- >Third-Party Data Processors
->Your Secure and Service data are held by third party data processors, who provide us with hosting and other infrastructure services. The locations of these are described above. In many cases (but we cannot promise that this will always be the case) even Service data held by these entities is encrypted with keys held only by us.
->Data needed to process payments is collected by our payment processor, Stripe, Inc., which conforms to a U.S.-E.U. Privacy Shield Framework. See https://stripe.com/privacy-shield-policy
+
+
+
+
+ 1Password - Spyware Watchdog
+
+
-
-
-
- This article was created on 6/16/2018
-
-
- This article was last edited on 6/16/2018
-
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
+ This article is a stub and still needs to be written. If you want to
+ write it, email me so I dont duplicate effort.
+ https://1password.com/legal/privacy/
+ https://www.macworld.com/article/2996213/security/1password-is-still-secure-but-you-can-reduce-a-potential-risk.html
+ https://paul.reviews/privacy-password-managers-a-reality-check/
+ >Third-Party Data Processors >Your Secure and Service data are held by
+ third party data processors, who provide us with hosting and other
+ infrastructure services. The locations of these are described above.
+ In many cases (but we cannot promise that this will always be the
+ case) even Service data held by these entities is encrypted with keys
+ held only by us. >Data needed to process payments is collected by our
+ payment processor, Stripe, Inc., which conforms to a U.S.-E.U. Privacy
+ Shield Framework. See https://stripe.com/privacy-shield-policy
+
UNFINISHED ARTICLE - UNDER CONSTRUCTION - BAD FORMATTING
-
-Advanced Micro Devices, Inc. is an American multinational semiconductor company based in Santa Clara, California, that develops computer processors and related technologies for business and consumer markets. This article is specifically about the CPU's that are produced by AMD and nothing else. The logo is one of many logos used by AMD, but the
-article is not about any one specific CPU. No rating is given because this is not an article about any specific product, and the rating system is difficult to fit into this
-article.
-
-
- Modern CPU models produced by AMD contain an embedded ARM co-processor called the Platform Security Processor (PSP). Nearly all AMD CPU's produced since 2013 operate under the supervision of this separate, more privileged, environment consisting of an integrated ARM processor with access to isolated resources as well as main system memory and I/O.
- [1]
-
-
-This article isn't complete. This is a work-in-progress and so this article is not formatted properly..
-
While ARM and AMD tout the “Trusted Execution Environment” as useful for secure payment, anti-theft and malware protection, they also discuss content protection or DRM as a use case. https://www.owasp.o../images/c/c8/OWASP_Security_Tapas_-_TrustZone%2C_TEE_and_Mobile_Security_final.pdf
-
Possible uses … DRM
-
- Researchers have already been able to identify exploits in AMD’s Platform Security Processor. In 2018 researchers published a vulnerability in which a specially crafted certificate could lead to a stack overflow in the PSP’s TPM firmware allowing for remote code execution. (https://seclists.org/fulldisclosure/2018/Jan/12) Another group goes on to detail how an attacker might leverage exploits RYZENFALL or FALLOUT to gain foothold in networks with Ryzen based systems. (https://www.techpowerup.com/242386/cts-labs-responds-to-a-techpowerup-technical-questionnaire)
-
-
-
Please note that Family 16h and
-
-Family 15h-Models60h and later contain a PSP
Jaguar (the only 16h family CPU that does NOT have PSP): http://support.amd.com/TechDocs/52128_16h_Software_Opt_Guide.zip (page 8) https://en.wikipedia.org/wiki/Puma_(microarchitecture)#Improvements_over_Jaguar
-
All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)
-
All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
+ UNFINISHED ARTICLE - UNDER CONSTRUCTION - BAD FORMATTING
+
+
+
AMD CPU Family
+
+ This part of the article should have the name of the program and what
+ it does, and who develops it.
+
+
+ Advanced Micro Devices, Inc. is an American multinational
+ semiconductor company based in Santa Clara, California, that develops
+ computer processors and related technologies for business and consumer
+ markets. This article is specifically about the CPU's that are
+ produced by AMD and nothing else. The logo is one of many logos used
+ by AMD, but the article is not about any one specific CPU.
