Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > alt.comp.software.firefox > #14677 > unrolled thread

Re: uBlock Origin 1.65.0 (2025-07-10)

Back to article view | Back to alt.comp.software.firefox

This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by below is the oldest one visible, not the original post.

Contents

  Re: uBlock Origin 1.65.0 (2025-07-10) Marion <marion@facts.com> - 2025-08-24 14:54 +0000
    Re: uBlock Origin 1.65.0 (2025-07-10) NFN Smith <worldoff9908@gmail.com> - 2025-08-26 12:23 -0700
      Re: uBlock Origin 1.65.0 (2025-07-10) Marion <marion@facts.com> - 2025-08-29 05:40 +0000
    Re: uBlock Origin 1.65.0 (2025-07-10) NFN Smith <worldoff9908@gmail.com> - 2025-08-29 12:59 -0700
      Re: uBlock Origin 1.65.0 (2025-07-10) Marion <marion@facts.com> - 2025-08-29 23:06 +0000

#14677 — Re: uBlock Origin 1.65.0 (2025-07-10)

On Sun, 24 Aug 2025 09:48:33 +0100, Jim the Geordie wrote :


>>> On 24/8/2025 2:28 am, D wrote:
>>>> best browser extension ever invented by man . . .
>>>>
>>>> Firefox 142.0
>>>> Tools > Extensions and Themes [Ctrl+Shift+A]
>>>
>>> Switched to it from Adblock for many years... couldn't quite remember
>>> why. Something to do with Firefox changing its add-on mechanism.
>>>
>> 
>> Adblock started allowing certain ads through:
>> 
>> "Starting with version 2.0, Adblock Plus started allowing "acceptable
>> ads" by default,[72] with acceptable ad standards being set by The
>> Acceptable Ads Committee.[73] They charge large institutions fees to
>> become whitelisted and marked as "acceptable", stating "[Adblock Plus]
>> only charge large entities a license fee so that we can offer the same
>> whitelisting services to everyone and maintain our resources to develop
>> the best software for our users." on their about page.[74]"
>> 
>>  From https://en.wikipedia.org/wiki/Adblock_Plus
>> 
>> uBlock Origin doesn't play that game.
>> 
> If you use Brave Browser, no adblocking add-on is needed.

My two cents... bearing in mind I never used extensions until early July
when Epic Privacy Browser went bust... I'm building two sets of DIY privacy
browsers where I've settled (currently) on almost a score of extensions
(not counting VPN extensions) which are the following currently for the
Chromium side of the family (given it was easier than the Mozilla side).

Browser: Brave and/or Ungoogled Chromium (LibreFox and/or MullVad)
 1. Canvas Blocker - Fingerprint Protect : version 0_2_2
 2. ClearURLs : version 1_26_0
 3. Cookie AutoDelete : version 3_8_2
 4. CthulhuJs (Anti-Fingerprint) : version 8_0_6
 5. Decentraleyes : version 3_0_0
 6. Extension Manager : version 9_5_2
 7. Font Fingerprint Defender : version 0_1_6
 8. LocalCDN : version 2_6_79
 9. Location Guard (V3) : version 3_0_0
 10. Privacy Badger : version 2025_5_30
 11. Referer Control : version 1_35
 12. Skip Redirect : version 2_3_6
 13. StayInTab : version 1_0
 14. Trace - Online Tracking Protection : version 3_0_6
 15. uBlock Origin : version 1_65_0
 16. User-Agent Switcher and Manager : version 0_6_4
 17. WebRTC Control : version 0_3_3
 18. NoScript is useful, but I find it a PITA so it's disabled for now.

The question came up from Mr. Man-wai Chang about Adblock Plus.

While there will always be overlap when you have a score of extensions,
 a. uBlock Origin is more efficient (apparently)
 b. It's said to be more powerful in supporting advanced rule creation
 c. It's said to support dynamic & cosmetic filtering
 c. Critically, it doesn't have an "acceptable ads" program
 d. And it's often considered more actively maintained

Since there is a large amount of overlap, I left AdBlock Plus out of the
mix of privacy extensions that I'm testing for the DIY privacy browser(s).

But I could be wrong as I must state openly I never touched extensions
until being forced to give up on my daily driver privacy browser in July.

