Is this a common thing? I have just recently installed the extension, so I am not sure if there are a lot of other websites who do it.
Since looking into it, I noticed that uBlock Origin already has the default list "Block Outsider Intrusion into LAN" but it wasn't enabled.
Never knew that this existed. Thank you!
https://github.com/uBlockOrigin/uAssets/issues/4318
https://bugzilla.mozilla.org/show_bug.cgi?id=1481298
It actually makes sense to have a paid service that makes this abomination less painful. Though they work with VFS Global for collecting the applications and relevant documents, the VFS Global itself is an abomination and doesn't help with the handling of the form filling anyway.
Recently EU streamlined the Schengen visa application process for Turkish citizens as those "visa agencies" that are the official agencies and the only way to apply for a visa for many countries don't actually help with anything and are scamming people by selling the "good hours" for the visa appointment on the black market. An agency was dropped for this and the scams by agencies were listed among the reasons to streamline the application process.
Both with US and EU people are losing scholarships etc. due to outrageous wait times that are sometimes are years ahead or there's an issue with the systems handling the applications.
I guess there must be an opportunity there to fix all this together with smaller stuff like handling transliteration and character encodings, I wonder if some of those scam site are not scams and actually help with it. An AI agent can be useful here.
That's probably because of the fact that the appointments are near impossible to get, they only allow booking a few months out and it's always completely booked. So everyone was refreshing (or if clever botting) to get an appointment slot.
It's bad enough that in some cases I believe the designers should be threatened with legal penalties.
I'm not sure I see the upside of moving to a nation knowing that its citizens actively despise my existence.
Once you are eligible to apply, the whole process is basically form N400->biometrics->interview (just doublechecking your name and other paper info, takes 5 minutes)->civics test->ceremony.
However, the timelines and process for getting the green card itself is different depending on the nature of your visa, and they will indeed try to check for scam marriages before you get your green card (if you were applying for it through the marriage visa).
My understanding - which may not be correct - is the length of the process primarily depends on your country of origin and secondarily on how you are eligible. Very interested in any source showing that a relatively normal process has pushed out from months to years.
Timelines for USCIS depends heavily on where you are, since some offices just have more people to go through than others. So I have talked to people that one step might be 4 months for them and a year for another person.
All this is to say we probably shouldn't assume any current US government website, especially ones that have to do with immigration, hasn't been completely modified by this team.
Many federal web sites were very quickly altered or replaced by the new administration.
This is common. Work begins on some web sites immediately after the election. For example, when a new president is sworn in, the White House web site flips immediately.
More to the parent poster's point, it has been widely reported in the legitimate media repeatedly that many federal web sites have been replaced or significantly altered by the current administration. There's an entire pseudo-department for it that also makes headlines for its greater transgressions.
Add to that severe and sudden budget and staffing cuts, and like all government functions -- you get what you pay for.
The rejection rates are also not bad and EU has a "return agreement" with Turkey, which is designed to keep the middle eastern refugees in Turkey(essentially, if you come from Turkey EU can send you back to Turkey right away ).
Crime rates for Turks show up among the lowest ones, unlike others from the region. So I don't think that EU is trying to reduce visas for Turks.
https://home-affairs.ec.europa.eu/news/visa-applications-rea...
https://ec.europa.eu/eurostat/statistics-explained/index.php...
Maybe in the EU it’s all good, but expect a lot of turbulence in the US.
It would be good if the Indian government could block the scammers but I guess it’s a lower priority for the moment.
So obviously the only way they could to this is with government contacts meaning the government themselves could already do it, but a lot of immigration stuff everywhere is full of people taking kickbacks.
I know that Indian scam stereotype is racist and bad but how much it is "that bad"
it's one hundred per cent clueless privacy invasion. they are probably also opening ports via other means and using that for side channel ID like Facebook does.
just like any other documentation scam, the only weak point is on the "last mile" that's why you will always have a human interviewer.
the visa process is abusive and unpractical because people will work around any hurdle and their kpi will never be affected no matter how crappy they manage to make to whole process. or how many doge kids implement useless privacy invasion tech just because.
https://www.f5.com/
It's insane to allow any random website to port scan my LAN. If this wasn't a "feature", I would have considered this a high severity vulnerability
(There is some language online suggesting PNA has not actually shipped, but I experienced it myself in stable Chrome several years ago, so I am unsure of the current state).
Firefox doesn't implement either approach -- I assume this is indicative of their lack of development resources.
Since ublock had this as a feature for a long time, I'm sure they are aware of it. Unlike other non funded oss projects, Firefox can't and shouldn't shield themselves with this lack of development resource excuse. They have millions.
Using uMatrix was very annoying at first, most websites are broken without their CDNs, but after a few months or so, the whitelist grew and it contains 90% of websites I visit.