+ No rating is given because this is not an article about any
+ specific product, and the rating system is difficult to fit into this
+ article.
+
+
+ Modern CPU models produced by AMD contain an embedded ARM co-processor
+ called the Platform Security Processor (PSP). Nearly all AMD CPU's
+ produced since 2013 operate under the supervision of this separate,
+ more privileged, environment consisting of an integrated ARM processor
+ with access to isolated resources as well as main system memory and
+ I/O.
+ [1]
+
+
+ This article isn't complete. This is a work-in-progress and so this
+ article is not formatted properly..
+
+ While ARM and AMD tout the “Trusted Execution Environment” as useful
+ for secure payment, anti-theft and malware protection, they also
+ discuss content protection or DRM as a use case.
+ https://www.owasp.o../images/c/c8/OWASP_Security_Tapas_-_TrustZone%2C_TEE_and_Mobile_Security_final.pdf
+
+
Possible uses … DRM
+
+ Researchers have already been able to identify exploits in AMD’s
+ Platform Security Processor. In 2018 researchers published a
+ vulnerability in which a specially crafted certificate could lead to a
+ stack overflow in the PSP’s TPM firmware allowing for remote code
+ execution. (https://seclists.org/fulldisclosure/2018/Jan/12) Another
+ group goes on to detail how an attacker might leverage exploits
+ RYZENFALL or FALLOUT to gain foothold in networks with Ryzen based
+ systems.
+ (https://www.techpowerup.com/242386/cts-labs-responds-to-a-techpowerup-technical-questionnaire)
+
+
+
+ Please note that Family 16h and Family 15h-Models60h and later contain
+ a PSP
+
+ Jaguar (the only 16h family CPU that does NOT have PSP):
+ http://support.amd.com/TechDocs/52128_16h_Software_Opt_Guide.zip
+ (page 8)
+ https://en.wikipedia.org/wiki/Puma_(microarchitecture)#Improvements_over_Jaguar
+
+
+ All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)
+
+
+ All K5-K10, Bobcat, Bulldozer (“BDv1”) and Piledriver (“BDv2”)
+
-Bing is a search engine created and owned by Microsoft.
-
-
Spyware Level: EXTREMELY HIGH
-
- Bing is yet another spyware search engine that collects your information and sells it to advertisers. It's strongly recommended that you
- do not use Bing.
-
-
- At some point Bing had a privacy policy, but Microsoft doesnt seem to be hosting it anymore. So, this article will look at the
- Microsoft Privacy Statement[1] to help us understand what information Bing collects.
- Similarly to the privacy policies of Google and Apple, the Microsoft privacy statement eclipses the entire spyware platform and does not help you understand
- in great detail what kind of information one single program could be collecting. (although this policy is more specific)
-
+ This part of the article should have the name of the program and what
+ it does, and who develops it.
+
+
Spyware Level: EXTREMELY HIGH
+
+ Bing is yet another spyware search engine that collects your
+ information and sells it to advertisers. It's strongly recommended
+ that you do not use Bing.
+
+
+ At some point Bing had a privacy policy, but Microsoft doesnt seem to
+ be hosting it anymore. So, this article will look at the Microsoft
+ Privacy Statement[1] to help us
+ understand what information Bing collects. Similarly to the privacy
+ policies of Google and Apple, the Microsoft privacy statement eclipses
+ the entire spyware platform and does not help you understand in great
+ detail what kind of information one single program could be
+ collecting. (although this policy is more specific)
+
- "Microsoft collects data from you, through our interactions with you and through our products for a variety of purposes described
- below...You provide some of this data directly, such as when you...submit a search query to Bing"
-
Later in the Interactions -> Device and usage data section of this statement, it is clarified again that Microsoft collects your:
- "Browse History. Data about the web pages you visit.", as well as your: "Images. Images and related information, such as
- picture metadata. For example, we collect the image you provide when you use a Bing image-enabled service."
