Browsers Download malware, viruses and illegal programs

Microsoft Edge is testing a new feature in its Canary version that allows you to prevent the download of potentially unwanted programs (PUPs) by the browser.

Potentially unwanted programs, or PUAs as Microsoft calls them, are software that overlaps the line between legitimate applications and malicious programs. They tend to display unwanted ads, make redirects, divert browser or computer functions, use scare tactics, or pretend to fix system problems, but do nothing.

In many cases, these types of programs should be classified as malware, but not for legal reasons.

https://www.bleepingcomputer.com/news

Microsoft Edge allows you to block potentially unwanted programs

python – In all browsers, I accept decimal points

I have a form that in Firefox accepts the comma to separate decimals but with Chrome I accept the point. I want both browsers to always accept me as a comma; I want only numbers such as 560.25 or 1250.75 to be entered, for example. We use HTML5, in a project with Python / Django.

an entry type number

What are the different browsers that support HTML5?

Hello friends,

What are the different browsers that support HTML5?

seo – Google can not retrieve a large sitemap containing 50,000 URLs, or browsers generating it

My sitemap contains 50,000 URLs / 7.8 MB and the following URL syntax:




 https://www.ninjogos.com.br/resultados?pesquisa=vestido, maquiagem,   2019-10-03T17:12:01-03:00 
 1.00 


The problems are:

• The search console indicates that "The site map could not be read".

• Loading the Sitemap takes 1 hour and Chrome stops working.

enter the description of the image here

• In Firefox, the Sitemap downloaded in 1483ms and fully loaded after 5 minutes);

Things I did without success:

• disable GZip compression;

• Delete my .htaccess file;

• Create a Test Sitemap with 1 KB URLs and the same syntax that you sent to the Search Console. It worked, but the Sitemap of 50,000 URLs still indicates "" the inability to retrieve the Sitemap ";

enter the description of the image here

• I tried to inspect the URL directly, but this gave an error and asked to try again later while the 1K URL was working;

• I tried to validate the Sitemap on five different sites (YANDEX, ETC) and all worked without error or warning.

A light?

mobile – Do Android browsers always cache HTTP requests?

I have a strange example happening here as follows:

Open the page / home, on the page ready an ajax request is made to / api / photos

  1. The user approves / refuses each of these photos in a sliding manner, sees the first, makes the decision to reject / approve and then sees the next, and so on.
  2. If the user approves, say 2 photos and currently sees the 3rd picture and closes the browser. After reopening the browser, he reviews the first picture!

(The http request to / api / photos is not in progress, if it was, the first two photos would not be returned because an action has already been taken for them.)

The following scenario works well on desktop browsers, each time / home is opened, the AJAX request on the ready page is made to / api / photos and only the correct data is displayed.

This caching behavior should not occur because the response from the returned API explicitly states that you should not cache:

Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Type: application/json
Date: Sun, 29 Sep 2019 17:44:33 GMT
expires: -1
pragma: no-cache

Is this a behavior for all mobile browsers?

What is the best way to solve this problem?

It's really frustrating to have that kind of "cache" without the developer's consent.

If the status of the page was correctly recorded by the mobile browser, the user would have had to see the 3rd photo where the view was actually left, but it's like the last one. The http request is redone instead of making a new one on page ready, where it is supposed to be done according to the code.

privacy – How to fight against the fingerprints of browsers?

The fingerprint technology used by the EFF is nothing but the "normal" Javascript functions used by websites to, finally, function properly. It is possible to report false information to the outside, but you could then "fall behind":

  • the false information you would need to send along change and yours does not make you unique – and suspicious;
  • detection techniques change, and you are not aware of them, so go back to the unique;

or have a really awkward navigation.

Assuming you can use Tor, a VPN, or an OpenShell anywhere to route your IP address by tunnel, the "safest" practice would, in my opinion, be to enable a virtual machine. Install a stock of Windows Seven on this one and use sensitive operation to privacy. Do not install anything unusual on the machine, and it will truthfully say that it is a standard Windows Seven machine, one among a horde of similar machines.

You also have the advantage of being isolated from the machine inside your real system and being able to perform a quick snapshot / reinstallation. What you can do from time to time – the "you" who did all the navigation before disappears and a new "you" appears, with a clean story.

This can be very useful because you can keep a "clean" snapshot and always restore it before sensitive operations such as home banking. Some VMs also allow "sandboxing", that is, no change to the VM will permanently change its content: all system changes, downloaded malware, installed viruses, injected keystrokes, disappear as soon as the virtual machine is powered down.

Any other technique would be no less intrusive, and would involve considerable work on the browser or on some kind of anonymization proxy designed not only to clean your headers and your Javascript answers (as well as the fonts!), but to do it in a credible way.

In my opinion, not only would the total amount of work be the same (or even more), but it would be a much more complicated and less stable type of work.

Install the most popular operating system, respect the browser and software provided, resist the temptation to make up, and what really distinguishes this computer from the machine hundreds of thousands similar computers on the Internet that have just been installed and are never maintained,

Update – navigation behavior and side channels

Now I have installed a Windows 7 virtual machine, I have even upgraded to Windows 10 as would Joe Q. Average. I do not use Tor or VPN; all that an external site can see, is that I connect from Florence, Italy. There are thirty thousand connections exactly like mine. Even knowing my supplier, there are about nine thousand candidates left. Is it sufficiently anonymous?

