Your favourite security/privacy related extensions

[gracious1]

Password Exporter 1.3.1-signed

I'd recommend you to switch to Password Backup Tool

All right, I have taken a look at it, and I have a question. In the description, it says, "Also allows to import from Chromium based browsers running on Windows." So your extension cannot import passwords from Chromium on Linux?

[JustOff]

So your extension cannot import passwords from Chromium on Linux?

Unfortunately it's impossible at the moment. As far as I know, none of Mozilla-based browsers can't do so.

[gracious1]

So your extension cannot import passwords from Chromium on Linux?

Unfortunately it's impossible at the moment. As far as I know, none of Mozilla-based browsers can't do so.

Okay. I made the switch. Thanks for making a Pale Moon version.
(See this issue, however.)

[soewhaty]

Youre welcome!

In this case then, if uM takes care of that, is there any reason to keep addons HTTPS everywhere, Encrypted Web, etc. I don't see any reason ...

Only if you need problems with websites.

Hm...there's an oddity now. How come I set uM to force strict https and yet http://www.momondo.com/ opens and works just fine and so does https://www.momondo.com/. I thought uM would force the http to https ... that's odd... have I missed sth here?

[LimboSlam]

Off-topic:
Sorry for the offtopic comment being made. Just a quick question or two:

How do I enable only the XSS Filter in NoScript, and leave everything else disabled. I do not want any other scripts or elements being blocked.

[adesh]

Off-topic:
Sorry for the offtopic comment being made. Just a quick question or two:

How do I enable only the XSS Filter in NoScript, and leave everything else disabled. I do not want any other scripts or elements being blocked.

Off-topic:
XSS is enabled by default. To allow scripts choose "Allow Scripts Globally" from NoScript menu.

[dark_moon]

Youre welcome!

In this case then, if uM takes care of that, is there any reason to keep addons HTTPS everywhere, Encrypted Web, etc. I don't see any reason ...

Only if you need problems with websites.

Hm...there's an oddity now. How come I set uM to force strict https and yet http://www.momondo.com/ opens and works just fine and so does https://www.momondo.com/. I thought uM would force the http to https ... that's odd... have I missed sth here?

Strict HTTPS mean only HTTPS content are loading on HTTPS sites. Without strict HTTP elements are loaded on HTTPS sites.
What you search is HTTPS enforcement which you get in NoScript

[soewhaty]

Strict HTTPS mean only HTTPS content are loading on HTTPS sites. Without strict HTTP elements are loaded on HTTPS sites. What you search is HTTPS enforcement which you get in NoScript

Ya, what I'm searching for is exactly as in the example I gave - a site is offered both in http and https, and the addon functionality I need is to forward me from the http to https version of the site, provided there is such. If not, then stay on the http, ofc. As I see 'uMatrix' and 'HTTPS Everywhere' don't offer this functionality so I tried NS, as you advised and ... what is the difference between these 3 and which one to use?:
- NoScript Security Suite 5.0.6 (https://addons.palemoon.org/addon/noscript)
- NoScript Security Suite 5.0.7.1 (https://noscript.net)
- Noscript-2.9.0.14.xpi (https://noscript.net/getit - click on 'latest NoScript version compatible with Gecko 13 - Gecko 45 is 2.9.0.14')
I'm asking cos I was told here viewtopic.php?p=98619#p98619 to go for 2.9.0.14 and all of a sudden there are 3 versions to choose btwn.

And where do we enable https enforcement in NS anyway? Under Advanced/HTTPS/Permissions ??? This doesn’t look like enforcement, but more like blocking non-https sites, so that can’t be it

PS - Is BetterPrivacy still worth it as a privacy-centric addon? I'm on v1.68.1 but it says it runs in compatibility mode ...

[dark_moon]

NoScript 2.x isnt development any more, you need to use v5.
5.0.7.1 is the latest on NoScript site. On Pale Moon site it is 5.0.6 but i thing Georgio will update that.

Under Advanced/HTTPS/Permissions, yes. That is HTTPS enforcement

If you dont use Adobe Flash nor config the supercookie settings for that, you dont need BetterPrivacy

[soewhaty]

NoScript 2.x isnt development any more, you need to use v5.
5.0.7.1 is the latest on NoScript site. On Pale Moon site it is 5.0.6 but i thing Georgio will update that.

Under Advanced/HTTPS/Permissions, yes. That is HTTPS enforcement

If you dont use Adobe Flash nor config the supercookie settings for that, you dont need BetterPrivacy

Thanks for the reply! Well, I did set 'Advanced/HTTPS/Permissions/Forbid active web ...' to Always and yet http://www.momondo.com opens up and works without a prob. So we're missing sth here.

[dark_moon]

You need of course enter the URLS/ domains you want to force using HTTPS

[soewhaty]

You need of course enter the URLS/ domains you want to force using HTTPS

Oh okay, so there's no way to do it globally, eh? I just went under Advanced/HTTPS/Behaviour and added only 'http://', hoping that this would force all http sites to https, but only if there is an https site available. As expected, this forces all sites to https regardless of whether they have the https version or not. So that means that a site available only in http will not work at all.

Any way to achieve what I'm aiming at or do I have to manually do it on an instance basis, adding site by site under 'Advanced/HTTPS/Behaviour'?

[dapgo]

By the way, is there any document about the basis of web privacy, extensions, etc ? maybe a book (not focused in experts, please)?

Because at the moment I have many gaps in my understanding of how webs track us, how they exchange data, all the google crap, etc..

I am using several extensions but i think that is quite important to understand properly the basis, and unfortunately I think iam not the only one who need it...