The Strange abd Mysterious World of Win10 Updates

On Thu, 10 Sep 2020 07:33:53 -0700, Ken Blake
wrote:

On 9/10/2020 5:33 AM, John wrote:
On Wed, 9 Sep 2020 16:37:44 -0700, Ken Blake
wrote:

On 9/9/2020 3:25 PM, John Doe wrote:

Does anybody on a PC actually use a Microsoft browser nowadays?


I don't (I greatly prefer FireFox), but *many* people use Edge. They use
Edge because it's the default in Windows 10, and they either don't know
they have a choice or are to lazy to change from the default.

My sister is one of the former. She's not entirely sure what a
"browser" is. Nor, really, does she understand file systems, storage,
RAM or hard drives. Her only save space is her desktop so she loses
stuff when Win-ten tidies up.

She is, however and unfortunately, a bloody wizard at clicking on
things in emails so browser "helper" objects get installed.


My wife is one of those who use Edge. I've tried to convince her that
Edge is terrible, FireFox is much better, and she should change, but she
won't. I don't understand why.

Maybe because "it doesn't work right", or "it's not THE INTERNET" or
it's not the clicky in the top left corner with the big "E". Perhaps
if you changed the icon for FF to the one Edge uses, replaced the Edge
icon's position with FF and labeled FF's title header as "THE
INTERNET" she might like it more.

Your wife doesn't sound *stupid*, just reluctant to change. This is
not a rare thing. If she doesn't know she's had a change done, she may
grow to like it.

You could even tell her the "new Edge" is an update from Mickey.
There's a small chance that she'll accept this if she doesn't poke
about too much.



Every now and then I have to go on her computer to do something for her,
and if I have to go onto the web, I have to use Edge. I hate it.

So maybe you could install FF as an additional choice but don't tell
her? Then you could use it but wifey doesn't need to know it's even
there.

You may put a *FOLDER* on her desktop called "Tools" and put inside
it all of the icons for the tools you use. You could even put inside
it a PortableApps starty icon and keep your browser on a USB stick.
That way, even your colour schemes, favourites and security settings
travel with you between machines.


I forgot to mention that I don't have any colour schemes or favourites.
I'm in the USA, and none of us here have those. ;-)

Someday, when we have Statesmen in charge instead of damned
politicians, England will conquer the world, including USAlia and
teach all of those furriners English so we can all communicate with
one another.

...

...

...

Oh ...

Wait ... ........

J.

On 10/09/2020 02:05, VanguardLH wrote:
VanguardLH wrote:
Correction - sometimes my fingers don't do what I intend them to do

John Doe wrote:

Does anybody on a PC actually use a Microsoft browser nowadays?

___ Once
V
One Microsoft switched to the Blink rendering engine (changed from
EdgeHTML to Chromium), I didn't need to keep Google Chrome on my system.
The rendering engine was the same in both web browser, but Chromium Edge
^__ browsers
has a couple more security settings that are missing from Google Chrome.
So, Chromium Edge became my secondary web browser. Firefox is my
primary web browser.

Summary:
- Uninstalled Google Chrome along with the mandatory remnant file &
registry cleanup.
- Configured Chromium Edge similar to Google Chrome.
- Installed most of the same extensions into Chromium Edge that were
used with Google Chrome. Some were not needed in Chromium Edge which
included some features missing in Google Chrome.
- Like Google Chrome, Chromium Edge is the backup/secondary web browser.
- Firefox remains the primary web browser.


I had been looking for a motivation to do just that - uninstall Google
Chrome - and your post has finally pushed me to do so. Chromium Edge is
faster than Google Chrome, and just as good as a backup browser. Amen to
Firefox as a primary browser.

I would be interested in your take on 'Edge' as a browser
(https://epicbrowser.com/), with a built-in VPN. I have been using it
for a while access those sites where national borders still matter e.g.
BBC, www.cc.com etc.

On 11/09/2020 09:39, occam wrote:
On 10/09/2020 02:05, VanguardLH wrote:
VanguardLH wrote:
Correction - sometimes my fingers don't do what I intend them to do

John Doe wrote:

Does anybody on a PC actually use a Microsoft browser nowadays?

___ Once
V
One Microsoft switched to the Blink rendering engine (changed from
EdgeHTML to Chromium), I didn't need to keep Google Chrome on my system.
The rendering engine was the same in both web browser, but Chromium Edge
^__ browsers
has a couple more security settings that are missing from Google Chrome.
So, Chromium Edge became my secondary web browser. Firefox is my
primary web browser.