+
+
+ "Microsoft collects data from you, through our interactions with you
+ and through our products for a variety of purposes described
+ below...You provide some of this data directly, such as when
+ you...submit a search query to Bing"
+
+
-
Microsoft claims to store this information for an unlimited amount of time, but it claims that it will eventually anonymize this information
- in a process that takes 18 months to complete.
+
+ Later in the Interactions -> Device and usage data section of this
+ statement, it is clarified again that Microsoft collects your:
+ "Browse History. Data about the web pages you visit.", as well
+ as your:
+ "Images. Images and related information, such as picture metadata.
+ For example, we collect the image you provide when you use a Bing
+ image-enabled service."
+
-
- "Has Microsoft adopted and announced a specific retention period for a certain data type? For example, for Bing search queries, we de-identify
- stored queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers after 18 months. "
-
+
+ Microsoft claims to store this information for an unlimited amount of
+ time, but it claims that it will eventually anonymize this information
+ in a process that takes 18 months to complete.
+
+
-
Bing uses your search history to profile you for advertising
+
+
+ "Has Microsoft adopted and announced a specific retention period for
+ a certain data type? For example, for Bing search queries, we
+ de-identify stored queries by removing the entirety of the IP
+ address after 6 months, and cookie IDs and other cross-session
+ identifiers after 18 months. "
+
+
- "Microsoft may use data we collect to select and deliver some of the ads you see on Microsoft web properties, such as Microsoft.com, MSN and Bing."
-
-
- So since your search history is part of the "data we collect", the natrual conclusion is that, your search queiries are being used to profile you for
- advertising. And of course, this is confirmed in this section:
-
+
Bing uses your search history to profile you for advertising
-
- "The ads that you see may be selected based on data we process about you, such as your interests and favorites, your location, your transactions, how
- you use our products, your search queries , or the content you view. For example, if you view content on MSN about automobiles, we may show advertisements
- about cars; if you search “pizza places in Seattle” on Bing, you may see advertisements in your search results for restaurants in Seattle."
-
+
+ "Microsoft may use data we collect to select and deliver some of the
+ ads you see on Microsoft web properties, such as Microsoft.com, MSN
+ and Bing."
+
+
+
+ So since your search history is part of the "data we collect", the
+ natrual conclusion is that, your search queiries are being used to
+ profile you for advertising. And of course, this is confirmed in this
+ section:
+
-
Bing sells your search history to other spyware platforms
+
+
+ "The ads that you see may be selected based on data we process about
+ you, such as your interests and favorites, your location, your
+ transactions, how you use our products,
+
+ your search queries
+
+ , or the content you view. For example, if you view content on MSN
+ about automobiles, we may show advertisements about cars; if you
+ search “pizza places in Seattle” on Bing, you may see advertisements
+ in your search results for restaurants in Seattle."
+
+
- "We may share data we collect with third parties, such as Oath, AppNexus, or Facebook (see below), so that the ads you see in our products,
- their products, or other sites and apps serviced by these partners are more relevant and valuable to you. "
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
+
+ "We may share data we collect with third parties, such as Oath,
+ AppNexus, or Facebook (see below), so that the ads you see in our
+ products, their products, or other sites and apps serviced by these
+ partners are more relevant and valuable to you. "
+
+
Note: This article is outdated. I will try to update it soon.
-
-
- Brave Browser is a Chromium fork with many interesting features not found elsewhere, such as built-in Adblock and other extensions, fingerprinting protection, cleaner Preferences menu than other Chrome forks, and the (opt-in) ability to automatically support (pay) the websites you visit. The developers describe it as "A browser with your interests at heart."[1] With the built-in privacy protections, some would seem to agree with that. Let's see how it stacks up when we take everything into account.
