Random Html File Download Firefox
Aline Lanosga
I'm break-wording a container so that extremely long words won't overflow. While Chrome and Safari deal with this really well, it seems that Firefox and IE like to break words randomly - even short words, at the most ridiculous points. See the screenshots below:
Note: Math.random() does not provide cryptographically secure random numbers. Do not use them for anything related to security. Use the Web Crypto API instead, and more precisely the window.crypto.getRandomValues() method.
Note that as numbers in JavaScript are IEEE 754 floating point numbers with round-to-nearest-even behavior, the ranges claimed for the functions below (excluding the one for Math.random() itself) aren't exact. If extremely large bounds are chosen (253 or higher), it's possible in extremely rare cases to reach the usually-excluded upper bound.
This example returns a random integer between the specified values. The value is no lower than min (or the next integer greater than min if min isn't an integer), and is less than (but not equal to) max.
Note: It might be tempting to use Math.round() to accomplish that, but doing so would cause your random numbers to follow a non-uniform distribution, which may not be acceptable for your needs.
My firefox randomly downloaded a 0kb htm file labeled as "Np6iWVaj.htm" and i accidentally opened it. I scanned immediately for any virus using malwarebytes and found nothing. When I checked download manager, it said the files were from moz-safe-about resource. I already did a fresh reinstall of firefox, should I be worried about anything?
Hovering over any pre tag gives me 'The quick brown fox jumps over the lazy dog'. This is no where in the document or in my css file. I opened the same page on brave and nothing was there. I looked at another html file with firefox and it came up in the body tag. I even did a rip grep on all my repos to see if anywhere that phrase could come up and it did not. Where does it get this from when hovering?
Randomly testing APIs is especially helpful with parts of software thatexpose a well-defined interface (see also Well-definedbehavior and Safety). If this interface is additionally exposed tountrusted parties/content, then this is a strong sign that random APItesting would be worthwhile here, also for security reasons. APIs can beanything from C++ layer code to APIs offered in the browser.
A third way to test programs and in particular user interfaces is bydirectly interacting with the UI in a random way, typically incombination with other actions the program has to perform. Imagine forexample an automated browser that surfs through the web and randomlyperforms actions such as scrolling, zooming and clicking links. The nicething about this approach is that you likely find many issues that theend-user also experiences. However, this approach typically suffers frombad reproducibility (see also Reproducibility) and is thereforeoften of limited use.
One example where this is regularly used to find issues is the MozillaJavaScript engine: Running random programs with and without JITcompilation enabled finds lots of problems with the JIT implementation.One example for such a bug is Bug1404636.
Security researcher Amit Klein reported that itwas possible to reverse engineer the value used toseed Math.random(). Since the pseudo-random numbergenerator was only seeded once per browsing session, this seed valuecould be used as a unique token to identify and track users acrossdifferent web sites.
I wanted to do the same thing with Firefox and I've looked around the available extensions for Firefox but most of the ones I've seen completely change how the new tab page looks. What I want is to retain the original layout/features but just change the background image to a random one chosen from a pool of images that I specified. All the addons I see seem to be too complicated for the simple task that I want to happen. I'm not sure if I've just missed the ideal one by chance.
If you do want to randomize it, that may be possible with JavaScript in userChrome.js. I'm not familiar with the usage of such scripts. The general idea would be to number your images such as background1.jpg, background2.jpg, etc. and just get a random number in JavaScript. Then use that filename instead.
Math.random() will return a value between 0 and 1, so it is possible for it to return .9. If I multiply by 10 It is possible that my result will be 9, which is not between zero and nine, it IS 9, which should fail the test.
This function returns a Number value with positive sign, greater than or equal to +0? but strictly less than 1?, chosen randomly or pseudo randomly with approximately uniform distribution over that range, using an implementation-defined algorithm or strategy.
The below problem does not seem to be working with firefox on my system. I was able to use google chrome to get it completed. The html preview does not show in firefox, nor do the tests pass even with correct input.
I have been using ubuntu for a couple of years now and I have never seen something as strange as this happen before. I went on to test my internet speed and noticed in the bottom left, where it displays your ip address, it was showing an address registered in the Dominican Republic. I am certainly not there, in fact I am in Europe. When I refreshed the page, it showed a different address which still was definitely not mine. I then visited and the same thing happened. Every time I refreshed the page, a new ip address was shown. What is even more strange is this only happens in firefox. I am not running any VPN software or browsing through a proxy (I have checked my system settings and firefox's settings and proxies are disabled). This does not happen in QupZilla or on the text browser Lynx. It only happens on firefox running on ubuntu.
NOTE: As nice as it is to have a random IP address generated for me for every page I visit, it leads to very slow browsing and up to 500ms ping. The anonymity is simply not worth it and didmanage to get my real IP.
Rob has a good guide on how brave random fingerprinting works. The fingerprinting is randomized when the browser is completely closed (in the background too). I think only canvas and webgl are randomized for each browser session. Other data remains the same and is not randomized.
The website shows the same id in firefox and chrome. I have the same version of brave 2 times on the same pc and it shows different IDs. So the javascript must be using something that is unique in the browser data
@Nurep Thanks for clarifying(though it is still a privacy issue nevertheless). These flags in ungoogled chromium help in randomizing the vistor ids of that site( in case the brave devs want to implement it).
Screenshot 2021-12-29 19334119181015 87.4 KB
Finally, i just want to note that the above is in addition to browser features we modify to remove or reduce fingerprinting information (though w/o randomization). These include (off the top of my head) APIs related to WebXR, WebGL, WebAudio, Dark mode detection, Network Information API, among others
every 30 seconds or so my mac will download files with extension names like 73982ad.html and other 5 digit number combos followed by "ad". Is this a virus? How do I make it stop? I delete the files as soon as I see them, but I'm worried it's something bigger.
And are you always visiting the same site when this happens? Are the files always .html files? Where do the files come from? (Select one, choose File -> Get Info and see the Where From information.) More details would be required if you want an answer.
Mine has been doing this for the past week too. I've tried deleting all the files that download but they come back 1 minute later. I've also tried deleting all my downloads from the past 2 months and have wiped all cookies, but they are still downloading. I usually use safari but tried switching to firefox and that hasn't made a difference either. On average I'd say I get about 20-30 of those .html files downloading randomly per day. I did the get info as you suggested Thomas and it has come from:
I'm talking about incompatibility with apps like this one: -keyboard.html which is used by a lot of people in my region. ESET is not compatible with this app. An ESET staff on this forum told me that ESET will work to make it compatible but that was a while ago. Nothing has changed so far. I think ESET should add apps like this to the incompatible list.
Allthe most popular web browsers (i.e. Chrome, Firefox, and Edge) use the samealgorithm to generate pseudo-random numbers: XorShift128+. In the next part ofthe text, however, I will refer only to the implementation from Firefox, due tothe fact that in my opinion, it is the most readable.
35fe9a5643