Should I Disable WebSocket Connection on My Web Browser (in terms of privacy)?
Considering disabling WebSocket connections for security reasons. Any experience or thoughts? Have you disabled WebSockets? Any notable issues or performance changes?
Websockets are often used for quality of life features like notifications and websites that are dynamic without needing to be refreshed. Almost went website with any kind of chat will use WS for example. Turning it off will make web browsing a little more annoying.
However websockets are also sometimes used for anti-fraud related software that can also leak information you may deem private. Disabling websockets might prevent that data from getting out but of course all this depends on your threat model.
Thank you
No, it is unnecessary, and it would break many auto updating websites, for example, if you use mail in web, then your mail provider has web sockets to get notifications from server to fetch you mail.
I generally would recommend to disable javascript , and have a whitelist for websites you trust (easily achievable by ublock, or no script). If they do not have js, most attack vectors are neutralised. If you can trust a website to run js, you can trust it to run web sockets.
Thanksalot my friend
I don’t trust reddit for running JS but if I disable it the website weouldn’t function correctly, is there a work around?
old reddit or libreddit (now redlib). If you browse without accout, that should be enough. If you have a account, I would still enable js only for old reddit and not reddit as whole.
Old reddit got renamed??? Why’d they do something to something they secretly wanna get rid of
no, libreddit ( a privacy frontend for reddit, third party) was renamed to redlib.
You say that you want to do this for “privacy” and “security” reasons. Those two are not the same. What is the exact use-case which you want to prevent?
Disabling WebSockets will cause some Websites not to work properly anymore. Especially such which rely on live updates without reloading the site (most common use-case for WebSockets).
Sorry about the confusion I am referring to “privacy”
Disabling WebSockets will cause some Websites not to work properly anymore. Especially such which rely on live updates without reloading the site (most common use-case for WebSockets).
I have disabled WebSockets for past 2 years without knowing it and in my memory only 3 sites wouldn’t work and I’m not sure it’s because I disabled websocket.
I am really confused why websites for instance outlook still function while websocket is disabled
They probably have a fall back to long polling or similar.
What privacy concerns do you want to address by disabling ws? It’s just another protocol that is more efficient for certain use cases. The information that can be sent via ws or normal http requests is the same, so from a privacy standpoint it doesn’t really make a difference.
thanks a lot!