-
-
Spyware Level: High
-
- Auto-updates that can be turned off only by hacky workarounds. Google as default search engine. Analytics on Brave's home page. Two other requests made at each start of Brave. Whitelisting spyware from Facebook and Twitter.[5] Has some decent privacy protections built in, but uMatrix is still better. Some privacy features are there by default, but, it's still trying to work with advertisers (same as Mozilla did with their Sponsored Tiles). Despite claiming to be "A browser with your interests at heart."[1], it has Google as default search engine, as well as shitty forced updates. Anyway, despite the privacy protections, you should stay away from this browser - it seems to have a "mission" to switch the internet to its version of "user-respecting" ads, (we know how that turned out for Mozilla), and that's slimy and suspicious. Beyond that it has repeatedly shown itself to be dishonest and disingenuous about what it's mission and goals and operations are.
-
-
Whitelisting spyware from Facebook and Twitter
-
- On it's website, Brave claims that "Brave fights malware and prevents tracking, keeping your information safe and secure. It’s our top priority."[6]. Yet despite this claim, Brave actually disables its tracking protections for Facebook and Twitter's spyware
- scripts that allow them to track people across the web.[5] Brave's spyware protections, and any claims that it makes to work in the interests of
- it's users, cannot be taken seriously. Brave is actively working against its users while lying to them about
- supposed privacy protections that it offers. This problem becomes even more serious when you take into account Brave's response to this situation:
-
-
- "Loading a script from an edge-cache does not track a user without third-party cookies or equivalent browser-local storage, which Brave always blocks and always will block. In other words, sending requests and receiving responses without cookies or other means of identifying users does not necessarily create a tracking threat."
- [7]
-
- This statement is just, completely wrong. Just because a website isn't able to store cookies, does not mean that it cannot uniquely identify you. Executing JavaScript spyware from Facebook and Twitter is more than enough. Blocking cookies is not going to stop them from tracking you. This isn't even information that is difficult to verify. There are many websites that you can visit right now, to see just how much information a JavaScript program designed to track you can get.
-
- Brave will check for updates every time you run it, and you CANNOT turn it off (except through fiddling with DNS and such) ! What is the devs' answer? From their GitHub page[2]:
+ Note: This article is outdated. I will try to update it soon.
+
+
+
+ Brave Browser is a Chromium fork with many interesting features not
+ found elsewhere, such as built-in Adblock and other extensions,
+ fingerprinting protection, cleaner Preferences menu than other Chrome
+ forks, and the (opt-in) ability to automatically support (pay) the
+ websites you visit. The developers describe it as
+ "A browser with your interests at heart."[1] With the built-in privacy
+ protections, some would seem to agree with that. Let's see how it
+ stacks up when we take everything into account.
+
+
Spyware Level: High
+
+ Auto-updates that can be turned off only by hacky workarounds.
+ Google as default search engine.
+ Analytics on Brave's home page. Two other requests made at each start
+ of Brave. Whitelisting spyware from Facebook and Twitter.[5]
+ Has some decent privacy protections built in, but uMatrix is still
+ better. Some privacy features are there by default, but, it's still
+ trying to work with advertisers (same as Mozilla did with their
+ Sponsored Tiles). Despite claiming to be
+ "A browser with your interests at heart."[1], it has Google as default
+ search engine, as well as shitty forced updates. Anyway, despite the
+ privacy protections, you should stay away from this browser - it seems
+ to have a "mission" to switch the internet to its version of
+ "user-respecting" ads, (we know how that turned out for Mozilla), and
+ that's slimy and suspicious. Beyond that it has repeatedly shown
+ itself to be dishonest and disingenuous about what it's mission and
+ goals and operations are.
+
+
Whitelisting spyware from Facebook and Twitter
+
+ On it's website, Brave claims that
+ "Brave fights malware and prevents tracking, keeping your
+ information safe and secure. It’s our top priority."[6]. Yet despite this claim, Brave actually
+ disables its tracking protections for
+ Facebook and Twitter's spyware scripts that allow them to track people
+ across the web.[5] Brave's spyware
+ protections, and any claims that it makes to work in the interests of
+ it's users,
+ cannot be taken seriously. Brave is
+ actively working
+ against its users while lying to them
+ about supposed privacy protections that it offers. This problem
+ becomes even more serious when you take into account Brave's response
+ to this situation:
+
+
+
+ "Loading a script from an edge-cache does not track a user without
+ third-party cookies or equivalent browser-local storage, which Brave
+ always blocks and always will block. In other words, sending
+ requests and receiving responses without cookies or other means of
+ identifying users does not necessarily create a tracking threat."