Summary:
- Uninstalled Google Chrome along with the mandatory remnant file &
registry cleanup.
- Configured Chromium Edge similar to Google Chrome.
- Installed most of the same extensions into Chromium Edge that were
used with Google Chrome. Some were not needed in Chromium Edge which
included some features missing in Google Chrome.
- Like Google Chrome, Chromium Edge is the backup/secondary web browser.
- Firefox remains the primary web browser.


I had been looking for a motivation to do just that - uninstall Google
Chrome - and your post has finally pushed me to do so. Chromium Edge is
faster than Google Chrome, and just as good as a backup browser. Amen to
Firefox as a primary browser.

Epic (not Edge)
¦
I would be interested in your take on 'Edge' as a browser
(https://epicbrowser.com/), with a built-in VPN. I have been using it
for a while access those sites where national borders still matter e.g.
BBC, www.cc.com etc.

occam wrote:

I had been looking for a motivation to do just that - uninstall Google
Chrome - and your post has finally pushed me to do so. Chromium Edge
is faster than Google Chrome, and just as good as a backup browser.
Amen to Firefox as a primary browser.

I would be interested in your take on 'Edge' as a browser
(https://epicbrowser.com/), with a built-in VPN. I have been using it
for a while access those sites where national borders still matter
e.g. BBC, www.cc.com etc.

I remember reviewing Epic about 1-2 years ago. Nothing there that lured
me into using it. Most customized web browser, like the Tor Browser,
are simply a bunch of tweaks to Firefox before you get it (to tweak
further). All the "security" settings of those specialty security web
browsers you can do yourself -- if you don't mind losing functionality
or unexpected behavior. I really don't need someone else tweaking
Firefox for me. If I want to browse in private mode, I can choose that
in Firefox. If I want to always browse in private mode, yep, that's a
tweak in Firefox ("never remember history" aka "always use private
browsing mode"). In fact, I'm not that concerned about being inprivate
between different session IDs in Firefox (separate Firefox windows each
with its own session ID to make them look unique). I just configure
Firefox to purge EVERYTHING on its exit. I might be tracked during a
browser session, but then I don't leave the browser loaded all the time.
I use it, and then exit when I'm done instead of leaving it running in
the background all the time. That's for both the desktop Firefox and
the Android Firefox (which has a 'quit' option in its menu to let me
unload the web browser instead of letting Android leaving it loaded in
the background until that memory is needed).

You want to use a VPN so no one can see to where you visit. There are
public VPNs for that (although some restrict content to reduce
bandwidth). You are relying on someone else to keep your visited sites
a secret, whether it be Epic's or Opera's VPN, or some other VPN
service. Regardless of what they claim for privacy policies, you have
to hope they honor those policies. You hope the VPN protects your
privacy, but basicially you assigning someone else that roll. Same with
Tor: you hope you don't get the same operator of the entry and exit
nodes since that lets them track who you are and where you're going.
The FBI operates many Tor nodes (but then it was their project), and has
mapped many Tor nodes (there's even a Tor mapping project). Just
because you're using Tor, Epic's VPN, Opera's VPN, ProtonVPN, or any VPN
service doesn't mean you'll get around regional restrictions at sites.
Most of the exit nodes are known, there are blacklists, so you'll get
blocked just like you got regionally blocked.

As for keeping a search engine from knowing what you looked up, don't do
direct searches at Google or Bing. For most searches, I don't care what
Google knows that I searched on. I do find their tracking hyperlinks a
bit of a nuisance: when you click on a search hit, the URL points back
to Google, so they can gather telemetry, which the redirects you to the
target site. If I don't want Google to know on what I'm searching, I
use Startpage. It still uses Google's search, but Google sees Startpage
doing the search, and the search results are deobfuscated, so they no
longer point to Google (and then get redirected from their server), but
instead the search result URLs point directly to the target site.
Startpage even has an "Anonymous View" link next to each search hit.
When you click that, you go to the target site but through Startpage's
own VPN, so the target site doesn't see your IP address. They obviously
are not as robust as, say, ProtonVPN, but it can be handy. While
Startpage gets the search results from Google, they filter out the
ad-sponsored results that you see at Google.

Some folks like DuckDuckGo, but its search includes ad-sponsored
results. Startpage is homed in the Netherlands. DuckDuckGo is in the
USA, a 5-Eyes country (https://en.wikipedia.org/wiki/Five_Eyes), so DDG
could get an NSL (National Security Letter) that gags them revealing
that their operations have been co-opted to log their search per a
court-ordered warrant. There's what they claim for privacy, and then
there's what they can be legally twisted to do, and are gagged from
telling anyone about it. That they don't normally collect logs doesn't
mean they can't be forced to do so. Also, DDG doesn't have the VPN
links as in Startpage. I do wish both had the "Cached" link that Google
has, so to view a cached version of a web page (because the site is
down, or you don't want to connect to the site to see what their web
page looks like) rather than me using web.archive.org to see what a site
looked like before they went down.

