Microsoft released yesterday the second cumulative update for the Windows 10 April 2018 Update, following build 17134.48, which was released two weeks ago on the last official Patch Tuesday. The last feature update hasn’t been without its share of problems, such as issues with SSDs from Intel and Toshiba. Now Microsoft tried to fix it with another 400+ MB update.
Month: May 2018
-
nVidia released today another driver, besides the usual bugfixes it has something new in it, the Setup requires now – no matter what – you to keep the GeForce Experience folder within the same dir as the Setup.exe – or you get an error. Before someone cries, it’s because changes of the Setup.exe itself – it now checks and gives you a new advance information what you like to install or not, which includes GeForce Experience directly.
-
G.Skill has some good hardware, without any doubt, the RAM they have to offer is same like their gaming mouse not that bad but what I have to say when it comes to the support is nothing but bad (for G.Skill). G.Skill reminds me a bit of the story I had with NZXT and their CAM software – read the full story here. Both are very similar the hardware is good but the software has some room for improvements, the worst part is that both including telemetry in their software and there is not much you can do about, blocking it with a firewall mostly doesn’t help or it breaks the login (CAM software can work without any login but it’s limited in function).
-
Firefox’s recent update to version 60 and it started displaying sponsored ads whenever you open a new tab. Some users may not mind seeing these ads, but others want them gone yesterday. Don’t worry if you don’t get along with technology, as the steps to disable sponsored ads are quick and easy.
-
The popular firewall GUI application for Windows systems Windows Firewall Control (short: WFC) is now officially acquired by Malwarebytes. Financial terms of the deal were not disclosed and the old WFC source code will not be released. On Tuesday, the cybersecurity firm said the deal will help IT administrators protect enterprise endpoints through the integration of BiniSoft’s Microsoft Windows Firewall Control tools.
-
Yes, another program shipped with telemetry – that’s what we love, oh wait it’s exactly the opposite. While telemetry is something you can’t escape from and a ‘new’ hype (it all started with Google and the so-called ‘tracking’) everyone seems to do the same now, Mozilla, Avast, Microsoft & Co. The bitter pill is that you basically have only three option like 1) Switch to another program 2). Disable or block telemetry 3). Just live with it. For most people blocking or using another program is the best solution so far.
-
Hacker Kevin Mitnick and several other hackers already demonstrated that Two-Factor Authentication can be bypasses via pishing and other techniques. Before you going to panic here are the important information what you should do.
-
-
There bad news and there’s good news for security fans, first things first – the Chromium source code disabled the ability to compile the Browser without WebRTC. For those who have no clue why WebRTC is a thing, well back in 2015 there was a huge security breach based on the Web Real-Time Communication project which allowed attackers to reveal your real IP even behind a VPN. So people started to asking what can we do and it seems disabling WebRTC is the best solution – in case you’re VPN hasn’t patched his own VPN configuration.
Alternative Chromium based Browsers
I often recommend the project woolyss because these guys behind the project compiled a Chromium version (stable/beta) without stuff like WebRTC (and more) but the times are over because Chromium project decided to remove the ability to compile the Browser without the flag. The change made sense in my opinion because WebRTC is not evil it’s just that some bad guys can abuse some weaknesses but no protocol/project is perfect and most VPN providers have already patched their server configuration in order to prevent any IP leakage. Chromium official provided a extension, to control this but some people prefered to entirely disable WebRTC, well that’s imo not optimal solution because WebRTC Video calls are still more secure than compared to other insecure protocols. Most modern chat clients also using WebRTC like Discord, Riot or Signal.
So what can you do?
Well the woolyss project is not dead and I’m sure these guys will work on it but in the meantime you might want to try out Cent Browser. It’s a pretty young project from 2015 and it looks promising since these developers including patches in order to provide builds without WebRTC and other stuff like disabling HTML5 canvas in order to reduce your Browser fingerprint. It seems – from what I saw so far – the CHromium based Browser with the most features.
The developers seem to put a lot of effort into the project in order to provide a ‘unfucked’ Browser. I already wrote a comment on woolyss (which wasn’t published for no reasons) that they might could ask those devs to get the necessary patches to continue to provide their builds without WebRTC.
Final Words
WebRTC is a privacy concern since 2015 for some people, because attackers might can abuse a weakness and WebRTC itself can’t be patches to solve this without breaking existent implementations so it’s up to your Browser to protect you against it, but the implementations are problematically. You can Enable or disable WebRTC in Firefox or Cent Browser but there is no domain based rule exclusion possible, which would be optimal to disallow WebRTC on a global level and allow it only for those pages which are secured.
You must be logged in to post a comment.