In Devuan Daedalus, updating from firefox-esr 128.3.0esr-1~deb12u1
to 128.3.1esr-1~deb12u1 appears to have broken the media autoplay
setting, as measured by YouTube ads playing immediately after page
load, even though media autoplay is turned off (except for a couple
of about:welcome* "sites".

In an attempt to workaround the apparent (and possibly deliberate)
bug and following this page

https://connect.mozilla.org/t5/discussions/firefox-dont-block-video-play-even-if-autoplay-is-prohibited/m-p/49998

I have these settings in about:config:

dom.media.autoplay-policy-detection.enabled true media.autoplay.allow-extension-background-pages false media.autoplay.block-event.enabled false media.autoplay.blocking_policy 1
media.autoplay.default 5
media.autoplay.enabled false services.sync.prefs.sync.media.autoplay.default false

Even with that, YouTube ads play without warning.

Are there any known workarounds (other than switching to another
browser?)

Thanks.

--
Robert Riches
spamtrap42@jacob21819.net
(Yes, that is one of my email addresses.)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/13/24 12:00 AM, Robert Riches wrote:

In Devuan Daedalus, updating from firefox-esr 128.3.0esr-1~deb12u1
to 128.3.1esr-1~deb12u1 appears to have broken the media autoplay
setting, as measured by YouTube ads playing immediately after page
load, even though media autoplay is turned off (except for a couple
of about:welcome* "sites".

In an attempt to workaround the apparent (and possibly deliberate)
bug and following this page

https://connect.mozilla.org/t5/discussions/firefox-dont-block-video-play-even-if-autoplay-is-prohibited/m-p/49998

I have these settings in about:config:

dom.media.autoplay-policy-detection.enabled true media.autoplay.allow-extension-background-pages false media.autoplay.block-event.enabled false media.autoplay.blocking_policy 1 media.autoplay.default 5 media.autoplay.enabled false services.sync.prefs.sync.media.autoplay.default false

Even with that, YouTube ads play without warning.

And you think that's an "error" ? :-)

Are there any known workarounds (other than switching to another
browser?)

Thanks.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 13 Oct 2024 04:00:31 GMT, Robert Riches <spamtrap42@jacob21819.net>
wrote:

In Devuan Daedalus, updating from firefox-esr 128.3.0esr-1~deb12u1
to 128.3.1esr-1~deb12u1 appears to have broken the media autoplay
setting, as measured by YouTube ads playing immediately after page
load, even though media autoplay is turned off (except for a couple
of about:welcome* "sites".

In an attempt to workaround the apparent (and possibly deliberate)
bug and following this page

https://connect.mozilla.org/t5/discussions/firefox-dont-block-video-play-even-if-autoplay-is-prohibited/m-p/49998

I have these settings in about:config:

dom.media.autoplay-policy-detection.enabled true >media.autoplay.allow-extension-background-pages false >media.autoplay.block-event.enabled false >media.autoplay.blocking_policy 1 >media.autoplay.default 5 >media.autoplay.enabled false >services.sync.prefs.sync.media.autoplay.default false

Even with that, YouTube ads play without warning.

Are there any known workarounds (other than switching to another
browser?)

Thanks.

Ever started Wireshark and then loaded Firefox? Don't open any
external pages, just load it.
It connects to over a dozen sites, and worse, maintains
several connections. My /etc/hosts file looks like a shopping list.
And that is with "safebrowsing" , geolocation , prefetch and
all other "excuses" turned off.

It's been on this list

<https://www.linuxcompatible.org/story/linux-security-roundup-for-week-42-2024/>

For the last 20+ weeks. Always a regression or backdoor "that
allows a remote attacker to gain control of your machine when visiting
a specially crafted page".

Why do I still use it? Chrome is worse....
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
Google Fuchsia - 2021

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 13/10/2024 12:36, Shadow wrote:

Why do I still use it? Chrome is worse....
[]'s

LOL!

I run Ublock Origin which rips out most of the turds.

But yes, sometimes i wake up after the 15th Youtube video that has been screwing with my dreams comes to an end after autoplaying through all
the others.

Somehow the 'autoplay disabled' flag gets tickled,


--
There is nothing a fleet of dispatchable nuclear power plants cannot do
that cannot be done worse and more expensively and with higher carbon
emissions and more adverse environmental impact by adding intermittent renewable energy.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/13/2024 07:36, Shadow wrote:

On 13 Oct 2024 04:00:31 GMT, Robert Riches <spamtrap42@jacob21819.net>
wrote:

In Devuan Daedalus, updating from firefox-esr 128.3.0esr-1~deb12u1
to 128.3.1esr-1~deb12u1 appears to have broken the media autoplay
setting, as measured by YouTube ads playing immediately after page
load, even though media autoplay is turned off (except for a couple
of about:welcome* "sites".