On my system https://ceac.state.gov/genniv/ tries to connect to captcha.com, google-analytics, googletagmanager, 127.0.0.1 and "burp" (a local hostname that doesn't exist in my network). Interestigly, the browser console doesn't list connection attempts to localhost or burp. If I allow 127.0.0.1 and "tcpdump -i lo", I see connections to port 8888, which isn't open.
This is a container that FB gives you to host that lives under your domain (it can be your main domain) that slurps up user data and sends it to Facebook from the server side. You embed some JS in your website, and they hoover up the data.
There are options to not load JS, images, XMLHttpRequests, frames, cookies, for each site, but it doesn't list individual files.
For those who want to try blocking more stuff you can enable hard mode and bind relax blocking mode keyboard shortcut
I'd recommend also enabling filter lists(I advice yokoffing/filterlists and your region/language)
https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-m...
Besides, uMatrix works fine. It's that kind of program that doesn't need any updates.
But I found what "burp" is: https://portswigger.net/burp/communitydownload
Somewhat more worryingly, Little Snitch doesn't report them at all, though that might just be because they were already blocked at the browser.
https://i.imgur.com/lvjg2YQ.png
That looks so much like test code that was shipped to prod.
Searches for that string on GH does return results.
If you're on OSX, the permission to "discover on the local network" prevents it from happening ( System Settings -> Privacy & Security -> Local Network -> yourbrowser )
Could also be 'network' permissions on firefox ( Go to Settings > Privacy & Security > Permissions ) which is on a per site level, but iirc that could be set site-wide at some point.
The other browsers likely have similar configs, but this is what I have found.
That will be this burp: https://portswigger.net/burp/documentation/desktop/tools/pro...
Sounds like they don't want you to analyze their site.
Are you seeing connection attempts to other IPs?
Could also be incompetence :D until I fixed it, deploying from my local machine rather than CD resulted in one of the baked in URLs being localhost rather than the public host on the project I'm working on now. Their local development server might just be at port 8888. Wouldn't surprise me.
https://my.f5.com/manage/s/article/K000138794
> These requests are caused by the bot profile to test the different browser capabilities.
> 'http://127.0.0.1:xxxx' request is a call to the localhost/client machine, which is normal when trying to protect assets like end-server using ant-bot defense. It does not have any impact regarding application page load.
Remember back in June when Facebook/meta got caught tracking users trough a webserver on Android phone thought Messenger and Instagram? Same thing.
See: https://news.ycombinator.com/item?id=44169115 and https://news.ycombinator.com/item?id=44175940
1MB of obfuscated fingerprinting + portscan + Webgl . But oddity this one is trying to find burp suite specific route's.
That being said, I think this is an overall win, hopefully Firefox implements it in a consistent manner as well.
Although, from personal experience, it used to require java and it worked only on internet explorer and since it has been retired and replaced with chromium, i am not sure what is the way to make it work nowadays, as i have not been able to figure out to use it when i needed the last time.
"Hacks and Hops" doesn't even have a valid home page. The extension links to https://g666gle.me/ which does not exist. The domain name itself does not want to make me give access to all my data for all websites to them.
As nice as this extension seems, I would ever in a million years install it.
https://news.ycombinator.com/item?id=44169115
When I visit the site from Safari on macOS I see this in the console. Are there any particular services that use port 8888 for the website to do this?
It seems to be part of some "bot defense" product by these F5 people, to "test the different browser capabilities". I doubt it's intended to hit a real endpoint on any system.
https://www.digitalsamba.com/blog/metas-localhost-spyware-ho...
How does that work? A browser extension can't influence how your router and other machines in your network react to incoming requests.
* uBlock Origin and Lite have it as an option under Filter List > Privacy > Block Outsider Intrusion into LAN
* Brave prevents it, tested with Aggressively block Trackers and Ads.
Also I wonder if this protection is available only with old extension manifest version or new network request hooks API also supports it.
Like a less sophisticated Tor/VPN that is easily detected by port scans
So much better.
Modern web design is a joke.
It looks useful and looks good, there's minimal unneeded whitespace and I'm glad it looks as it does. We'd be better off if the entire web switched to a style like this.
There is also a lot of fingerprintable material within such a port scan from clock skew, TCP ISN, and a few other areas.
You can sieve this quite easily with this available, thanks to Roku's, Phone's, and other things doing this while just sitting locally in a shared collision domain (a digital soldier quartered in every home).
The metadata node graph of devices locally acts as a unique fingerprint once in RFC1918 space, technically not unique but close enough.
I will give it a try and see what happens and if I see anything I will add it here.
SO, I guess that is going to be used on all my firefox runs.
I remember years back when people would run these firewalls and we'd get complaints from home users about normal traffic.
Thinks like complaints our mail servers was scanning them on port 25 when they sent email.