As for Epic, its built-in adblocker is acceptable, but not as robust as,
say, uBlock Origin (uBO) with all the blacklists to which it can
subscribe. Plus, Epic will deliberately no block some ad sources. Last
I heard, the number of extensions supported by Epic is limited. Their
claim is that many extensions have security issues. When I attempt to
visit https://epicbrowser.com/webstore/, nothing is listed. Apparently
they won't show to non-Epic visitors what add-ons are available for
Epic.

I've never cared about anyone tracking to where I go, only about the
content in the web traffic. As long as I connect using HTTPS, my ISP
can see to where I go but not look at the communication.

You might want to test for VPN leaks, like DNS tracking. If the VPN is
not secreting your DNS traffic then your ISP (or whomever you use for
your DNS server) can see to where you visit. I use Firefox with its
"DNS over HTTPS" (aka DoH) feature.

https://en.wikipedia.org/wiki/DNS_over_HTTPS

For general web-centric apps, they will use the DNS specified in my IPv4
and IPv6 settings: Cloudflare first (1.1.1.1), Google 2nd (8.8.8.8), and
my cable modem's DNS server (10.0.0.1) which passes the DNS requests to
the upstream DNS server (my ISP's DNS server) but has some caching to
mostly be faster than directly specifying my ISP's DNS server as the 3rd
choice. Same for the IPv6 configuration. But Firefox will use the DNS
config defined in it, which is to use Cloudflare's DoH service. So, my
ISP can see to which DNS server my web client is connecting, but not the
DNS requests to that server. They see my DNS requests going to
Cloudflare, but they don't see for which hostnames my client is asking
for an IP lookup.

With HTTPS connects, my ISP nor anyone else can see the content of my
web traffic. With DNS over HTTPS, my DNS requests are no longer sent in
the clear for anyone to see. My ISP can, however, still interrogate my
packets to see to where I connect, but I don't need to hide that
information. I'm not doing anything illegal or even compromizing that I
have to care about anyone seeing to where I connect.

The only time I used a VPN was when remotely connecting to my work's
corporate network from home to work from home. If I connect to their
public interface, I hit a lot of restrictions, especially regarding to
which hosts to which I can connect. Their VPN (and not just any public
VPN) lets me connect past their DMZ to get to the hosts where I do my
remoted work, so it's the same permissions as if using my workstation at
work on the corporate network. There was a lote more security involved
in setting up and using their VPN than just using some public-facing VPN
to secrete to where I visit, or to lie where I am by using an exit node
in a different region.

Sorry, but if a site is restricting content by region, I don't bother to
circumvent their regional censoring. In most cases, I can find the same
information elsewhere. I'm not a sports fanatic, so I don't need to see
some game that's restricted to access within a region. Actually I wish
I could remove the entries from the show schedule shown by my TV box to
my ISP's cable TV service to eliminate all the sports channels, along
with all the other channels they show to which I'm not subscribed in my
service tier with them.

If I wanted to use a VPN to circumvent regional restrictions on content,
I wouldn't rely on those inbuilt to Epic or Opera. They don't operate a
worldwide mesh network of entry and exit nodes, so you'll be
disappointed in them not letting you lie as to where you are. You need
a much more robust VPN service, especially one that lets you select the
entry node (in case you're worried about being in a 5-Eyes country)
along with selecting the exit node (to choose which region you want to
appear to be originating), like ProtonVPN which has a free service tier
but it's too limp, so you'll want their paid service tier.

On 11/09/2020 11:42, VanguardLH wrote:
occam wrote:

I had been looking for a motivation to do just that - uninstall Google
Chrome - and your post has finally pushed me to do so. Chromium Edge
is faster than Google Chrome, and just as good as a backup browser.
Amen to Firefox as a primary browser.

I would be interested in your take on 'Edge' as a browser
(https://epicbrowser.com/), with a built-in VPN. I have been using it
for a while access those sites where national borders still matter
e.g. BBC, www.cc.com etc.

I remember reviewing Epic about 1-2 years ago. Nothing there that lured
me into using it. Most customized web browser, like the Tor Browser,
are simply a bunch of tweaks to Firefox before you get it (to tweak
further). All the "security" settings of those specialty security web
browsers you can do yourself -- if you don't mind losing functionality
or unexpected behavior. I really don't need someone else tweaking
Firefox for me. If I want to browse in private mode, I can choose that
in Firefox. If I want to always browse in private mode, yep, that's a
tweak in Firefox ("never remember history" aka "always use private
browsing mode"). In fact, I'm not that concerned about being inprivate
between different session IDs in Firefox (separate Firefox windows each
with its own session ID to make them look unique). I just configure
Firefox to purge EVERYTHING on its exit. I might be tracked during a
browser session, but then I don't leave the browser loaded all the time.
I use it, and then exit when I'm done instead of leaving it running in
the background all the time. That's for both the desktop Firefox and
the Android Firefox (which has a 'quit' option in its menu to let me
unload the web browser instead of letting Android leaving it loaded in
the background until that memory is needed).