Side Note: The VPN extension test covering a score of supposedly free, ad
free, registration free VPN extensions is still a work in progress
covering, so far, the following successful & failed VPN extensions:

These passed initial testing criteria (free, account free, ad free):
 1. browsec
 2. hoxx 
 3. securefreeedgevpn
 4. setupvpn
 5. vpnly
 6. xvpn
 7. 1clickvpn
 8. 1vpn 

These failed initial testing criteria (free, account free, ad free):
 a. hiddenbatvpn
 b. hidemevpn
 c. hotspotshieldvpn
 d. itopvpn
 e. protonvpn
 f. tunnelbearvpn
 g. urbanvpn
 h. windscribevpn

Correction: I correct an earlier assessment that all the VPN extensions
"slow down" drastically within days; I think some of that is due to the
plethora of privacy-baswed extensions - so I switched the testing over to
testing instead the free,adfree,registrationfree system-wide VPNs with a
free-adfree-regfree socks5 proxy (Psiphon) and, for non-browser
applications, a free-adfree-regfree proxifier such as ProxyCAp64/FreeCap.

Note I found out the hard way that Mozilla browsers handle proxies very
differently than do Chromium browsers, which themselves handle proxies
differently than most programs do where Windows has three layers of proxies
that I had to write scripts (e.g., proxy.bat which morphed yesterday to
proxy.cmd due to Windows quirks) to synchronize manually the three proxy
mechanisms what Windows should have synchronized automatically. Sigh. 

Note also that there are too many free/regfree/adfree system-wide
openvpn.exe free public VPN servers out there to list (many thousands!) so
it will take a while before I test them all sufficiently to declare which
free system-wide VPN server set is the easiest & fastest as all require
additional software (e.g., softether or openvpn.exe) and scripts (due to
changing passwords mostly).

Lastly, I wasted days testing proxy servers, of which there are so many
thousands out there that you'd go nuts trying them all, but they're all
apparently abysmal in terms of reliability compared to the acceptable
reliability of the free public no-registration openVPN services that I'm
currently testing. After days of a miserable existence testing them,
writing script after script after script to deal with their ephemeral
nature, I gave up concluding that you'd have to have TLA-like resources to
keep up with the few proxy services which stay alive long enough to be
useful. 

Apologies for the long-winded response but that's the status of my testing
in a nutshell, in the fewest words that still convey accurate assessment.

[toc] | [next] | [standalone]

#14740

Replying to several posts simultaneously (and Firefox newsgroup only)

Marion wrote:
> On Sun, 24 Aug 2025 09:48:33 +0100, Jim the Geordie wrote :

>>>
>>> Adblock started allowing certain ads through:
>>>
>>> "Starting with version 2.0, Adblock Plus started allowing "acceptable
>>> ads" by default,[72] with acceptable ad standards being set by The
>>> Acceptable Ads Committee.[73] 

It's been a while since last looked at AdBlock Plus, but if I remember 
correctly, their handling of "Acceptable Ads" was to enable as a 
default, but where users could choose to opt out. I don't know if that's 
changed. On the other hand, a news report indicates that the developers 
are being sued in Germany, because the plaintiffs claim that AdBlock 
Plus is disrupting their business, and using copyright violation as a 
justification.

 From a user standpoint, I want to block as many ads as possible, but I 
can appreciate where the Adblock Plus developer is, in trying to balance 
conflicting expectations.

> 
> My two cents... bearing in mind I never used extensions until early July
> when Epic Privacy Browser went bust... I'm building two sets of DIY privacy
> browsers where I've settled (currently) on almost a score of extensions
> (not counting VPN extensions) which are the following currently for the
> Chromium side of the family (given it was easier than the Mozilla side).
> 
> Browser: Brave and/or Ungoogled Chromium (LibreFox and/or MullVad)
>   1. Canvas Blocker - Fingerprint Protect : version 0_2_2
>   2. ClearURLs : version 1_26_0
>   3. Cookie AutoDelete : version 3_8_2
>   4. CthulhuJs (Anti-Fingerprint) : version 8_0_6
>   5. Decentraleyes : version 3_0_0
>   6. Extension Manager : version 9_5_2
>   7. Font Fingerprint Defender : version 0_1_6
>   8. LocalCDN : version 2_6_79
>   9. Location Guard (V3) : version 3_0_0
>   10. Privacy Badger : version 2025_5_30
>   11. Referer Control : version 1_35
>   12. Skip Redirect : version 2_3_6
>   13. StayInTab : version 1_0
>   14. Trace - Online Tracking Protection : version 3_0_6
>   15. uBlock Origin : version 1_65_0
>   16. User-Agent Switcher and Manager : version 0_6_4
>   17. WebRTC Control : version 0_3_3
>   18. NoScript is useful, but I find it a PITA so it's disabled for now.

