BloatFE is a incredible front-end for fediverse that uses browser frames, firefox seems to have a massive bug in firefox that carries thru to #torbrowser, where the browser slows to a crawl when the frames are in use. does anyone want to explore this? it could be my pc but i doubt it.
like clockwork, when i boot #bloat my pc suffers in a BIG way.
maybe #librewolf devs are interented in this too?
@r @torproject @m0xee @jeffcliff @thendrix @gabriel @sj_zero @Suiseiseki The last time Tor browser crapped itself INSTANTLY was shortly after i loaded this ARCHIVED VERSION OF this page (@internetarchive). Someone on fedi shared the, iirc, non-archived version of this link and i was curious.
I made a note of the browser crash in october, i must've had JS enabled because my note says "reqJs"
I have only just in the past few days had a chance to READ the note and revisit the page. As a part-time "coincidence suspector" I find it interesting that loading that page caused my browser to die instantly.... it doesn't now (not that that means much). If i had a chance to read it in october i'd have had a good few things to say about so-called "(#wateringHole) attacks". I feel a *cough* coming on....
The following are mentioned in the atricle, as attacked sites (my notes in parenthesis):
- #rojnews .news * COUGH* (#cloudflare (cf), not visited)
- #hawarnews .com (cf, not visited)
- #targetplatform .net (packed with youtube videos, seems westernized)
I'd be VERY interested to know whether the sites above were cf during/before this attack but either way this is quite concerning, if the site was cf before the attack that could address HOW those sites were breached in the first place. If cf during the attack, then cf has failed in its mission to protect from the #cyberattack. If the sites became cf after, then we must ask do sites immediately become cf'd when a problem emerges? Would Kurdish outlets knowingly have a policy like that? Do the site owners EVEN KNOW the site is cf? This is not as silly a question as it sounds.
Next i checked #kurdish news sites found in my own searches (with notes):
- #kurditv .com * STILL COUGHING* (requires #google js(without integrity checks?!) to view videos!)
- #kurdistanobserver .com (on googl servers, not visited)
- #thekurdishproject .org (cf, not visited (NV))
- #infopig .com (down at time of test)
- #iranpressnews .com (cf, NV)
- #ekurd .net (cf, NV)
- #kurdpa .net (cf, NV)
- #newslive .com (cf NV)
- #kurdistan24 .net (cf NV)
- #basnews .com (cf NV)
- #kurdistantv .net (cf NV)
- #zagrosnews .net (cf NV)
- #kurdistanin .net (googl non-integrity checked js.... bunny, cf and amazon cloudfront resources)
- #kurdistantribune .com (fetches non-integrity checked statcounter (cf) js, which is blocked by uBlockOrigin if u use TorBrowser in TailsOS. Uses youtube, feedburner (cf), #facebook and #twitter/ #fastly fetches snitch on the EXACT articles u read(!!!), with twitter js not being integrity checked)
WATERING HOLE ATTACK RATING = EXTREME
DIGITAL COLONIALISM INDEX = 99%?
*END COUGH* (yeah i spent a few good hours coughing this up like a bad furball)
The article itself is not even very complete.... how are the supposed #APK files/apps getting manually(?) approved and installed on peoples' devices? .... @fdroidorg should be so lucky. Maybe the fdroid team need to take a feather from this hackers black hat? am i missing something here or does this story SMELL a bit?
Thoughts?
@m0xee @r sorry for l8 respose.
honestly i dont know what triggers the crippling slowdowns i use tor browser and have a way to access i2p sites in a firefox based browser also.
im starting to think that google safe browsing has not been properly removed (@torproject). its either that or something more problematic, maybe theyve gotten rid of the "phone home" aspect but they HAVE NOT removed the code entirely or something. when i go to particular websites especially those with comments sections, that may have particular phrases or urls on the page that might trigger snitching to google, suddenly or slowly the browser will die, it happens ALMOST like clockwork, about 50% of the time i access some sites. it has the effect of making me scared to visit some sites to see what certain people are saying. I dont think can't be a #goincidence (fraudian slip, lol I'm hashtagging it)
1/2