After using (Matrix) Riot-Client for a quite some time, (over a year from now) I decided to share my own opinion on the current progress and state.
Author: CHEF-KOCH
-
There bad news and there’s good news for security fans, first things first – the Chromium source code disabled the ability to compile the Browser without WebRTC. For those who have no clue why WebRTC is a thing, well back in 2015 there was a huge security breach based on the Web Real-Time Communication project which allowed attackers to reveal your real IP even behind a VPN. So people started to asking what can we do and it seems disabling WebRTC is the best solution – in case you’re VPN hasn’t patched his own VPN configuration.
Cent Browser still allows you to disable WebRTC together with some other gimmicks. Alternative Chromium based Browsers
I often recommend the project woolyss because these guys behind the project compiled a Chromium version (stable/beta) without stuff like WebRTC (and more) but the times are over because Chromium project decided to remove the ability to compile the Browser without the flag. The change made sense in my opinion because WebRTC is not evil it’s just that some bad guys can abuse some weaknesses but no protocol/project is perfect and most VPN providers have already patched their server configuration in order to prevent any IP leakage. Chromium official provided a extension, to control this but some people prefered to entirely disable WebRTC, well that’s imo not optimal solution because WebRTC Video calls are still more secure than compared to other insecure protocols. Most modern chat clients also using WebRTC like Discord, Riot or Signal.
So what can you do?
Well the woolyss project is not dead and I’m sure these guys will work on it but in the meantime you might want to try out Cent Browser. It’s a pretty young project from 2015 and it looks promising since these developers including patches in order to provide builds without WebRTC and other stuff like disabling HTML5 canvas in order to reduce your Browser fingerprint. It seems – from what I saw so far – the CHromium based Browser with the most features.
The developers seem to put a lot of effort into the project in order to provide a ‘unfucked’ Browser. I already wrote a comment on woolyss (which wasn’t published for no reasons) that they might could ask those devs to get the necessary patches to continue to provide their builds without WebRTC.
Final Words
WebRTC is a privacy concern since 2015 for some people, because attackers might can abuse a weakness and WebRTC itself can’t be patches to solve this without breaking existent implementations so it’s up to your Browser to protect you against it, but the implementations are problematically. You can Enable or disable WebRTC in Firefox or Cent Browser but there is no domain based rule exclusion possible, which would be optimal to disallow WebRTC on a global level and allow it only for those pages which are secured.
-
Well, I’m already fighting for years against FUD, especially when it comes to privacy tools and recommendation I often fight against individuals or people who still to believe in application security. However, this time Electronic Frontier Foundation (EFF) failed – so what happened? We had the recent leak called Efail which is a weakness in PGP and S/MIME and EFF wrote in their documentation as precautions to disable security extensions S/MIME – which is a no-go advise, especially because everything is in most cases patchable so in this case.
EFail Overview. -
It was just over a month ago that Microsoft announced the next feature update for the Xbox ONe family of consoles, version 1805. It’s been in testing with Insiders since then, but today, the update is available for everyone, according to Microsoft’s Brad Rossetti.
-
s1ave77 (known from MDL forums) wrote another little utility in order to activate any Windows 10 version, for Volume license versions this means it doesn’t require KMS in order to activate it. It’s also not depending to install an older Windows Version in order to ‘upgrade’ your Windows to a newer version (upgrade ‘trick). The program itself has a strange name, it’s called ‘hwidgen.mk3‘ but who really cares about names, right?
Fresh installed Win 10 April Update Ent. x64 activated via hwidgen.mk3 -
CPY did it once again they bypassed (yep, bypassed not cracked) Denuvo’s latest copyright protection. It only took 19 days to bypass the latest anti-tamper technology. This means you can play Far Cry 5 for free. This seems to be a new record, cause the old methods in order to bypass it got improved which made it easier to release something earlier.
How crackers might see Ubisoft’s effort to protect the games. Picture Source: Imgur -
In case you haven’t upgraded yet, this is another chance. Windows 7 and Windows 8.1 users still can get Windows 10 for free in a legal way.
-
Microsoft planned to release the Windows 10 Spring Creators Update (1803) today, but it appears that the release has been delayed because quality management reasons. Instead we get a lot of new security relevant updates which fixing several holes.
-
It can be pain in the ass when you have a good monitor which displays the fonts blurry because your Windows OS or an application ‘pixelrate’ them. Many 1080p displays, especially smaller screens and laptops seem to suffer from blurry fonts e.g. under Windows. This little lemme fix shows what options you get in order to correct this behavior.
Older Steam versions had blurry fonts, this is fixed by now the application was optimized.
You must be logged in to post a comment.