VPN stuff


As for keeping a search engine from knowing what you looked up, don't do
direct searches at Google or Bing. For most searches, I don't care what
Google knows that I searched on. I do find their tracking hyperlinks a
bit of a nuisance: when you click on a search hit, the URL points back
to Google, so they can gather telemetry, which the redirects you to the
target site. If I don't want Google to know on what I'm searching, I
use Startpage.

Yes, Startpage on my Firefox is my default search platform.


search engines


As for Epic, its built-in adblocker is acceptable, but not as robust as,
say, uBlock Origin (uBO) with all the blacklists to which it can
subscribe. Plus, Epic will deliberately no block some ad sources. Last
I heard, the number of extensions supported by Epic is limited. Their
claim is that many extensions have security issues. When I attempt to
visit https://epicbrowser.com/webstore/, nothing is listed. Apparently
they won't show to non-Epic visitors what add-ons are available for
Epic.

I have had a look at the Epic store (via Epic). I see 7 addons, although
uBlock Origin is not one.

What do *you* see here?
https://epicbrowser.com/webstore/?hl=en-GB


I've never cared about anyone tracking to where I go, only about the
content in the web traffic. As long as I connect using HTTPS, my ISP
can see to where I go but not look at the communication.

You might want to test for VPN leaks, like DNS tracking. If the VPN is
not secreting your DNS traffic then your ISP (or whomever you use for
your DNS server) can see to where you visit. I use Firefox with its
"DNS over HTTPS" (aka DoH) feature.

https://en.wikipedia.org/wiki/DNS_over_HTTPS

For general web-centric apps, they will use the DNS specified in my IPv4
and IPv6 settings: Cloudflare first (1.1.1.1), Google 2nd (8.8.8.8), and
my cable modem's DNS server (10.0.0.1) which passes the DNS requests to
the upstream DNS server (my ISP's DNS server) but has some caching to
mostly be faster than directly specifying my ISP's DNS server as the 3rd
choice. Same for the IPv6 configuration. But Firefox will use the DNS
config defined in it, which is to use Cloudflare's DoH service. So, my
ISP can see to which DNS server my web client is connecting, but not the
DNS requests to that server. They see my DNS requests going to
Cloudflare, but they don't see for which hostnames my client is asking
for an IP lookup.

With HTTPS connects, my ISP nor anyone else can see the content of my
web traffic. With DNS over HTTPS, my DNS requests are no longer sent in
the clear for anyone to see. My ISP can, however, still interrogate my
packets to see to where I connect, but I don't need to hide that
information. I'm not doing anything illegal or even compromizing that I
have to care about anyone seeing to where I connect.

The only time I used a VPN was when remotely connecting to my work's
corporate network from home to work from home. If I connect to their
public interface, I hit a lot of restrictions, especially regarding to
which hosts to which I can connect. Their VPN (and not just any public
VPN) lets me connect past their DMZ to get to the hosts where I do my
remoted work, so it's the same permissions as if using my workstation at
work on the corporate network. There was a lote more security involved
in setting up and using their VPN than just using some public-facing VPN
to secrete to where I visit, or to lie where I am by using an exit node
in a different region.

Sorry, but if a site is restricting content by region, I don't bother to
circumvent their regional censoring. In most cases, I can find the same
information elsewhere. I'm not a sports fanatic, so I don't need to see
some game that's restricted to access within a region. Actually I wish
I could remove the entries from the show schedule shown by my TV box to
my ISP's cable TV service to eliminate all the sports channels, along
with all the other channels they show to which I'm not subscribed in my
service tier with them.

If I wanted to use a VPN to circumvent regional restrictions on content,
I wouldn't rely on those inbuilt to Epic or Opera. They don't operate a
worldwide mesh network of entry and exit nodes, so you'll be
disappointed in them not letting you lie as to where you are. You need
a much more robust VPN service, especially one that lets you select the
entry node (in case you're worried about being in a 5-Eyes country)
along with selecting the exit node (to choose which region you want to
appear to be originating), like ProtonVPN which has a free service tier
but it's too limp, so you'll want their paid service tier.



Thank you for that informative and epic response (pun intended).