Which web browser do you prefer in Elive?

IamElive · July 6, 2020, 5:06pm

Maybe just block it from additional submissions, freezing it in eternity rather than deleting, if you think there is no further useful discussion that can be added to it.

Thanatermesis · February 5, 2021, 3:12pm

IMPORTANT: the great suspender does a good job, but I just seen a notification in chrome that it includes MALWARE, so you should remove it inmediately, seems like it steals your login credentials so its a serious thing, maybe you should remake your login passwords... so bad

passwords are very stupid invention, we should simply use fingerprint logins or similar things

TheTechRobo · February 5, 2021, 3:31pm

Even that's not perfect.

If there was less capatalism then people wouldn't do this as much. Especially considering you can make LOTS of money from stealing login info

TheTechRobo · February 11, 2021, 2:42am

Need I say more?

TheTechRobo · February 11, 2021, 3:20am

Actually, and this is the worst part, it's relatively unknown WHAT is happening.

The extension was bought out by an unknown third party, and now there is some random JS code that is injected. However, these changed were not put on Github AND the js source is http://owebanalytics.com/ which has the Open Web Analytics code, but the domain is not affiliated with OWA, so why is the URL so suspiscious?

Plus, neither the original maintainer NOR the new one has responded since it was bought out.

github.com/greatsuspender/thegreatsuspender

URGENT: SECURITY: New maintainer is probably malicious

opened 03:18PM - 03 Nov 20 UTC

calumapplepie

**TLDR**: The old maintainer appears to have **sold** the extension to parties u…nknown, who have **malicious intent** to exploit the users of this extension in advertising fraud, tracking, and more. In v7.1.8 of the extension (published to the web store but NOT to GitHub), **arbitrary code was executed from a remote server**, which appeared to be used to commit a variety of tracking and fraud actions. After Microsoft removed it from Edge for malware, v7.1.9 was created without this code: that has been the code distributed by the web store since November, and it does not appear to load the compromised script. However, the malicious maintainer remains in control, however, and can introduce an update at any time. It further appears that, while v7.1.9 was what was listed on the store, those who had the hostile v7.1.8 installed **did NOT automatically receive the malware-removing update**, and continued running the hostile code until Google force-disabled the extension. **The Great Suspender has been removed from the Chrome Web Store. To recover your tabs, see issue #526, or continue reading** The code in the Github repository is currently safe, and the most recent tagged release happened before the transfer of ownership. To use that version, and avoid needing to finagle URL's, enable Chrome developer mode, download and extract a copy of the code, then navigate to your extensions menu and select 'Load Unpacked Extension'. Some others have had success simply pressing the "back" button on suspended tabs: everyone should note that the site's URL is included in the URL of the suspended page. For a pictorial guide on doing this, see [this comment](https://github.com/greatsuspender/thegreatsuspender/issues/1263#issuecomment-773538665). Further, if you just want to reload lost tabs, you can use some form of File History on Chrome's user profile directory (while chrome is closed!), before restarting chrome and using the extension menu to unsuspend all tabs before your computer realizes the extension is banned again. Because the malicious code loaded from a server by the extension in version 7.1.8 was heavily obfuscated, it is hard to say what may have been compromised. However, those who did manage to conduct an successful analysis of the code reported no password-stealing functionality in the copies that were archived. **Indeed, it is highly unlikely that the extension would have been able to steal passwords**. That being said, **it is theoretically plausible**: see my comment [here](https://github.com/greatsuspender/thegreatsuspender/issues/1263#issuecomment-774107311). If you don't already, I highly recommend using a password manager like [**Bitwarden**](https://bitwarden.com/), to reduce the difficulty of changing your passwords, and to prevent an site that transmits and stores password information in a insecure way from causing the rest of your accounts to be compromised. Additionally, enabling **two factor authentication** wherever you can is a very easy and powerful way to make it virtually impossible for an attacker to get your data, even if they managed to retrieve passwords. ## Full description of the issue: @deanoemcke, the original developer, chose to step back from the extension in June 2020. As a replacement maintainer, he chose an unknown entity, who controls the single-purpose @greatsuspender Github account. Much was suspicious about this change, including **mention of payment for an open-source extension**, and complete lack of information on the new maintainers identity. However, as the new maintainer did nothing for several months, it was believed that there was simply a failed transfer. In October 2020, the maintainer updated chrome store package. The update raised red flags for some users, because the changelog was not modified and there was no tag created in GitHub. On investigation, it appeared that the extension was now connecting to various third-party servers, and executing code from them. This lead a few users to panic, however, on closer investigation, it appeared that the third-party servers were part of an alternative to Google Analytics: and the changes shipped along with a new (though unexplained, #1260) tracking deactivation. It appears that deactivation works. **We would later discover that this was wrong: See below** The discussion continued, however, because the new update also requested additional permissions, including the ability to manipulate all web requests. That lets the extension do what it pleases, including inserting ads, blocking sites, forcible redirects.... This change was supposedly in order to enable new screenshot functionality, but that was unclear, and probably shouldn't be needed. Furthermore, the web store extension has diverged from its Github source. A minor change in the manifest was now being shipped on the chrome web store, which was not included in Github. This is a major concern: though again, it has a possible innocent explanation. While some think it is illegal given the license on the code, **this may not be a GPL violation.