In an attempt to workaround the apparent (and possibly deliberate)
bug and following this page

https://connect.mozilla.org/t5/discussions/firefox-dont-block-video-play-even-if-autoplay-is-prohibited/m-p/49998

I have these settings in about:config:

dom.media.autoplay-policy-detection.enabled true
media.autoplay.allow-extension-background-pages false
media.autoplay.block-event.enabled false
media.autoplay.blocking_policy 1
media.autoplay.default 5
media.autoplay.enabled false
services.sync.prefs.sync.media.autoplay.default false

Even with that, YouTube ads play without warning.

Are there any known workarounds (other than switching to another
browser?)

Thanks.

Ever started Wireshark and then loaded Firefox? Don't open any
external pages, just load it.
It connects to over a dozen sites, and worse, maintains
several connections. My /etc/hosts file looks like a shopping list.
And that is with "safebrowsing" , geolocation , prefetch and
all other "excuses" turned off.

It's been on this list

<https://www.linuxcompatible.org/story/linux-security-roundup-for-week-42-2024/>

For the last 20+ weeks. Always a regression or backdoor "that
allows a remote attacker to gain control of your machine when visiting
a specially crafted page".

Why do I still use it? Chrome is worse....
[]'s

Have you checked out Librewolf yet? I haven't actually done that testing
myself but it supposedly is a more security hardened version of Firefox.
Be interesting to see if it correct these connections or not.

--
Phillip Frabott
----------
- Adam: Is a void really a void if it returns?
- Jack: No, it's just nullspace at that point.
----------

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Robert Riches <spamtrap42@jacob21819.net> wrote:

Even with that, YouTube ads play without warning.

Are there any known workarounds (other than switching to another
browser?)

On the system I usually run Firefox on (not Devuan), I don't have
the libavcodec library it uses for video playback installed, so it
_can't_ play videos at all. I also don't let youtube.com through
NoScript at all, and download everything I want to watch for
viewing in a separate program. Since youtube.com stopped showing
anything at all without Javascript I've been using Invidious
instances for searching and reading descriptions. www.genyt.net is
another "front-end" that works without Javscript. Some others here:

https://codeberg.org/skynet2982/awesome-alternative-front-ends#user-content-youtube

I'm sure there are ways to hide libavcodec from Firefox while still
keeping it installed for other software, but I'm not sure what
would be the easiest one. I never got around to doing that in
Devuan myself. I guess you're probably not willing to sacrifice all
in-browser video playback anyway, though maybe switching to one of
those front-ends or separate "apps" might be good enough.

--
__ __
#_ < |\| |< _#

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 13 Oct 2024, The Natural Philosopher wrote:

On 13/10/2024 12:36, Shadow wrote:

Why do I still use it? Chrome is worse....
[]'s

LOL!

I run Ublock Origin which rips out most of the turds.

But yes, sometimes i wake up after the 15th Youtube video that has been screwing with my dreams comes to an end after autoplaying through all the others.

Somehow the 'autoplay disabled' flag gets tickled,

Is there a case for moving back to Seamonkey for regular browsing? It
seems like they are sticking with a more traditional browser and not
innovating all the time.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-10-13, D <nospam@example.net> wrote:

On Sun, 13 Oct 2024, The Natural Philosopher wrote:

On 13/10/2024 12:36, Shadow wrote:

Why do I still use it? Chrome is worse....
[]'s

LOL!

I run Ublock Origin which rips out most of the turds.

But yes, sometimes i wake up after the 15th Youtube video that has been
screwing with my dreams comes to an end after autoplaying through all the
others.

Somehow the 'autoplay disabled' flag gets tickled,

Is there a case for moving back to Seamonkey for regular browsing? It
seems like they are sticking with a more traditional browser and not innovating all the time.

I use Seamonkey wherever I can, and Firefox elsewhere. There are
many web sites that use tricks that Seamonkey can't (yet) handle;
for me the prime example is Dropbox. You might be interested in
the ongoing discussions in alt.comp.software.seamonkey.

--
/~\ Charlie Gibbs | We'll go down in history as the
\ / <cgibbs@kltpzyxm.invalid> | first society that wouldn't save
X I'm really at ac.dekanfrus | itself because it wasn't cost-
/ \ if you read it the right way. | effective. -- Kurt Vonnegut

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-10-13, Charlie Gibbs <cgibbs@kltpzyxm.invalid> wrote:

I use Seamonkey wherever I can, and Firefox elsewhere. There are
many web sites that use tricks that Seamonkey can't (yet) handle;
for me the prime example is Dropbox. You might be interested in
the ongoing discussions in alt.comp.software.seamonkey.

