AMO is getting a new look. Would you like to see it?

Visit the new site

Close

NinjaSentry

About me

Developer Information
Name NinjaSentry
Occupation Self Defense Instructor
User since April 10, 2015
Number of add-ons developed 0 add-ons
Average rating of developer's add-ons Not yet rated

My Reviews

Advanced Cookie Manager

Great features Rated 1 out of 5 stars

Advanced cookie manager works great and the cookie monitor is a very useful and unique feature.

I was not impressed to see background connections from facebook wanting to load an fb like button in an iframe.That's totally ridiculous behaviour for a browser extension.

Because this addon violates the privacy of my Firefox browser, I can really only give this one star.

Please respect the privacy of your users to get more stars.

This review is for a previous version of the add-on (5.10). 

Karma Blocker

Most intelligent 3rd party content filtering solution ever Rated 5 out of 5 stars

Without question, Karma Blocker is the most powerful '3rd party' content filtering addon for Firefox.

It's clearly a well polished addon and has a very friendly UI. I had a lot of fun with this and was able to create some very effective rules for zapping content thanks to the great documentation and powerful rule syntax.

Eg : One rule to wipeout some annoying social widgets :
rule=$url=~'(?:apis|platform)?\.\w+\.com\/(?:[a-z]+\/)?(?:in|plusone|widgets)(?:\.js|\/tweet_button)'

The ability to set your own karma threshold, whitelist and regex rules directly in the browser puts you completely in control. You have the final say and the power to block / unblock anything. Simply toggle the icon to turn filtering on or off, it doesn't get any easier.

I removed the cdn rule from the whitelist though, since malware sometimes use cdn host names.

rule=$url.host=~'cdn'

Karma Blocker provides the tools you need to monitor and debug page content, which is especially handy if you need to find some hard to block content, or you need to see which rule is blocking page content, that you dont wan't blocked.

Using the Monitor, Karma Blocker will even show you which rule triggered a block, and then all you need to do is edit the rules accordingly.

Karma Blocker may be best suited for people who like to get their hands dirty and dig into things. You really should read the docs to grasp how the excellent karma filtering system works.

Before installing, if you aren't prepared to use your brain a little bit, this addon is probably not suited for you. But don't worry there are plenty of other blocking addons, that don't require much brain activity at all.

The only real disappointment I had after using Karma Blocker is that there's no option to filter 1st party content.

Filtering 3rd party content only is probably great for reducing bug reports, but I feel it leaves a gap in the overall protection.

I'd love to be able to use Karma Blocker as a standalone solution for protecting the browser, because it provides the most comprehensive content filtering abilities I've seen so far in any addon.

At one point I started to use SilentBlock with the Karma Blocker regex rules to filter 1st party content, unfortunately SilentBlock has no GUI and you need to restart Firefox to edit your rules. Nightmarishly horrible but effective.

If someone was able to combine the 1st party stopping power of Silent Block, with the 3rd party filtering features and UI of Karma Blocker, it would really be one of the most amazing security addons ever.

Thanks Anthony.

This review is for a previous version of the add-on (0.5.1-signed). 

NoRedirect

Works great for intercepting redirects Rated 5 out of 5 stars

I like this addon a lot. Took a few minutes to figure out, but it works great.

A good overview of the different types of redirects can be found on Wikipedia :
http://en.wikipedia.org/wiki/URL_redirection

NoRedirect can be used to protect against exploit kits and servers infected with malware such as cdorked, by intercepting their malicious redirects.

It can detect HTTP headers ( 301 / 302 etc ), and HTTP refresh / meta-refresh. It does not work on javascript window.location redirects.

There are very few options, so it's hard to go wrong. Using it like a firewall in default block all mode, I removed all the default filters and added one catch all wildcard filter to intercept redirects globally from any website.

My test pattern :

^https?://(?:[^/]+\.)?(?:.+)\(?:.+)

When you leave all the checkbox options unchecked, this mode will give you a redirect warning with a message showing the status code or header redirect type, with a link to the redirect location that you can click on, if all is ok.

Checking the DNS error page option will give you the Firefox error page that the site can't be found. This option could be used when targeting exploit kit redirect patterns specifically. A custom error page with a brief description or NoRedirect logo would be even better, so you know it's not really an error..

Thanks Kai Liu, great work.

--

@davesocal - "There is no support documentation to explain the syntax of the filter expressions to use"

Mozilla has a very nice page on Regular Expressions :
https://developer.mozilla.org/en/docs/Web/JavaScript/Guide/Regular_Expressions

--

ZenMate Security & Privacy VPN

Please explain the Zm_Ff header ? Rated 3 out of 5 stars

It's an interesting addon. It was a smooth install with a well designed gui. ZenMate seems to work well at masking your IP address and changing your Geolocation easily.

But there are information leaks. I'm not talking about the IP leaks from webRTC / Javascript etc, or the DNS leaks due to the free version being more of a HTTP proxy than a real VPN service.

After I installed the 5.11 version from zenmate.com, I found that zenmate sends a custom X_HTTP header to every website you visit : X-Zm_Ff.

The header reveals you're using their VPN addon and which platform version ( Ff for Firefox ).

I asked on Twitter, but no one was able, or had the required attention span needed to give an actual answer to my question. https://twitter.com/NinjaSentry/status/601977233360584705

Could you please explain the purpose of this undocumented behaviour ?

in the file auth.js / line 18 : \extensions\firefox@zenmate.com\resources\zenmate\lib\auth.js

"return headers = [['X-Zm-Ff', 1, false], ['Proxy-Authorization', "Basic " + credentials, false]];"

For me, this behaviour contradict your claims on the main site. It's not completely "anonymous - untraceable, unidentifiable and secure", when you intentionally send a header that identifies your VPN addon is being used.

Also the font used in various parts of the gui is virtually unreadable. Hoping for a response.

This review is for a previous version of the add-on (4.1.7.1-signed). 

Twitter Link Expander

Twitter Link Expander Rated 5 out of 5 stars

Works flawlessly so far. This immediately made my twitter experience much more enjoyable, faster and a little safer.

Thanks Jitendra for your good work.

This review is for a previous version of the add-on (0.1.1-signed).