**. Because the minified script is not part of the extension, the license does not apply to it. Because of Web Store rules, the extension itself can be unpacked and inspected in full, human-readable form, likely satisfying the copyleft restrictions. As a final red flag, no part of the web store posting has been updated to account for this. @deanoemcke remains listed as the maintainer, and the privacy policy makes no mention of the new tracking or maintainer. It has been several months since the transfer, but almost nothing reflects that change. @deanoemcke did respond to the thread, after a significant delay. He confirmed much of what is above, including that the secret changes are limited to analytics and are disabled by the flag. However, he hasn't yet clarified what his relationship or basis of trust with the new maintainer is, nor has he explained why the initial post mentions a 'purchase'. On November 6th, @lucasdf discovered a smoking gun that **the new maintainer is malicious**. Although OpenWebAnalytics is legitimate software, it does not provide the files executed by the extension. Those are hosted on the **unrelated** site owebanalytics.com, which turns out to be immensely suspicious. That site was **created at the same time as the update**, and is clearly designed to appear innocent, being hosted on a public webhost, and being given a seemingly innocent homepage from the CentOS project. However, the site contains no real information other than the tracking scripts, appears to have been purchased with BitCoin, and is only found in the context of this extension. Most importantly, the minified javascript differs **significantly** from that distributed by the OWA project. @thibaudcolas has done a more detailed analysis then my quick look. He quickly located additional hardcoded values related to other, confirmed malicious extensions, implying that the new maintainer is responsible for them. He also found incredibly suspicious additional information, that makes it clear that **the extension was not loading a modified version of OWA, but a trojan disguised as it**. OWA has a PHP based backend, but the fakes are using NodeJS. The trojan sets cookies, which OWA doesn't use. The response to certain requests is a completely different type then legitimate OWA. Furthermore, @joepie91 has attempted to deconstruct the minified JS, and believes that the code **intercepts all requests**, meaning it can track you perfectly, and furthermore **manipulates those requests** and **makes additional advertising requests**. That means the author was probably attempting to commit several flavors of advertising fraud, as well as possibly tracking you globally. While there once appeared to be an innocent explanation for this, I can no longer say that it is remotely likely. **Using the chrome web store version 7.1.8 of this extension, without disabling tracking, executed code from an untrusted third-party on your computer, with the power to modify any and all websites that you see**. The fact that disabling tracking still works is irrelevant given the fact that most of the 2 million users of this extension have no idea that that option even exists. The fact that the code may not be malware is meaningless in light of the fact that it can be changed without notice, and that it is minified (human-unreadable). The fact that a new version has since been pushed that disables this behavior isn't useful given that **any future update reintroduicing the malicious code will occur without notifying the user.** Many users are worried enough about the changes that they completely uninstalled the extension, preferring alternatives instead. That extension has much fewer features, but is slightly better for performance. Others have begun building it from source, and installing it manually. If a person were to try to create a new web store release, they would need to change it significantly enough that Google wouldn't reject it as spam. To simply get a safe version for yourself, see further below. **Before removing or modifying the extension on your computer, be sure to unsuspend all tabs, or you WILL lose them** (though the original URL's can be extracted from the extension query's, and some are working on scripts to do just that, its easier to do just avoid all that. Throughout the above discussions, which spanned several issues, now appear in news articles, the new maintainer has never posted on the thread, or interacted in any way with the repository. Despite an ongoing discussion about how they are plotting to destroy us all, they haven't done anything to assuage our concerns: likely in the hope that all those aware of the attack would move on eventually. They aren't dead, as they were quite quick to update the extension when Microsoft removed it for malware, and @deanoemcke reports that they. But the new maintainer might well be a literal cat on a keyboard, for the amount of interaction they have made with the community. For those who don't want to continue using the extension, alternatives include [Tabs Outliner](https://chrome.google.com/webstore/detail/tabs-outliner/eggkanocgddhmamlbiijnphhppkpkmkl), which lets you place tabs in an outline. [Auto Tab Discard](https://chrome.google.com/webstore/detail/auto-tab-discard/jhnleheckmknfcgijgkadoemagpecfol?hl=en) is very similar to TGS, however it always reloads the tab when it is focused. [Session Buddy](https://chrome.google.com/webstore/detail/session-buddy/edacconmaakjimmfgnblocblbcdcpbko?hl=en) allows you to save tabs into "collections", that can be reviewed later, as well as providing security against crashes. If you enjoy using the extension, and wish to continue using it as it was, download the source code from the Github repository (version 7.1.6), enable developer mode, select "Load unpacked extension", and point it at the /src directory. Bam! You are now running The Great Suspender as @deanoemcke created it. @aciidic has gone further, creating a new repository not under the control of the old maintainer, and with all tracking code removed, [here](https://github.com/aciidic/thegreatsuspender-notrack). [The Marvellous Suspender](https://chrome.google.com/webstore/detail/the-marvellous-suspender/noogafoofpebimajpfpamcfhoaifemoa?hl=en) is another fork currently on the Chrome Web Store, for those who would prefer not to finagle with developer mode settings. That concludes my summary. For more information, please do look further down on this thread, or at the original announcement (#1175). An analysis of the script is placed [here.](https://github.com/greatsuspender/thegreatsuspender/issues/1263#issuecomment-754354645). Additional sources began covering this in January 2021, and a lot more picked it up after February Fourth for some bizarre reason that probably has nothing to do with the removal by Google. <details> <summary> Edit log </summary> Edit 01: (2020-11-06) add details from this discussion Edit 02: (2020-11-06) Update to reflect the newly discovered evidence for malice Edit 03: (2020-12-06) Note technique to continue using TGS Edit 04: (2021-01-03) Add "Urgent" to title (and WOW did people start noticing) (thanks twitter) Edit 05: (2021-01-05) Note @thibaudcolas and his analysis. Edit 06: (2021-01-08) Note @thibaudcolas's second analysis, clarify and copyedit throughout, and start adding dates to edits Edit 07: (2021-01-08) Remind about the process of removing the extension, and note a bit more about maintainer Edit 08: (2021-01-08) Last one for today, promise: Reformat edit list and other minor changes throughout, Edit 09: (2021-02-04) Note removal from store Edit 10: (2021-02-04) Fix bold Edit 11: (2021-02-04) Add help for those worried about losing tabs in nice big bold letters Edit 12: (2021-02-04) Add details about password security Edit 13: (2021-02-04) Clarify compromise, beautify edit log Edit 14: (2021-02-04) Obscure the fact that I made my first edits 9 months in the future (fix edit years) Edit 15: (2021-02-05) Clarify probably breaches: regret decision to keep obsessive edit log Edit 16: (2021-02-09) Realize that issue still contained the false implication that users were safe after November. </details>