It has been years since I heard anyone mentioning Seamonkey.
It was my impression that it had been completely replaced by Thunderbird
and the Mozilla browser, and had stopped being maintained when
Thunderbird came out.

- Lars Poulsen

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Lars Poulsen <lars@cleo.beagle-ears.com> wrote:

On 2024-10-13, Charlie Gibbs <cgibbs@kltpzyxm.invalid> wrote:

I use Seamonkey wherever I can, and Firefox elsewhere. There are
many web sites that use tricks that Seamonkey can't (yet) handle;
for me the prime example is Dropbox. You might be interested in
the ongoing discussions in alt.comp.software.seamonkey.

It has been years since I heard anyone mentioning Seamonkey.
It was my impression that it had been completely replaced by Thunderbird
and the Mozilla browser, and had stopped being maintained when
Thunderbird came out.

It's still around, but has a small user group: https://www.seamonkey-project.org/
I'm one of them. It just needs newer engines for web browser, e-mails, etc. :( --
"No temptation has seized you except what is common to man. And God is faithful; he will not let you be tempted beyond what you can bear. But when you are tempted, he will also provide a way out so that you can stand up under it." --1 Corinthians 10:13.
Trojans failed again. Go Doyers!
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://aqfl.net & http://antfarm.home.dhs.org.
/ /\ /\ \ Please nuke ANT if replying by e-mail.
| |o o| |
\ _ /
( )

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sun, 13 Oct 2024, Charlie Gibbs wrote:

On 2024-10-13, D <nospam@example.net> wrote:

On Sun, 13 Oct 2024, The Natural Philosopher wrote:

On 13/10/2024 12:36, Shadow wrote:

Why do I still use it? Chrome is worse....
[]'s

LOL!

I run Ublock Origin which rips out most of the turds.

But yes, sometimes i wake up after the 15th Youtube video that has been
screwing with my dreams comes to an end after autoplaying through all the >>> others.

Somehow the 'autoplay disabled' flag gets tickled,

Is there a case for moving back to Seamonkey for regular browsing? It
seems like they are sticking with a more traditional browser and not
innovating all the time.

I use Seamonkey wherever I can, and Firefox elsewhere. There are
many web sites that use tricks that Seamonkey can't (yet) handle;
for me the prime example is Dropbox. You might be interested in
the ongoing discussions in alt.comp.software.seamonkey.

Ahh... nice! What I'd love, is for someone to compile seamonkey without
the chat, mail, calendar and what else is in there, and _only_ deliver me
the web browser. I think it could be a real contender for my day to day browsing.

All business related browsing sadly has to live in chrome, and seamonkey
could then handle all the private non-business browsing.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

D wrote:

What I'd love, is for someone to compile seamonkey without the
chat, mail, calendar and what else is in there, and only deliver me
the web browser.

That would be roughly equivalent to running Firefox v60 ...

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 14 Oct 2024, Andy Burns wrote:

D wrote:

What I'd love, is for someone to compile seamonkey without the
chat, mail, calendar and what else is in there, and only deliver me
the web browser.

That would be roughly equivalent to running Firefox v60 ...

Exactly! Without the spyware, weird design decisions, telemetry etc. I
think that might be a nice sweet spot between a TUI browser like elinks
and a full blown firefox or chrome.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-10-13, 186282@ud0s4.net <186283@ud0s4.net> wrote:

On 10/13/24 12:00 AM, Robert Riches wrote:

In Devuan Daedalus, updating from firefox-esr 128.3.0esr-1~deb12u1
to 128.3.1esr-1~deb12u1 appears to have broken the media autoplay
setting, as measured by YouTube ads playing immediately after page
load, even though media autoplay is turned off (except for a couple
of about:welcome* "sites".

In an attempt to workaround the apparent (and possibly deliberate)
bug and following this page

https://connect.mozilla.org/t5/discussions/firefox-dont-block-video-play-even-if-autoplay-is-prohibited/m-p/49998

I have these settings in about:config:

dom.media.autoplay-policy-detection.enabled true
media.autoplay.allow-extension-background-pages false
media.autoplay.block-event.enabled false
media.autoplay.blocking_policy 1
media.autoplay.default 5
media.autoplay.enabled false
services.sync.prefs.sync.media.autoplay.default false

Even with that, YouTube ads play without warning.

And you think that's an "error" ? :-)

Yes, well, I did say "... and possibly deliberate".

