diff --git a/4.1-Extensions.md b/4.1-Extensions.md index bd41c05..f431fc8 100644 --- a/4.1-Extensions.md +++ b/4.1-Extensions.md @@ -57,10 +57,10 @@ These extensions will not mask or alter any data sent or received, but may be us * Neat URL, ClearURLs - Redundant with uBlock Origin's [`removeparam`](https://github.com/gorhill/uBlock/wiki/Static-filter-syntax#removeparam) * HTTPS Everywhere - - Scheduled for [deprecation](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) and redundant with [HTTPS-Only Mode](https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/) + - Redundant with [HTTPS-Only Mode](https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/) and scheduled for [deprecation](https://www.eff.org/deeplinks/2021/09/https-actually-everywhere) * CSS Exfil Protection - Practically zero threat and if the platform's CSS was compromised, you'd have bigger problems to worry about -* Decentraleyes, LocalCDN +* LocalCDN, Decentraleyes - Third parties are already isolated if you use [Total Cookie Protection](https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/) (dFPI) or FPI - Replacing scripts on CDNs with local versions is not a comprehensive solution and is a form of [enumerating badness](https://www.ranum.com/security/computer_security/editorials/dumb/). While it may work with some scripts that are included it doesn’t help with most other third party connections - CDN extensions don't really improve privacy as far as sharing your IP address is concerned and their usage is fingerprintable as this Tor Project developer [points out](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/22089#note_2639603). They are the [wrong tool](https://en.wikipedia.org/wiki/XY_problem) for the job and are not a substitute for a good VPN or Tor Browser. Its worth noting the [resources](https://git.synz.io/Synzvato/decentraleyes/-/tree/master/resources) for Decentraleyes are hugely out of date and would not likely be used anyway