Page 6 of 7 FirstFirst ... 4567 LastLast
Results 51 to 60 of 65
  1. #51
    Untangle Ninja f1assistance's Avatar
    Join Date
    Apr 2009
    Location
    Holly Springs, NC
    Posts
    1,495

    Default

    FWIW, I know there are a lot bigger hills (than eBay's script) to fight on. If one is not comfortable using what comes with the services of any business. DON'T!
    Everything has a price and we usually get exactly what's paid for...in one way or another. :-J
    I believe I've posted my boycott list in this forum in the past, which displays companies who contribute to the economics of supply and demand with a "price" too high for my liking, so I DON'T!
    Last edited by f1assistance; 05-27-2020 at 01:44 PM.
    Vanguard Untangle...because nothing's worse than doing nothing!
    -------
    2, Pentium (R) Dual-Core CPU E5300 @ 2.60GHz 2599.968, 2089.96MB RAM
    And building #7 didn't kill itself!

  2. #52
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Default

    And here is another site to flag in [Block Site] for visibility
    Code:
    ebay-us.com
    ebay-us.png

  3. #53
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Default

    Quote Originally Posted by f1assistance View Post
    FWIW, I know there are a lot bigger hills (than eBay's script) to fight on. If one is not comfortable using what comes with the services of any business. DON'T!
    Everything has a price and we usually get exactly what's paid for...in one way or another. :-J
    I believe I've posted my boycott list in this forum in the past, which displays companies who contribute to the economics of supply and demand with a "price" too high for my liking, so I DON'T!
    Agreed 100%

    This was just a fun dive into the deep end on some Twitter Chatter.

    Armshouse likes this.

  4. #54
    Master Untangler
    Join Date
    Apr 2020
    Location
    United Kingdom
    Posts
    132

    Default

    OK, so apologies in advance if my terminology isn't quite right on this next bit - feel free to educate me!

    Since it looks like Untangle or most any other NGFW/UTM would struggle with this sort of browser based activity, what about limiting the scope of useful information that eBay or whoever could glean? I've heard of endpoint AV software that will launch a browser in a sandbox to limit escapes to the host OS, would that make any difference to results the website doing the scanning would see? ie if I was running a FTP server on port 21 and visited said site from a sandboxed browser, would the js still say that 21 was open?

    Or what is your take on running a lightweight VM just to surf the net? In theory, you could boot up a clean instance every time you went online so that cookies etc wouldn't persist. Is that a way to throw eBay or others off any meaningful scent? Personally, I'm not that worried or paranoid just yet

  5. #55
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Default

    Yeah, you are on the right track. Just behaving a little differently helps, usually.

    I was going to exclaim early on in this expedition: "I am ready to buy a Chromebook to do my browsing on, and lock everything else down!".

    Almost.
    Last edited by Jim.Alles; 05-27-2020 at 01:56 PM.

  6. #56
    Untangle Ninja
    Join Date
    Feb 2016
    Posts
    1,135

    Default

    Quote Originally Posted by Jim.Alles View Post
    Agreed to both items. The .js script my rule detected was with SSL inspector enabled.
    Like before, I'm not insisting my test results are definitive, but you'd be doing me a favor if you'd help me understand where my test procedure is going awry. SSL Inspector is disabled.

    Attachment 10246
    Attachment 10247
    Attachment 10248

  7. #57
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Default

    You're not going to be able to inspect the URL, with SSL Inspector disabled.

    All of this Javascript comes from a script file at a URL like this one:
    https://src.ebay-us.com/fp/check.js?org_id=usllpic0&session_id=2398b023c098a9873ec798e
    The HTTPS request is encrypted at the browser.
    Last edited by Jim.Alles; 05-27-2020 at 02:49 PM. Reason: gaaah

  8. #58
    Untangle Ninja
    Join Date
    Feb 2016
    Posts
    1,135

    Default

    I’m totally lost. The script doesn’t show up at the browser, per my last two screen shots. I’m trying to interpret that fact.

  9. #59
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,469

    Default

    Oh, I haven't caught it in the wild, either. The Loch Ness monster!

    (the two screen shots can't be opened, I guess they are thumbnails only, couldn't tell where they came from. The forum website has been acting strangely.)
    Last edited by Jim.Alles; 05-27-2020 at 03:13 PM.
    If you think I got Grumpy

  10. #60
    Untangle Ninja f1assistance's Avatar
    Join Date
    Apr 2009
    Location
    Holly Springs, NC
    Posts
    1,495
    Vanguard Untangle...because nothing's worse than doing nothing!
    -------
    2, Pentium (R) Dual-Core CPU E5300 @ 2.60GHz 2599.968, 2089.96MB RAM
    And building #7 didn't kill itself!

Page 6 of 7 FirstFirst ... 4567 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2