--
Robert Riches
spamtrap42@jacob21819.net
(Yes, that is one of my email addresses.)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-10-13, Shadow <Sh@dow.br> wrote:

On 13 Oct 2024 04:00:31 GMT, Robert Riches <spamtrap42@jacob21819.net>
wrote:

In Devuan Daedalus, updating from firefox-esr 128.3.0esr-1~deb12u1
to 128.3.1esr-1~deb12u1 appears to have broken the media autoplay
setting, as measured by YouTube ads playing immediately after page
load, even though media autoplay is turned off (except for a couple
of about:welcome* "sites".

In an attempt to workaround the apparent (and possibly deliberate)
bug and following this page

https://connect.mozilla.org/t5/discussions/firefox-dont-block-video-play-even-if-autoplay-is-prohibited/m-p/49998

I have these settings in about:config:

dom.media.autoplay-policy-detection.enabled true >>media.autoplay.allow-extension-background-pages false >>media.autoplay.block-event.enabled false >>media.autoplay.blocking_policy 1 >>media.autoplay.default 5 >>media.autoplay.enabled false >>services.sync.prefs.sync.media.autoplay.default false

Even with that, YouTube ads play without warning.

Are there any known workarounds (other than switching to another
browser?)

Thanks.

Ever started Wireshark and then loaded Firefox? Don't open any
external pages, just load it.
It connects to over a dozen sites, and worse, maintains
several connections. My /etc/hosts file looks like a shopping list.
And that is with "safebrowsing" , geolocation , prefetch and
all other "excuses" turned off.

It's been on this list

<https://www.linuxcompatible.org/story/linux-security-roundup-for-week-42-2024/>

For the last 20+ weeks. Always a regression or backdoor "that
allows a remote attacker to gain control of your machine when visiting
a specially crafted page".

Why do I still use it? Chrome is worse....
[]'s

Good idea to use Wireshark--if I could afford the time. It might
scare me enough to push me over the edge and ditch Firefox.

I run squid with a custom URL rewriter to block domains that have
have demonstrated behavior or content I find offensive. Also, I
check (formerly /var/log/messages) and (now) /var/log/syslog and
observe a ton of blocked packets, mostly either

- outbound to port 19302 (IIRC) to 74.125.250.129 (Google)

- inbound from port 443 from DeepIntent and a few of its allies

- inbound ICMP from a ton of IP addresses

Being behind two NAT routers might account for some of the
above. A friend suggested many of those packets might be content
providers trying to find a lower-latency "edge" host.

--
Robert Riches
spamtrap42@jacob21819.net
(Yes, that is one of my email addresses.)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/14/24 11:52 PM, Robert Riches wrote:

On 2024-10-13, 186282@ud0s4.net <186283@ud0s4.net> wrote:

On 10/13/24 12:00 AM, Robert Riches wrote:

In Devuan Daedalus, updating from firefox-esr 128.3.0esr-1~deb12u1
to 128.3.1esr-1~deb12u1 appears to have broken the media autoplay
setting, as measured by YouTube ads playing immediately after page
load, even though media autoplay is turned off (except for a couple
of about:welcome* "sites".

In an attempt to workaround the apparent (and possibly deliberate)
bug and following this page

https://connect.mozilla.org/t5/discussions/firefox-dont-block-video-play-even-if-autoplay-is-prohibited/m-p/49998

I have these settings in about:config:

dom.media.autoplay-policy-detection.enabled true
media.autoplay.allow-extension-background-pages false
media.autoplay.block-event.enabled false
media.autoplay.blocking_policy 1
media.autoplay.default 5
media.autoplay.enabled false
services.sync.prefs.sync.media.autoplay.default false

Even with that, YouTube ads play without warning.

And you think that's an "error" ? :-)

Yes, well, I did say "... and possibly deliberate".

BET on it ! :-)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Robert Riches <spamtrap42@jacob21819.net> wrote:

I run squid with a custom URL rewriter to block domains that have
have demonstrated behavior or content I find offensive.

How do you get Squid through the encryption to modify URLs in
webpages loaded over HTTPS?

--
__ __
#_ < |\| |< _#

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-10-15, Computer Nerd Kev <not@telling.you.invalid> wrote:

Robert Riches <spamtrap42@jacob21819.net> wrote:

I run squid with a custom URL rewriter to block domains that have
have demonstrated behavior or content I find offensive.

How do you get Squid through the encryption to modify URLs in
webpages loaded over HTTPS?

I don't. The URL rewriter gets only the domain name and IP
address of the server the request would otherwise be sent to.

Before the HTTPS revolution, I could block specific pages. Now,
I can block only whole domains. When the rewriter gets a match
on the domain name, it replaces the request with this URL:

http://127.0.0.1/bogosity

(I do not have a local web server running on a default port.)

It sometimes leaves odd-looking things where ads would have been.
:-)

--
Robert Riches
spamtrap42@jacob21819.net
(Yes, that is one of my email addresses.)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)