Of this set, I use Cookie AutoDelete, Decentraleyes, Privacy Badger, 
uBlock origin, a different user agent switcher and NoScript, but I'm not 
familiar with the others.

I really like Cookie AutoDelete (in conjunction with having Firefox set 
to delete all cookies at the end of a session), and with this, I find it 
a lot easier than trying to decide which sites should be allowed to set 
cookies or not.

I agree that NoScript is an acquired taste -- it definitely helps block 
unwanted scripting (not just tracking) but can be disruptive to sites, 
of constantly having to review permissions.  Permanent whitelisting can 
be a good idea, but I've found with some scripting hosts, it's necessary 
to whitelist at least part of the time, especially Google-hosted ones 
such as googletagmanager or gstatic.  A lot depends on how a site is 
coded, whether scripting is essential or not.

Two others that I find that I like:

- Clear Browsing Data allows me one-button ability to clear cache and 
cookies on demand, without having to dig further into Firefox configs.

- I Don't Care About Cookies suppresses the constant pop-ups of Cookie 
notifications that is required by the EU. To me, cookie notifications 
are nothing but extra noise.  I assume that sites are setting cookies, 
and with aggressive cookie deletion, I don't need notifications. With 
NoScript active, I rarely see cookie notifications, and I also have 
cookielaw.org permanently blacklisted. Although I think that some sites 
may do their own cookie notifications, many do that through 
third-parties such as cookielaw. I'm sure that there are others that I 
haven't yet identified.

I notice that PrivacyPossum isn't included here, but I don't think 
that's an issue. I looked at that briefly recently, and while the 
anti-fingerprinting aspect is attractive, I didn't see that it did 
anything useful for me.

> 
> The question came up from Mr. Man-wai Chang about Adblock Plus.
> 
> While there will always be overlap when you have a score of extensions,
>   a. uBlock Origin is more efficient (apparently)
>   b. It's said to be more powerful in supporting advanced rule creation
>   c. It's said to support dynamic & cosmetic filtering
>   c. Critically, it doesn't have an "acceptable ads" program
>   d. And it's often considered more actively maintained
> 
> Since there is a large amount of overlap, I left AdBlock Plus out of the
> mix of privacy extensions that I'm testing for the DIY privacy browser(s).

Ultimately Adblock Plus and uBlock Origin mostly overlap in what they 
do. If you have one, you don't really need the other.

> Side Note: The VPN extension test covering a score of supposedly free, ad
> free, registration free VPN extensions is still a work in progress
> covering, so far, the following successful & failed VPN extensions:

I'm generally unfriendly to free VPN, especially the ones that run only 
as browser extensions. If a provider isn't charging for services, then 
they have to find other sources of revenue, and frequently that's 
related to advertising, or some other form of monetizing user data.

The only ones that I trust are ones that offer a reduced-capacity 
entry-level tier that is unpaid, and where the purpose of unpaid is 
promotion of upgrades to paid tiers of service. And I'm only willing to 
use providers that protect the entire computer, not just a single 
browser (or in the case of Firefox, a single profile). Since I several 
browsers simultaneously, as well as multiple Firefox profiles, the 
protection provided by an extension is quite limited for my use.

I'm generally unfriendly to free VPN, especially the ones that run only 
as browser extensions. If a provider isn't charging for services, then 
they have to find other sources of revenue, and frequently that's 
related to advertising, or some other form of monetizing user data.

The only ones that I trust are ones that offer a reduced-capacity 
entry-level tier that is unpaid, and where the purpose of unpaid is 
promotion of upgrades to paid tiers of service. And I'm only willing to 
use providers that protect the entire computer, not just a single 
browser (or in the case of Firefox, a single profile). Since I several 
browsers simultaneously, as well as multiple Firefox profiles, the 
protection provided by an extension is quite limited for my use.


