Is this a common thing? I have just recently installed the extension, so I am not sure if there are a lot of other websites who do it.
Since looking into it, I noticed that uBlock Origin already has the default list "Block Outsider Intrusion into LAN" but it wasn't enabled.
It actually makes sense to have a paid service that makes this abomination less painful. Though they work with VFS Global for collecting the applications and relevant documents, the VFS Global itself is an abomination and doesn't help with the handling of the form filling anyway.
Recently EU streamlined the Schengen visa application process for Turkish citizens as those "visa agencies" that are the official agencies and the only way to apply for a visa for many countries don't actually help with anything and are scamming people by selling the "good hours" for the visa appointment on the black market. An agency was dropped for this and the scams by agencies were listed among the reasons to streamline the application process.
Both with US and EU people are losing scholarships etc. due to outrageous wait times that are sometimes are years ahead or there's an issue with the systems handling the applications.
I guess there must be an opportunity there to fix all this together with smaller stuff like handling transliteration and character encodings, I wonder if some of those scam site are not scams and actually help with it. An AI agent can be useful here.
These random logouts happens more frequently during certain times of the day and seems to follow a semi-predictable pattern. It is almost certainly tied to system load in some way.
Also, the site's HTML and JavaScript are bloated beyond hope for what should be a fairly simple set of web forms. And itnhas been thisnway since at least 2018 with exactly zero improvements.
That's probably because of the fact that the appointments are near impossible to get, they only allow booking a few months out and it's always completely booked. So everyone was refreshing (or if clever botting) to get an appointment slot.
Even if the US has a horrible visa system – as I can attest, despite only having to do it every 5 years – the EU countries could benefit from attracting talent by being more welcoming. So that is part of my mission as an MP and tech-entrepreneur. Any help and pointers is welcome.
No clue if this specific instance if scam but such scams have indeed been done before
https://www.bbc.com/news/articles/cdr56vl410go
> According to Ablakwa, a locally recruited staff member and "collaborators" were allegedly involved in a "fraudulent" scheme whereby they extracted money from visa and passport applicants.
> It is alleged that the scheme consisted of creating an unauthorised link on the embassy's website to redirect visa and passport applicants to a private firm where they were "charged extra for multiple services" without the knowledge of the foreign ministry.
> Ablakwa added that the staff member "kept the entire proceeds" in their private account, and that the scheme had been going on for five years.
> Applicants seeking visas were charged unapproved fees ranging from almost $30 (£22) to $60 by the private firm.
The "waterfall model" is a toxic way of thinking that pervades corporate management. Simplistic minds can't fathom any states other than "done" or "not done". Corporations are determined to crush the human soul. That is why it's not a progressive series of forms, saving your progress all along.
It would be good if the Indian government could block the scammers but I guess it’s a lower priority for the moment.
So obviously the only way they could to this is with government contacts meaning the government themselves could already do it, but a lot of immigration stuff everywhere is full of people taking kickbacks.
it's one hundred per cent clueless privacy invasion. they are probably also opening ports via other means and using that for side channel ID like Facebook does.
just like any other documentation scam, the only weak point is on the "last mile" that's why you will always have a human interviewer.
the visa process is abusive and unpractical because people will work around any hurdle and their kpi will never be affected no matter how crappy they manage to make to whole process. or how many doge kids implement useless privacy invasion tech just because.
Never knew that this existed. Thank you!
One popular router maker offers a ‘magic URL’ (domain name) that scans your network for the gateway management page, and redirects. It’s not necessary, but it certainly helps novice users. Having worked in IT support,
I’ve also purchased hardware devices that have a web management UI; which connects directly instead of proxying through a cloud.
Ultimately this is probably one thing that should be behind a permission request (like webcam access), but it’s not a feature without value.
Using uMatrix was very annoying at first, most websites are broken without their CDNs, but after a few months or so, the whitelist grew and it contains 90% of websites I visit.
On my system https://ceac.state.gov/genniv/ tries to connect to captcha.com, google-analytics, googletagmanager, 127.0.0.1 and "burp" (a local hostname that doesn't exist in my network). Interestigly, the browser console doesn't list connection attempts to localhost or burp. If I allow 127.0.0.1 and "tcpdump -i lo", I see connections to port 8888, which isn't open.
This is a container that FB gives you to host that lives under your domain (it can be your main domain) that slurps up user data and sends it to Facebook from the server side. You embed some JS in your website, and they hoover up the data.
There are options to not load JS, images, XMLHttpRequests, frames, cookies, for each site, but it doesn't list individual files.
That will be this burp: https://portswigger.net/burp/documentation/desktop/tools/pro...
Sounds like they don't want you to analyze their site.
For those who want to try blocking more stuff you can enable hard mode and bind relax blocking mode keyboard shortcut
I'd recommend also enabling filter lists(I advice yokoffing/filterlists and your region/language)
https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-m...