+
+
+ [7]
+
+
+
+ This statement is just,
+
+ completely wrong
+
+ . Just because a website isn't able to store cookies, does not mean
+ that it cannot uniquely identify you. Executing JavaScript spyware
+ from Facebook and Twitter is
+
+ more than enough.
+
+ Blocking cookies is not going to stop them from tracking you. This
+ isn't even information that is difficult to verify. There are many
+ websites that you can visit right now, to see just how much
+ information a JavaScript program designed to track you can get.
+
+ Brave will check for updates every time you run it, and you CANNOT
+ turn it off (except through fiddling with DNS and such) ! What is the
+ devs' answer? From their GitHub page
+ [2]:
+
-
"We don't plan on adding in UI to disable updates, but users can easily adjust environment variables if they really want to put themselves at risk."
+
+
+ "We don't plan on adding in UI to disable updates, but users can
+ easily adjust environment variables if they really want to put
+ themselves at risk."
+
+
-
and
+
and
-
"i feel that being able to figure out how to do this is a sufficiently high bar for users who want to turn off autoupdating (to prove they know what they're doing and understand the security implications)"
+
+
+ "i feel that being able to figure out how to do this is a
+ sufficiently high bar for users who want to turn off autoupdating
+ (to prove they know what they're doing and understand the security
+ implications)"
+
+
-
So according to the devs, you have to hunt down random internet comments to be able to disable auto-updating. Brave will also update what looks like the list of its "partners" every time you run it. Extensions are also updated often.
-
+
+ So according to the devs, you have to hunt down random internet
+ comments to be able to disable auto-updating. Brave will also update
+ what looks like the list of its "partners" every time you run it.
+ Extensions are also updated often.
+
+
-
Anti-privacy search engine by default
-
- Google is the default search engine of Brave, and the issues with it are well known and would take a book to describe them all.
-
+
Anti-privacy search engine by default
+
+ Google
+ is the default search engine of Brave, and the issues with it are well
+ known and would take a book to describe them all.
+
-
Brave's start page contains analytics
-
- Brave will connect to its home page, https://brave.com, automatically on the first run of Brave, and that page contains Piwik's analytics scripts. This is the full request: It will also make a connection to Google to download some fonts. You can disable these on subsequent runs by changing the start page.
-
-
Crash reports
-
Enabled by default, but can be disabled from the preferences menu.
-
Other requests
-
Brave will make a connection to this site every time it is started up: It probably has something to do with their project of working with advertisers to provide more relevant targeted ads, which sounds pretty disgusting, but can be turned off ("Notify me about token promotions"). You can read more about it here[3].It will also make this request which downloads the rulesets for HTTPS Everywhere:
-
Brave's privacy protections
-
Brave Browser also contains in-built privacy protections such as HTTPS Everywhere, AdBlock, cookie blocking, script blocking, and fingerprinting protections - that are configurable site by site. This is commendable of course, but in the end, uMatrix outclasses them. Trackers, for example, easily avoid pure AdBlock (so you will be tracked by Facebook and such), and binary script blocking breaks sites. Nice effort on Brave's part though, and the fingerprinting protection I don't think is found in any other browser (but I didn't confirm if it actually works).
-
-
-
-
Credits
-
- This article was written by digdeeper.neocities.org
- Formatting changes were done by the site maintainer.
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
+ Brave will connect to its home page, https://brave.com, automatically
+ on the first run of Brave, and that page contains Piwik's analytics
+ scripts. This is the full request:
+
+ It will also make a connection to Google to download some fonts. You
+ can disable these on subsequent runs by changing the start page.
+
+
Crash reports
+
+ Enabled by default, but can be disabled from the preferences menu.