> Correction: I correct an earlier assessment that all the VPN extensions
> "slow down" drastically within days; I think some of that is due to the
> plethora of privacy-baswed extensions - so I switched the testing over to
> testing instead the free,adfree,registrationfree system-wide VPNs with a
> free-adfree-regfree socks5 proxy (Psiphon) and, for non-browser
> applications, a free-adfree-regfree proxifier such as ProxyCAp64/FreeCap.

I don't think it's surprising that use of too many extensions is likely 
to affect performance, and after you get past the handful of most 
commonly-used things, I think there is high probability that you're 
going to start seeing significant amounts of redundancy, of multiple 
tools trying to filter the same stuff simultaneously, but where all the 
tools are consuming resources to do so, even if they're not actively 
conflicting with each other.

I think that it's also important to account for a point of diminishing 
returns, where adding one more tool to the set isn't going to produce 
corresponding benefit for the amount of resources spent. I don't believe 
that it's possible to do something air-tight -- there's always going to 
be something unwanted that may get through, if not today, then probably 
the day after tomorrow. Do you really want to spend all of your time 
trying to find and seal that last hole (which may not stay sealed for 
very long)? Or is there a point where you can accept "good enough is 
good enough", especially in light of a realistic threat assessment of 
who you're protecting yourself from, including accounting for their 
capabilities and intentions?

Smith

[toc] | [prev] | [next] | [standalone]

#14748

On Tue, 26 Aug 2025 12:23:58 -0700, NFN Smith wrote :


> I notice that PrivacyPossum isn't included here, but I don't think 
> that's an issue. I looked at that briefly recently, and while the 
> anti-fingerprinting aspect is attractive, I didn't see that it did 
> anything useful for me.

Thanks for your excellent updates, where I'll need to respond to each of
the important ones alone and individually as each is a separate topic.

As can be seen in the DIY privacy browser thread, Privacy Possum was
"attempted" but we had problems with VPN extensions on DIY privacy-based
Mozilla browsers (i.e., librefox & mullvad) so we tested the extensions on
Chromium first, where wasn't found so I gave up too early on it early on.

PrivacyPossum
https://github.com/cowlicks/privacypossum
No packages published
https://chrome.google.com/webstore/detail/privacy-possum/ommfjecdpepadiafbnidoiggfpbnkfbj
This item is not available

However, Privacy Possum is apparently alive & well for Mozilla browsers.
 <https://addons.mozilla.org/en-US/firefox/addon/privacy-possum/>
 Blocks third-party cookies
 Strips referer headers
 Spoofs browser fingerprinting attempts
 Detects and blocks ETag tracking
 Prioritizes making tracking inefficient rather than impossible

As you already astutely noted, there's overlap galore, such as
 a. Trace covers fingerprinting & ETag blocking
 b. Privacy Badger learns and blocks trackers dynamically
 c. uBlock Origin blocks tracking methods with filter lists
 d. Canvas Blocker, CthulhuJs, Font Fingerprint Defender all put together,
    they cover fingerprinting well

While those are direct analogs of what Privacy Possum does, 
 A. ClearURLs removes tracking parameters from URLs, 
    which complements Privacy Possum's goal but isn't a direct match.
 B. Decentraleyes / LocalCDN prevents CDN-based tracking by serving 
    local resources which is not part of Privacy Possum's core.
 C. Location Guard obfuscates geolocation data, which is adjacent 
    to fingerprinting but it's not a Privacy Possum direct match.
 D. WebRTC Control prevents IP leaks via WebRTC, which is important 
    for privacy but also it's not part of Privacy Possum's toolkit.

Given that, I appreciate that you brought up Privacy Possum as I was not
aware (yet) that it was available for Mozilla browsers so it's a win:win.

Much appreciated your valuable input.
I'll take the other concepts one by one when I look up the details.

[toc] | [prev] | [next] | [standalone]

#14749

Marion wrote:
e.
>>>
>> If you use Brave Browser, no adblocking add-on is needed.
> 
> My two cents... bearing in mind I never used extensions until early July
> when Epic Privacy Browser went bust... I'm building two sets of DIY privacy
> browsers where I've settled (currently) on almost a score of extensions
> (not counting VPN extensions) which are the following currently for the
> Chromium side of the family (given it was easier than the Mozilla side).

