extension blocking in basilisk Topic is solved

Board for discussions around the Basilisk web browser.

Moderator: satrow

user1535809
Banned user
Banned user
Posts: 7
Joined: Sat, 28 Apr 2018, 12:41

extension blocking in basilisk

Unread postby user1535809 » Sun, 19 Aug 2018, 04:54

as stated on https://spyware.neocities.org/articles/palemoon.html
Pale Moon blocks privacy enhancing addons like noscript, citing this rationale for blocking such an imporant addon:
NoScript is known to cause severe issues with a large (and growing) number of websites. Unless finely tuned for every website visited, NoScript will cause display issues and functional issues.
So, it looks like Pale Moon's developers are actively working against the intrests of its privacy-concerned users, and would rather allow websites to execute malicious ECMAScript programs on unsuspecting user's machines, than to be blamed for a broken website. To disable this blocklist, set extensions.blocklist.enabled to false in about:config.

when I search for extensions.blocklist in about:config in basilisk, I get several results, including URLs for basilisk and mozilla.

Why?
not only are you compromising user security by sending requests to mozilla and basilisk, but you are also opening up basilisk to censorship. please remove this or explain why it is included.

also why would you include spyware features in Pale moon? How much did you get paid?

Latitude
Banned user
Banned user
Posts: 597
Joined: Mon, 21 Mar 2016, 18:28

Re: extension blocking in basilisk

Unread postby Latitude » Sun, 19 Aug 2018, 07:06

There's NoScript alternative - uMatrix by gorhill.

Use that instead.

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 22278
Joined: Sun, 28 Aug 2011, 17:27
Location: 58.5°N 15.5°E
Contact:

Re: extension blocking in basilisk

Unread postby Moonchild » Sun, 19 Aug 2018, 08:26

What that site claims in nonsense and grossly over-exaggerated. I've already written to the site owner about this but unfortunately they have neither responded to my mail nor changed the reported "spyware" misinformation. I left it up to them to make up their dam mind but they should at least try to be accurate in their information if they claim to be a spyware info resource.

For the record, my response to their inaccuracies:
I find the fact that you classify Pale Moon as "spyware" because of the
fact that our websites are currently still ad-sponsored (due to lack of
donations) rather blown out of proportion. The whole article seems to be
written by an extremist who would classify ANY website with an ad and
ANY software that by design displays web content of such sites to be
top-rank spyware...
The definition of spyware is that is is DESIGNED to spy one the user.
Pale Moon is not, and we go through quite some lengths to choose as
privacy-conscious features and services as possible. The fact that the
application by its very nature is able to display ads to the user as
part of web content does not make it spyware.


Most of your complaints are due to having 1 RTB ad on default-loaded
pages. Why is it there? because articles like yours have hindered
adoption of Pale Moon since its inception, and have prevented regular
enough income for the project to kick AdSense to the curb.


Its "terrible start page" has been a feature requested by our users.
They WANTED a customizable start portal and our partnership with
start.me was the result. If you don't like it, switch the home page to
something else. Done.


> Blocking privacy-enhancing addons

Did you read the actual info page about our NoScript entry (at
warning level, so a simple one-time confirmation will enable it
permanently) on the blocklist? I guess you didn't because you go off on
a rant about "[our developers] actively working against the intrests of
its privacy-concerned users". Such b***s***.


> Auto-updates
If you think that we use any of these auto-updates to track anything or
share any of this data with anyone else, then please read our privacy
policy. You couldn't be more wrong.


> Pale Moon connects to Mozilla's geolocation services.
No, it does not. On top, it does not send any data beyond the
already-public IP address to the geolocation server in use, and does not
request more than the absolute minimum data in response, to keep
unneeded privacy-sensitive data off the wire.


> OCSP querying
This is a normal part of certificate checking, and is avoided in most
cases if the server staples the OCSP responses. Individual OCSP
connections are increasingly in the minority. Your article conveniently fails
to mention this. Stapling has been a thing for a good number of years
now and is widely adopted.
Improving Mozilla code: You know you're on the right track with code changes when you spend the majority of your time deleting code.

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne

User avatar
Moonchild
Pale Moon guru
Pale Moon guru
Posts: 22278
Joined: Sun, 28 Aug 2011, 17:27
Location: 58.5°N 15.5°E
Contact:

Re: extension blocking in basilisk

Unread postby Moonchild » Sun, 19 Aug 2018, 08:26

Also, what does that page have to do with Basilisk? it's about Pale Moon.
Improving Mozilla code: You know you're on the right track with code changes when you spend the majority of your time deleting code.

"If you want to build a better world for yourself, you have to be willing to build one for everybody." -- Coyote Osborne

user1535809
Banned user
Banned user
Posts: 7
Joined: Sat, 28 Apr 2018, 12:41

Re: extension blocking in basilisk

Unread postby user1535809 » Sun, 19 Aug 2018, 15:45

Moonchild wrote:Also, what does that page have to do with Basilisk? it's about Pale Moon.

Image
Also, https://blocklist.basilisk-browser.org/current/blocklist.xml

User avatar
therube
Astronaut
Astronaut
Posts: 637
Joined: Fri, 08 Jun 2018, 17:02

Re: extension blocking in basilisk  Topic is solved

Unread postby therube » Sun, 19 Aug 2018, 16:30

So it uses a blocklist, is there something wrong with that?
Is NoScript on the (Basilisk) blocklist? (No.)

Is a blocklist a good thing? (Yes.)
Without some sort of mechanism, like a blocklist, you might find a user given away the store - after installing a malicious extension.
(And just what is the likelihood of something like that happening? Mozilla & Security, Heh.)


Return to “Basilisk”

Who is online

Users browsing this forum: No registered users and 3 guests