Besides, uMatrix works fine. It's that kind of program that doesn't need any updates.
If you're on OSX, the permission to "discover on the local network" prevents it from happening ( System Settings -> Privacy & Security -> Local Network -> yourbrowser )
Could also be 'network' permissions on firefox ( Go to Settings > Privacy & Security > Permissions ) which is on a per site level, but iirc that could be set site-wide at some point.
The other browsers likely have similar configs, but this is what I have found.
But I found what "burp" is: https://portswigger.net/burp/communitydownload
It's insane to allow any random website to port scan my LAN. If this wasn't a "feature", I would have considered this a high severity vulnerability
(There is some language online suggesting PNA has not actually shipped, but I experienced it myself in stable Chrome several years ago, so I am unsure of the current state).
Firefox doesn't implement either approach -- I assume this is indicative of their lack of development resources.
Since ublock had this as a feature for a long time, I'm sure they are aware of it. Unlike other non funded oss projects, Firefox can't and shouldn't shield themselves with this lack of development resource excuse. They have millions.
"Hacks and Hops" doesn't even have a valid home page. The extension links to https://g666gle.me/ which does not exist. The domain name itself does not want to make me give access to all my data for all websites to them.
As nice as this extension seems, I would ever in a million years install it.
1MB of obfuscated fingerprinting + portscan + Webgl . But oddity this one is trying to find burp suite specific route's.
Are you seeing connection attempts to other IPs?
Could also be incompetence :D until I fixed it, deploying from my local machine rather than CD resulted in one of the baked in URLs being localhost rather than the public host on the project I'm working on now. Their local development server might just be at port 8888. Wouldn't surprise me.
https://my.f5.com/manage/s/article/K000138794
> These requests are caused by the bot profile to test the different browser capabilities.
> 'http://127.0.0.1:xxxx' request is a call to the localhost/client machine, which is normal when trying to protect assets like end-server using ant-bot defense. It does not have any impact regarding application page load.
Remember back in June when Facebook/meta got caught tracking users trough a webserver on Android phone thought Messenger and Instagram? Same thing.
See: https://news.ycombinator.com/item?id=44169115 and https://news.ycombinator.com/item?id=44175940
Although, from personal experience, it used to require java and it worked only on internet explorer and since it has been retired and replaced with chromium, i am not sure what is the way to make it work nowadays, as i have not been able to figure out to use it when i needed the last time.
https://www.digitalsamba.com/blog/metas-localhost-spyware-ho...
When I visit the site from Safari on macOS I see this in the console. Are there any particular services that use port 8888 for the website to do this?
It seems to be part of some "bot defense" product by these F5 people, to "test the different browser capabilities". I doubt it's intended to hit a real endpoint on any system.
There is also a lot of fingerprintable material within such a port scan from clock skew, TCP ISN, and a few other areas.
You can sieve this quite easily with this available, thanks to Roku's, Phone's, and other things doing this while just sitting locally in a shared collision domain (a digital soldier quartered in every home).
The metadata node graph of devices locally acts as a unique fingerprint once in RFC1918 space, technically not unique but close enough.
How does that work? A browser extension can't influence how your router and other machines in your network react to incoming requests.
* uBlock Origin and Lite have it as an option under Filter List > Privacy > Block Outsider Intrusion into LAN
* Brave prevents it, tested with Aggressively block Trackers and Ads.
Also I wonder if this protection is available only with old extension manifest version or new network request hooks API also supports it.
Like a less sophisticated Tor/VPN that is easily detected by port scans
If you did not go into the details, chances are that when you will, this will turned out to be a false positive case.
If you did, where are the evidence?
I will give it a try and see what happens and if I see anything I will add it here.
SO, I guess that is going to be used on all my firefox runs.
To be serious, this has introduced me to sandboxing on BSD via pledge [0] and comparisons against Linux seccomp [1] - thank you!
[0] https://news.ycombinator.com/item?id=17289654
[1] https://kristaps.bsd.lv/devsecflops/ (submission by same poster at https://news.ycombinator.com/item?id=44264021)
It looks useful and looks good, there's minimal unneeded whitespace and I'm glad it looks as it does. We'd be better off if the entire web switched to a style like this.
In the 90s and early 00s, we did tons of user-testing and feedback collection. We threw all that research away to create UX's that are minimal and "sleek". Tons of unnecessary whitespace and the concept of "Discovery" just thrown into the dumpster. Skeuomorphism was one of the greatest features of 90s-00s software, ironically thrown away as computers got faster and were able to handle the graphics better.
So much better.
Modern web design is a joke.
I might create a login for a porn site so that I can have some favorite videos bookmarked and it can figure out the type of material I like. That doesn't mean I want my history saved locally.
I remember years back when people would run these firewalls and we'd get complaints from home users about normal traffic.
Thinks like complaints our mail servers was scanning them on port 25 when they sent email.
