From 26b2af179303dd4219d1d563504ea25a80b00c86 Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Sun, 20 Oct 2024 21:42:57 +0000 Subject: [PATCH] Updated 4.1 Extensions (markdown) --- 4.1-Extensions.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/4.1-Extensions.md b/4.1-Extensions.md index e12f837..3c3cc76 100644 --- a/4.1-Extensions.md +++ b/4.1-Extensions.md @@ -77,7 +77,7 @@ These extensions will not mask or alter any data sent or received, but may be us * LocalCDN, Decentraleyes - Third parties are already partitioned if you use [Total Cookie Protection](https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/) (dFPI) - Replacing _some version specific_ scripts on CDNs with local versions is not a comprehensive solution and is a form of [enumerating badness](https://www.ranum.com/security/computer_security/editorials/dumb/). While it may work with some scripts that are included it doesn’t help with most other third party connections - - CDN extensions don't really improve privacy as far as sharing your IP address is concerned and their usage is fingerprintable as this Tor Project developer [points out](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22089#note_2639603). They are the [wrong tool](https://en.wikipedia.org/wiki/XY_problem) for the job and are not a substitute for a good VPN or Tor Browser. Its worth noting the [resources](https://git.synz.io/Synzvato/decentraleyes/-/tree/master/resources) for Decentraleyes are over three years out of date and would not likely be used anyway + - CDN extensions don't really improve privacy as far as sharing your IP address is concerned and their usage is fingerprintable as this Tor Project developer [points out](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22089#note_2639603). They are the [wrong tool](https://en.wikipedia.org/wiki/XY_problem) for the job and are not a substitute for a good VPN or Tor Browser. Its worth noting the [resources](https://git.synz.io/Synzvato/decentraleyes/-/tree/master/resources) for Decentraleyes are over six years out of date and would not likely be used anyway * Cookie extensions - ❗️Sanitizing in-session is a false sense of privacy. [They do nothing for IP tracking](https://educatedguesswork.org/posts/traffic-relaying/). Even Tor Browser does not sanitize in-session e.g. when you request a new circuit. A new ID requires _both_ full sanitizing _and_ a new IP. The same applies to Firefox - ❗️Cookie extensions can lack APIs or implementation of them to properly sanitize