+
+
Other requests
+
+ Brave will make a connection to this site every time it is started up:
+
+ It probably has something to do with their project of working with
+ advertisers to provide more relevant targeted ads, which sounds pretty
+ disgusting, but can be turned off ("Notify me about token
+ promotions"). You can read more about it here
+ [3]
+ .It will also make this request which downloads the rulesets for HTTPS
+ Everywhere:
+
+
+
Brave's privacy protections
+
+ Brave Browser also contains in-built privacy protections such as HTTPS
+ Everywhere, AdBlock, cookie blocking, script blocking, and
+ fingerprinting protections - that are configurable site by site. This
+ is commendable of course, but in the end, uMatrix outclasses them.
+ Trackers, for example, easily avoid pure AdBlock (so you will be
+ tracked by Facebook and such), and binary script blocking breaks
+ sites. Nice effort on Brave's part though, and the fingerprinting
+ protection I don't think is found in any other browser (but I didn't
+ confirm if it actually works).
+
+
+
+
+
-
\ No newline at end of file
+
diff --git a/articles/browsers.html b/articles/browsers.html
index 536a616..257d8f7 100644
--- a/articles/browsers.html
+++ b/articles/browsers.html
@@ -1,142 +1,302 @@
-
-
-
-
-
- Comparison between web browsers - Spyware Watchdog
-
-
-
-
Comparison between web browsers
-
-This purpose of this article is not to rate each web browser in a vaccum, like articles on this website that focus on one specific web browser, but rather to compare all of the
-web browsers that have been rated on this website against each other. This is a ranking that is based on how much Pirvacy a browser offers by default, as well as, how
-much privacy can be gained by configuring it.
-
-
Top Tier - Best Privacy
-
- These are all browsers that require a minimal amount of configuration and can achive the required level of privacy needed to browse the modern web- compatibility with a
- comperhensive suite of content-blocking extensions that can block spyware providers correctly and fully. Iridium and Pale Moon both are configured in a way that leaks
- user information and thus require additional configuration.
-
- These browsers do not have privacy issues, but they also do not have enough privacy features to make it to the highest tier. These browsers both have simple ad-blockers, and
- do not have any privacy issues, however, these tools are not as good as the comperhensive privacy tools that Top Tier browsers offer.
-
-
-
-
-
+
+
+
+
+ Comparison between web browsers - Spyware Watchdog
+
+
-
-
-
- These browsers do not have any big privacy flaws, but they also do not have sufficent privacy protections. Qutebrowser has a very basic adblocker in it. Both browsers don't
- have access to extensions either. So, it's just not enough to be able to browse the modern web privately, despite the developers not putting spyware into their browsers.
-
- These browsers do not protect your privacy, but they are not in the lowest tier since they still have something to offer, although, they should not be used in general.
-Vivaldi does not let you disable all of the spyware features, Brave whitelists trackers and has forced updates, and Firefox and Waterfox are loaded with spyware, to the point
-where configuring them is so non-trivial that you might as well use a version of Firefox that respects your privacy
-by default, rather than diving into the uncertainty of digging out all of the spyware features (and repeating the process every time the browser is updated). It's awalys
-going to be better to pick a browser higher on this list.
-
- These browsers are unashamedly designed to collect as much information about the user as possible (all are rated EXTREMELY HIGH by the site). Only SRWare Iron has it's source code availible, and all the developers have mistreated their users (complete disregard for privacy and / or false advertising) for a long time. These browsers are actively hostile against their users and thus should not be used at all.
-
- This isn't the only guide on what web browser to pick, with an emphasis on privacy, to exist, and many other people,
- with their own knowlege and prespectives, have written their own guides. It would be a waste to only read one guide
- to make your decision, so, you should probably read a few more, these are some good ones.
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
+ This purpose of this article is not to rate each web browser in a
+ vaccum, like articles on this website that focus on one specific web
+ browser, but rather to compare all of the web browsers that have been
+ rated on this website against each other. This is a ranking that is
+ based on how much Pirvacy a browser offers by default, as well as, how
+ much privacy can be gained by configuring it.