It turns out that this is not the case. There could still be correlations which could be studied, with sufficient access. For example, I play an online game and my entry is sent right away (buffered character, not online). It becomes possible to prevent fingerprints from digrams and trigrams and, with a sufficiently large corpus, to establish that the online user A is the same person as the online user. B (in the same online game, of course). The same problem could occur elsewhere.

When I surf the Internet, I always tend to view the same sites in the same order. And of course, I go on my "personal pages" on several sites, for example. Stack overflow, regularly. A custom image distribution is already in my browser and is not downloaded at all or is ignored with a HTTP If-Modified-Since or If-None-Match request. This combination of habit and browser service is also a signature.

Given the wealth of tagging methods available on websites, it is not safe to assume that only cookies and passive data could be collected. For example, a site may announce the need to install a font called Tracking-ff0a7a.otf, and the browser would download it conscientiously. This file would not necessarily be deleted when erasing the cache, and during subsequent visits it would not be re-downloaded, which would prove that I have already visited the site. The font can not be the same for all users, but contain a unique combination of glyphs (for example, the character "1" may contain a "d", "2" may contain an "e", "4" may contain a "d" again – or it can be done with rarely used font code points), and HTML5 can be used to draw a string of "12345678" glyphs on an invisible canvas and to download the result as a # 39; s image. The image would then spell out the hexagonal sequence, unique to me, "deadbeef". And this is, for all intents and purposes, a cookie.

To fight against this, I may need:

  • re-snap the VM full after each browsing session (and reset the modem when I do it). Keeping the same virtual machine always would not be enough.
  • use multiple virtual machines or different browsers, as well as known proxy services or Tor (it would not be appropriate for me to use a single proxy for me, or for which I am the only user of Florence, for the purposes of 39; anonymity).
  • regularly empty and / or clean the browser cache and remember do not to always open, for example, XKCD immediately after questionable Content.
  • Adopt two or more personalities for the services for which I wish to remain anonymous and those who do not interest me, and make sure to separate them into separate virtual machines. , so that a permanent link can possibly be established by an external organization sufficiently informed.

Which also proves that I would prefer to remain anonymous: it is because to achieve it reliably will be a royal pain in the back.

Where are chrome form and field data and other browsers stored?

It was a surprise for me when I restarted my computer. All forms on Chrome were open and the text still intact. How is it possible. I thought the data is stored in RAM and would be deleted. When I restored the tabs, all the text of the forms and text boxes was present. It works in Chrome and Firefox. This can have serious security implications if sensitive information is stored in such forms. How to purge permanently all the data of the navigator?

JS does not work properly in IE and Edge browsers

Hello!
I have a small music player based on JS on my homepage, in its upper left corner (just above the logo). And it works fine in all browsers except IE and Edge. In these cases, it tells NaN where the total duration of the song is supposed to be after the page loads. I can not attach a print screen here, but you can either follow the link of my site, or a link to a photo bank on which the download was done successfully.
https://radikal.ru/big/daxo0afors30u
But if you try to load my site in FF or Chrome, then …

JS does not work properly in IE and Edge browsers

Computer Networks – How Do Web Browsers Discover the MAC Address?

While browsing through my manual, I discovered that if you want to access a particular web page, your web browser will find the IP address of the web server that hosts the web page and will try to connect to it. It will then transfer a copy of the web page to your computer so that you can view it.

However, my concern is … I discovered that the IP address allows sending data to the local network of the device, but so that the data can be sent to the device itself, the MAC address is required to transfer data from the local network to the device.

BUT, in my manual, it says nowhere how the web browser of the computer discovers the MAC address of the web server. It indicates that the computer is looking for the IP address of the web server using the Domain Name System (DNS).

So, how does the computer discover the MAC address of the server?

Answers would be much appreciated.

javascript – node.js – The buffer with & # 39; space.repeat & # 39; does it work the same way on all browsers

I'm trying to return the string below the Node.js response object to the React application with some predefined spaces manually added between buffer variables in this way,

const space = ' ';
const nextLine = 'rn';

const nodeResp = Buffer.concat((
    Buffer.from(` This ${nextLine}`),
    Buffer.from(` is ${nextLine} `),
    Buffer.from(` a ${nextLine}`),
    Buffer.from(`Sample ${space.repeat(84)} : yess ${nextLine}`),
    Buffer.from(`React ${space.repeat(85)} : nooo ${nextLine}`),
    Buffer.from(`App ${space.repeat(87)} : yess ${nextLine}`),
    Buffer.from('From Node.')));

  res.set('Content-Type', 'text/plain').send(nodeResp);

The methods' space.repeat & # 39; will they return the same space, through the navigators and through the resolutions?

I mean that the output displayed from my code above will be the same way on all resolutions / browsers or that my result will be in different spaces in different operating environments / systems.

I'm learning the knot js and I need help in this regard.

Can someone guide me in this matter?

Thank you in advance.