How is this different from setting your DNS to a malware-blocking domain provider? For example Cloudflare’s malware dns is 1.1.1.2, Quad9 blocks malware by default with 9.9.9.9.
Since it's a browser extension, it does not offer any protection outside the browser. If you use a DNS service with malware blocking it will, in theory, "protect" any DNS lookup your system performs. Including lookups that originate from software other than your web browser.
It also differs by using several different services to check all URLs (there's a list in the readme). If you set your DNS to Cloudflare and/or Quad9 you will only get protection from one of those.
I can think of pros and cons with both of these aspects.
1) Osprey is just more protections built into one. It combines seven pre-existing safe browsing extensions you can already download into one lighter and better extension. All these extensions do is send the URL you visit to an API. That's what SmartScreen and Google SafeBrowsing do.
2) Read gorhill's comment. Checking network activity is easy, and checking every extension is always good.
When you enable "Developer mode" in the "Extensions" page of your browser, you can open the developer tools for the extension by clicking the "service worker" link, and from there select the "Network" tab, you will be able all the network requests made by the extension from within its service worker.
I just started using uBO Lite on Chrome. Brave is my daily driver and I just can't surf the web without an ad blocker anymore. I resisted it for years.
Thanks gorhill. Yes, this is true! Osprey only sends its stripped-down URLs to the services you turn on. Nothing more. It's as anonymous as it can be without using a VPN, afaik.
Chrome and Edge contain just one single source of malicious website reports.
This addon uses multiple data sources.
As for logging: this submits URLs to various services. This is unlike Google Safe Browsing, which has a "periodically sync an offline database" setting (but will also send URLs to Google by default).
I seems to send all urls you visit to Microsoft, Symantec, Emisoft, Webshield, Norton, Gdata Security, and/or BitDefender, depending on your settings. And of course, those URLs can be changed on the next update.
This is true, and they do. I'm replacing Comodo's Valkyrie API with Symantec's Browser Protection API for performance reasons. But, no data is logged, and only the minimum amount of data is sent to each provider.
ublock Origin already has a feature called "strict blocking" which does the same thing. In fact, the placeholder page that this extension takes you to looks almost exactly the same as the one that ublock origin uses.
Does that feature really send each URL you attempt to browse to a bunch of third-party services to be verified before it lets you browse them?
Edit: Made some not-very-thorough research and it seems like "strict blocking" in uBlock Origin does not do the same thing. It does local lookups against regularly updated filter lists. Like all of uBlock Origin's blocking, I guess.
Osprey is entirely asynchronous. It doesn't hold pages at all. If you visit an unsafe website, you might see it for 50-250ms before the connection is stopped.
Since it's a browser extension, it does not offer any protection outside the browser. If you use a DNS service with malware blocking it will, in theory, "protect" any DNS lookup your system performs. Including lookups that originate from software other than your web browser.
It also differs by using several different services to check all URLs (there's a list in the readme). If you set your DNS to Cloudflare and/or Quad9 you will only get protection from one of those.
I can think of pros and cons with both of these aspects.
2) How do I know this isn't logging every URL I visit back to Osprey?
Thank you for all you do!
This addon uses multiple data sources.
As for logging: this submits URLs to various services. This is unlike Google Safe Browsing, which has a "periodically sync an offline database" setting (but will also send URLs to Google by default).
Does that feature really send each URL you attempt to browse to a bunch of third-party services to be verified before it lets you browse them?
Edit: Made some not-very-thorough research and it seems like "strict blocking" in uBlock Origin does not do the same thing. It does local lookups against regularly updated filter lists. Like all of uBlock Origin's blocking, I guess.