I recently saw the website called squareX.
Is it safe to use and did anyone use this? Any insights/ opinions would be great.

Here’s a post in Techlore Discussions that is pretty interesting, I would say.

I looked at this, and “absurd” doesn’t begin to describe how full of shit this SquareX service is.

  1. It’s a browser extension; You ideally want as few browser extensions as possible to reduce your attack surface and avoid fingerprinting.
  2. Said extension is proprietary, they do not mention anything about source code availability or link to any git repos.
  3. Reviews say bullshit like “You don’t need TOR or any other VPN if you have this simple chrome extension.” and “Not only providing a VPN like access to protect user’s privacy…” and also have horrible grammar. This kind of talk is trying to imply you can trust this single entity to handle many aspects of your privacy and security for you. People already can feel iffy about using Proton’s ecosystem for email, storage, VPN, password management etc, and this random startup is supposed to be any more trustworthy?
  4. This all just appears to operate the same as NetworkChuck’s “cloud browser,” which on its own is a dumb idea. You’re just browsing stuff through someone else’s computer. You really want to log into accounts or do other personal activities through their servers? They use this kind of thing to reassure users that there is no need to think about what they click or download because ‘we do the work for you,’ which is a horrifyingly dangerous mindset to promote.
    They also make other ridiculous claims like working on a product that that offers “zero worries about zero days” and protection against bad USBs. We already have threat hunting in the cybersecurity industry, people who get paid to actively seek out dangerous and previously-unknown exploits. Their job does involves a lot more than downloading a shady browser extension.
    Protections against bad USB attacks would mean logging keystrokes or keystroke patterns to detect them, which is even more invasive than many antimalware programs. And I am damn sure they would be collecting that kind information.
  5. It requires registering for an account with an email anyway.
  6. Their privacy policy starts with “We take your privacy very seriously,” and then proceeds to list all the ways they can collect data like your email, name, other personal information, and that they can share it with “business partners” and use said information for “marketing purposes”.

I have seen this company posted online a lot. Can you remember where you saw it exactly? Is it ads or what? I actually joined this forum because I was curious about this myself… I saw it on a Security Blog.

Thank you for posting.

If you just want to scan a website and see what it looks like before opening it you can always use radar.cloudflare.com/scan. Works well enough and gives you enough information I think.

I saw it in a YouTube video, I don’t exactly remember the channel name but it’s some security-related channel only. I felt that it was a paid promotion video so I thought of asking here before I started using it.