| ▲ | M95D 3 days ago |
| I'm using uMatrix and it blocks by default all connections outside the requested site and parent domains. For example, if I request https://mail.yahoo.com, connections to yimg.com are blocked. I need to manually allow each CDN for each website, so this attack/profiling won't work. Using uMatrix was very annoying at first, most websites are broken without their CDNs, but after a few months or so, the whitelist grew and it contains 90% of websites I visit. On my system https://ceac.state.gov/genniv/ tries to connect to captcha.com, google-analytics, googletagmanager, 127.0.0.1 and "burp" (a local hostname that doesn't exist in my network). Interestigly, the browser console doesn't list connection attempts to localhost or burp. If I allow 127.0.0.1 and "tcpdump -i lo", I see connections to port 8888, which isn't open. |
|
| ▲ | noja 3 days ago | parent | next [-] |
| How does uMatrix handle the Facebook tracking pixel, or the replacement which is the Conversions API Gateway? This is a container that FB gives you to host that lives under your domain (it can be your main domain) that slurps up user data and sends it to Facebook from the server side. You embed some JS in your website, and they hoover up the data. |
| |
| ▲ | M95D 3 days ago | parent [-] | | It doesn't handle it. Anyway, there's no way to know what a website does on the server site. Even a completely static website could be sending the server logs somewhere. There are options to not load JS, images, XMLHttpRequests, frames, cookies, for each site, but it doesn't list individual files. | | |
| ▲ | noja 3 days ago | parent [-] | | Then why use it? They're number one. | | |
| ▲ | M95D 2 days ago | parent [-] | | No other extension is giving me control like uMatrix does, even considering it's limits. |
|
|
|
|
| ▲ | thaumasiotes 3 days ago | parent | prev | next [-] |
| > On my system https://ceac.state.gov/genniv/ tries to connect to captcha.com, google-analytics, googletagmanager, 127.0.0.1 and "burp" (a local hostname that doesn't exist in my network). That will be this burp: https://portswigger.net/burp/documentation/desktop/tools/pro... Sounds like they don't want you to analyze their site. |
|
| ▲ | user070223 3 days ago | parent | prev | next [-] |
| uMatrix is archived and I think uBlockOrigin is now advised to use(which incorporate uMatrix by enabling advanced settings) For those who want to try blocking more stuff you can enable hard mode and bind relax blocking mode keyboard shortcut I'd recommend also enabling filter lists(I advice yokoffing/filterlists and your region/language) https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-m... |
| |
| ▲ | M95D 3 days ago | parent | next [-] | | But uBlockOrigin UI is so much worse... Besides, uMatrix works fine. It's that kind of program that doesn't need any updates. | | |
| ▲ | rapnie 2 days ago | parent [-] | | I would really like an intuitive UI for people who don't want to do 'a project' to get their config tight. | | |
| ▲ | M95D 2 days ago | parent [-] | | But it is intuitive... I don't know what you mean. You can't manage a whitelist with a single big red on/off button, if that's what you want. | | |
| ▲ | akimbostrawman 2 days ago | parent [-] | | You technically can, that is what community website rule Recipe are for. | | |
| ▲ | M95D 13 hours ago | parent [-] | | I didn't knew community/public whitelists exist, nor any browser extension that uses whitelists and blocks all other connections by default, like uMatrix does. Do you have any examples? |
|
|
|
| |
| ▲ | account42 3 days ago | parent | prev | next [-] | | Until uBO has an even remotely usable interface for this use case people (including myself) will continue to use uMaxtrix or forks of it instead. | | |
| ▲ | freedomben 2 days ago | parent [-] | | Amen. I would (and did!) switch browsers to continue using uMatrix rather than go without (and uBO is not a replacement) |
| |
| ▲ | Semaphor 3 days ago | parent | prev | next [-] | | I reluctantly switched to only uBo because of uM bugs. But the UI/UX is just a huge step backwards to enable mobile usability. | |
| ▲ | OJFord 3 days ago | parent | prev | next [-] | | uBO advanced settings still isn't as flexible as uMatrix was though, fwiw. (I did give in and switch in the end though.) | |
| ▲ | aembleton 3 days ago | parent | prev [-] | | With uBO I can't block cookies by domain. |
|
|
| ▲ | quietfox 3 days ago | parent | prev | next [-] |
| It seems to try to check if you are using the Burp Suite on their web application. |
|
| ▲ | samsonradu 3 days ago | parent | prev | next [-] |
| How does it manage to hide the requests to 127.0.0.1 from the network tab? |
| |
| ▲ | worthless-trash 3 days ago | parent | next [-] | | The requests are not made, because some operating systems prevent this. If you're on OSX, the permission to "discover on the local network" prevents it from happening ( System Settings -> Privacy & Security -> Local Network -> yourbrowser ) Could also be 'network' permissions on firefox ( Go to Settings > Privacy & Security > Permissions ) which is on a per site level, but iirc that could be set site-wide at some point. The other browsers likely have similar configs, but this is what I have found. | | |
| ▲ | snowwrestler 2 days ago | parent [-] | | Looks like this is new to MacOS 15 Sequoia, as I don’t see a Local Network option in Sonoma. |
| |
| ▲ | M95D 3 days ago | parent | prev [-] | | I have no ideea. Possibly that's a limitation of Chrome+Firefox developer tools (I get the feeling it's the same code)? But I found what "burp" is: https://portswigger.net/burp/communitydownload | | |
| ▲ | culturestate 3 days ago | parent | next [-] | | It seems like they only make the localhost requests on your first visit. If you open devtools in incognito mode (or just clear the cookies) before accessing https://ceac.state.gov/genniv/ you should see those 127.0.0.1 attempts as ERR_CONNECTION_REFUSED in the network tab. Somewhat more worryingly, Little Snitch doesn't report them at all, though that might just be because they were already blocked at the browser. | |
| ▲ | inferiorhuman 3 days ago | parent | prev [-] | | This is what I see. https://i.imgur.com/lvjg2YQ.png | | |
| ▲ | hoherd 3 days ago | parent [-] | | > 400_random_url_with_numbers_403 That looks so much like test code that was shipped to prod. Searches for that string on GH does return results. |
|
|
|
|
| ▲ | sylware 3 days ago | parent | prev [-] |
| Whitelisting seems to be the way to go. With IPv6 and OS generated IPs (up to what the ISP domestic router allows) could be very efficient. |