+
+
Top Tier - Best Privacy
+
+ These are all browsers that require a minimal amount of configuration
+ and can achive the required level of privacy needed to browse the
+ modern web- compatibility with a comperhensive suite of
+ content-blocking extensions that can block spyware providers correctly
+ and fully. Iridium and Pale Moon both are configured in a way that
+ leaks user information and thus require additional configuration.
+
+ These browsers do not have privacy issues, but they also do not have
+ enough privacy features to make it to the highest tier. These browsers
+ both have simple ad-blockers, and do not have any privacy issues,
+ however, these tools are not as good as the comperhensive privacy
+ tools that Top Tier browsers offer.
+
+ These browsers do not have any big privacy flaws, but they also do not
+ have sufficent privacy protections. Qutebrowser has a very basic
+ adblocker in it. Both browsers don't have access to extensions either.
+ So, it's just not enough to be able to browse the modern web
+ privately, despite the developers not putting spyware into their
+ browsers.
+
+ These browsers do not protect your privacy, but they are not in the
+ lowest tier since they still have something to offer, although, they
+ should not be used in general. Vivaldi does not let you disable all of
+ the spyware features, Brave whitelists trackers and has forced
+ updates, and Firefox and Waterfox are loaded with spyware, to the
+ point where configuring them is so
+ non-trivial that you
+ might as well use a version of Firefox that respects your privacy
+ by default, rather than diving into the uncertainty of digging
+ out all of the spyware features (and repeating the process every time
+ the browser is updated). It's awalys going to be better to pick a
+ browser higher on this list.
+
+ These browsers are unashamedly designed to collect as much information
+ about the user as possible (all are rated EXTREMELY HIGH by the site).
+ Only SRWare Iron has it's source code availible, and all the
+ developers have mistreated their users (complete disregard for privacy
+ and / or false advertising) for a long time. These browsers are
+ actively hostile against their users and thus should not be used at
+ all.
+
-CCleaner, developed by Piriform, is a utility program used to clean potentially unwanted files and invalid Windows Registry entries from a computer.
-
-
Spyware Level: EXTREMELY HIGH
-
-CCleaner is spyware that collects your personal information to advertise to you. It also sells your information to third parties so that they can advertise to you.
-It collects a huge amount of very personal information, like your physical location. CCleaner uses the technique of privacy policy obfusication
-where it provides one privacy policy for every single product its company offers, making it more difficult to know what parts of the privacy policy apply to which program.
-
-
CCleaner collects and sells user information to advertisers
-
- CCleaner clearly shows in its privacy settings that it is collecting information about your comptuer and selling that information to
- advertisers:
-
CCleaner tracks a huge amount of personal information
-
- If we look at the privacy policy, we can see that CCleaner reports the following[3]:
-
-
-
IP Address
-
Unique User ID
-
Operating System
-
Other Avast Products installed
-
physical location
-
-
- Beyond this, CCleaner is integrated with the following spyware platforms, which all collect their own sets of information:
-
-
-
Google Analytics
-
Logentries
-
-
- It would be very time consuming to go through all of those privacy policies (especially because many of these are obfusicated), but it should be
- enough to understand that CCleaner is full of third party spyware, as well as first party spyware.
-
- "When we collect your email address, we may market our other products and services to you. You may choose to unsubscribe from future email marketing by following the instructions in the email."
-
-
-
CCleaner tracks your physical location
-
- According to the privacy policy, the ccleaner website tries to track your physical location.[3]
-
-
- "Our websites use cookies to acquire data that may be used to determine your physical location via your Internet Protocol address (“IP Address”) and automated geolocation techniques, or to acquire basic information about the computer, tablet, or mobile phone that you use to visit us."
-
-
- "location data" is also mentioned when talking about the information that ccleaner itself collects about it's users.
-
-
Past Security Flaws
-
-In the past, CCleaner has been compromised and backdoors have been added to it.[1]
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
+ CCleaner, developed by Piriform, is a utility program used to clean
+ potentially unwanted files and invalid Windows Registry entries from a
+ computer.