github.com/greatsuspender/thegreatsuspender

Upcoming changes to the management of The Great Suspender

opened 10:19PM - 19 Jun 20 UTC

deanoemcke

pinned

Hi everyone. I'd like to announce some changes to the administration of The Grea…t Suspender project. It's been almost 8 years since the first release of The Great Suspender to the Chrome Web Store. I've seen the extension turn from a hobby project to an indispensable chrome add-on, all due to an enthusiastic community of users that promoted the extension on my behalf. The contribution of both code, and feedback from everyone here on GitHub has been critical to the success of the project. You have helped me detect and resolve bugs, given me ideas for UX improvements and new features, and provided technical assistance when I have found myself struggling with some code. I honestly couldn't have got to this point without you. However, as the user base for The Great Suspender has continued to grow, so have the commitments in my private life. And I've found I'm increasingly incapable of meeting the demands that this project requires. I've therefore decided to take a step back, and let others lead the development. I have found a new dedicated owner for The Great Suspender who has the capacity to see the extension actively maintained into the future. The new GitHub administrator for this project will be @greatsuspender. They have also purchased the rights to publish the extension to the Chrome webstore and will be managing the public release process going forwards. Big thanks for taking on this project and continuing its development! Thanks again for all of your support here on GitHub. You're the best!

you can always try this extension:

Thanatermesis · March 9, 2023, 4:08pm

Seems like Chrome included a "suspender" system itself, so no third-party plugins needed for this and of course the implementation should be better / more stable. I think this is a great benefit for RAM saving on the actual versions of chrome, anybody found that the recent chrome's are more resources efficient now?

stoppy98 · March 9, 2023, 4:37pm

I think Microsoft Edge has been using it for a while now, it's already a few months that i notice the badge "tab suspended to save xx% of resources"