One further thought.... If you're new to Firefox, are you aware of 
LibreWolf? That one advertises itself as highly privacy-enhanced.

I haven't looked at at in detail, and I haven't seen whether it's a true 
fork of Firefox, with its own coding differences, or if it's just 
Firefox, with prefs set to maximum privacy (including bundling of 
several privacy-related extensions).  My impression is that the settings 
are strict enough that it breaks sites, enough that it takes loosening 
the settings in order to be able to use, especially for general-purpose use.

Before you get too far into building your own, see what LibreWolf is 
doing, either things you want do in your own work, or for things that 
they do that you may not have considered.

Smith

[toc] | [prev] | [next] | [standalone]

#14750

On Fri, 29 Aug 2025 12:59:53 -0700, NFN Smith wrote :


> One further thought.... If you're new to Firefox, are you aware of 
> LibreWolf? That one advertises itself as highly privacy-enhanced.
> 
> I haven't looked at at in detail, and I haven't seen whether it's a true 
> fork of Firefox, with its own coding differences, or if it's just 
> Firefox, with prefs set to maximum privacy (including bundling of 
> several privacy-related extensions).  My impression is that the settings 
> are strict enough that it breaks sites, enough that it takes loosening 
> the settings in order to be able to use, especially for general-purpose use.
> 
> Before you get too far into building your own, see what LibreWolf is 
> doing, either things you want do in your own work, or for things that 
> they do that you may not have considered.

Yes. I know about LibreFox. But thanks for suggesting it. A lot of your
suggestions were spot on target, including that there are privacy & effort
pros and cons to every decision when making the DIY browser project.

I started with LibreFox & MullVad (on Windows) in fact, since that's what
people had suggested, and I always test what people suggest and report
back, so I had done that a few weeks ago.

When I ran into problems with the VPN extensions, I switched from LibreFox
and MullVAd to Chromium browsers (Brave, Ungoogled Chromium, on Windows),
which use a different mechanism for extensions than does Mozilla, but even
then, the Chromium browsers also had (different) issues with the VPN
extensions.

So, after testing more than a dozen VPN extensions I switched to socks5
proxies (which are faster & less unreliable than the VPN extensions were),
and then I had to add proxifiers to proxify things that are not browsers,
and then I realized belatedly Mozilla does Proxies completely differently
than Chromium browsers do, etc., so it has been a long haul since July 7th
when the Epic Privacy browser went bust (and which caused all this effort).

At the moment, I only use the VPN extensions to fool YouTube into thinking
that I'm not a bot, but other than that, I'm very used to system-wide VPNs,
where the golden privacy rule is never pay for anything and never log into
anything, and never give anybody an email address or phone number, which is
easy to do if you're intelligent about it and if you know the tradeoffs,
where the "you are the product" BS is just bro science with no basis in
fact, if you're intelligent - as you're the product if you're not
intelligent - which is something else altogether after all).

Whether or not you are the product depends solely on your intelligence; not
on the cost or lack of cost of the product, just like the you get what you
pay for bro science which again, only works for dumb people because they
have no idea what they're getting so they pay too much for everything
because dumb people simply assume the more you pay the more you get. 

Dumb people will never have privacy nor will they make intelligent
decisions; the whole point of this thread is to make smart decisions.

In that regard, I saw your comments about VPNs where I understand
completely where you're coming from but I haven't responded to your other
excellent comments yet as it takers time to give a well researched answer
that benefits us both and everyone lurking (which is the goal, after all).

Anyway, the thread on the DIY browser is a work in progress over here...
 <https://alt.comp.os.windows-10.narkive.com/>

Let's see which thread it is... ok... it's this one... 
 *Tutorial: DIY build your own lightweight chromium-based privacy web browser*
  <https://alt.comp.os.windows-10.narkive.com/NJ9NwCcL/tutorial-diy-build-your-own-lightweight-chromium-based-privacy-web-browser>

[toc] | [prev] | [standalone]

Back to top | Article view | alt.comp.software.firefox

csiph-web