protection feature, by which even Goog's own tracking itself is being really left out (the https://disconnect.me do, appears to me, a good job), I know Goog's is being disconnected also because I trace (with Wireshark's dumpcap) whenever I go online and later often read the network.
I haven't yet installed Pale Moon, because the tracking protection in Firefox
has made me very content.
I haven't been completely convinced by the renewed privacy protections in Firefox, because I keep checking on everything, and I want to know for sure about things (very hard!). But I surely have no grounds to distrust it or complain about it. At least as yet.
I really wonder what Pale Moon offers to protect users from tracking? Is it as strong a protection as Firefox is? Is it the same tracking protection feature Firefox uses?
That was one thing.
Another thing is actually connected with my claim that I (often) read the network after I was online.
I surely couldn't really do that if there wasn't the NSS and if I didn't set the SSLKEYLOGFILE env variable (as per https://wiki.wireshark.org/SSL) and if I didn't patch the NSS library with the small patch at:
>=dev-libs/nss-3.24 - Add USE flag to enable SSL key logging
https://bugs.gentoo.org/show_bug.cgi?id=587116
because the SSL decrypting is what rare users really do... And that convenience is not anymore readily available for security concerns (I have a grsecurity-hardened kernel and hope to be able to keep secure though).
So the other question of mine is if the SSL secrets logging via NSS library is available in Pale Moon so the above method of mine can be deployed?
Regards!
---
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr
Try refute: rootkit hooks in
kernel,
linux capabilities
for intrusion? (Linus?)