0.0.0.0 Day

[git70]

Does this add-on mitigate the 0.0.0.0 Day issue?

[Mikaela]

Considering the silence and #19 I would be surprised if the extension did anything positive

[git70]

@Mikaela Thanks for the info!

I use Firefox
I'm wondering if:

1. switch to https://github.com/ACK-J/Port_Authority but I don't know if the problem exists here too 0.0.0.0 Day ACK-J/Port_Authority#38
2. stick with uBO only, which has its built-in "Block Outsider Intrusion into LAN" list

What do you think?

[Mikaela]

I am not capable of auditing extensions, but I think one cannot get far wrong by using uBlock Origin especially if the list you mentioned contains the problematic 0.0.0.0 and the IPv6 variants :: and ::0.

[mwsundberg]

I've been contributing to Port Authority some and while it's a great extension, you're really best off sticking with uBlock Origin's LAN blocking list.

The community maintaining uBlock Origin filter lists is much much bigger (and consequently faster to fix issues), and their internal extension architecture means that they don't need to push a full update through Mozilla vetting just to add a domain to their blocklists, they can be live updated (I think daily if not faster).
Port Authority on the other hand is fully self contained with a hard-coded blocklist, instead of fetching it from a remote server like uBlock does. It has a much smaller code base to audit, and guaranteed consistent behavior if automatic updates are disabled (though don't do that, that's just the extreme paranoia approach). This comes at the cost of needing an extension update pushed through the Add-On store for every tweak to the block-list, and a much smaller, slower development cycle due to the smaller dev community (I think there are 2 of us, maybe 3?). If you have reasons not to use uBlock Origin it's a good choice to cover specifically the LAN safety issue, but it doesn't do much beyond that.

In short, uBlock Origin plus the LAN list is the best bet if you already have it installed (and if you aren't using uBlock what are you even doing), while Port Authority does one thing only but does it well (that thing being blocking LAN access like 0.0.0.0).