+
+
Spyware Level: EXTREMELY HIGH
+
+ CCleaner is spyware that collects your personal information to
+ advertise to you. It also sells your information to third parties so
+ that they can advertise to you. It collects a huge amount of very
+ personal information, like your
+ physical location. CCleaner uses the
+ technique of privacy policy obfusication where it provides one privacy
+ policy for every single product its company offers, making it more
+ difficult to know what parts of the privacy policy apply to which
+ program.
+
+
CCleaner collects and sells user information to advertisers
+
+ CCleaner clearly shows in its privacy settings that it is collecting
+ information about your comptuer and selling that information to
+ advertisers:
+
CCleaner tracks a huge amount of personal information
+
+ If we look at the privacy policy, we can see that CCleaner reports the
+ following[3]:
+
+
+
IP Address
+
Unique User ID
+
Operating System
+
Other Avast Products installed
+
+ physical location
+
+
+
+
+ Beyond this, CCleaner is integrated with the following spyware
+ platforms, which all collect their own sets of information:
+
+
+
Google Analytics
+
Logentries
+
+
+
+ It would be very time consuming to go through all of those privacy
+ policies (especially because many of these are obfusicated), but it
+ should be enough to understand that CCleaner is full of third party
+ spyware, as well as first party spyware.
+
+
+ "When we collect your email address, we may market our other
+ products and services to you. You may choose to unsubscribe from
+ future email marketing by following the instructions in the email."
+
+
+
CCleaner tracks your physical location
+
+ According to the privacy policy, the ccleaner website tries to track
+ your physical location.[3]
+
+
+
+ "Our websites use cookies to acquire data that may be used to
+ determine your physical location via your Internet Protocol address
+ (“IP Address”) and automated geolocation techniques, or to acquire
+ basic information about the computer, tablet, or mobile phone that
+ you use to visit us."
+
+
+
+ "location data" is also mentioned when talking about the
+ information that ccleaner itself collects about it's users.
+
+
Past Security Flaws
+
+ In the past, CCleaner has been compromised and backdoors have been
+ added to it.[1]
+
- CDex is an Open Source Digital Audio CD Extractor.
-
-
Spyware Level: Low
-
- CDex's installer bundles it with spyware, and it will randomly suggest a spyware program to the user, with a chance to opt-out.
- Usually it attempts to bundle itself with the webdiscover browser and one time I got it to try and offer me an antivirus program, but
- I wasn't able to reproduce this. The program was tested on Windows 7 32-bit with Microsoft Network Monitor 3.4 and Wireshark 2.6.2.
- The version of the program tested was 2.06. It did not make any connections to the internet that my
- tests were able to find. To test the program I ripped the audio files out of a CD with both network monitoring programs open.
-
-
Bundling with spyware
-
- CDex attempts to bundle it self with the WebDiscover web browser. This is an Opt-out and not an Opt-in like it should be.
- This program is spyware, because according to it's privacy policy[1], it collects information about it's users.
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
+ CDex is an Open Source Digital Audio CD Extractor.
+
+
Spyware Level: Low
+
+ CDex's installer bundles it with spyware, and it will randomly suggest
+ a spyware program to the user, with a chance to opt-out. Usually it
+ attempts to bundle itself with the webdiscover browser and one time I
+ got it to try and offer me an antivirus program, but I wasn't able to
+ reproduce this. The program was tested on Windows 7 32-bit with
+ Microsoft Network Monitor 3.4 and Wireshark 2.6.2. The version of the
+ program tested was 2.06.
+ It did not make any connections to the internet
+ that my tests were able to find. To test the program I ripped the
+ audio files out of a CD with both network monitoring programs open.
+
+
Bundling with spyware
+
+ CDex attempts to bundle it self with the
+ WebDiscover web browser.
+ This is an Opt-out and not an Opt-in like it should be. This program
+ is spyware, because according to it's privacy policy[1], it collects information about it's users.
+
+
+
+
+
+
-
\ No newline at end of file
+
diff --git a/articles/chrome_es.html b/articles/chrome_es.html
index a217fc1..ac3efe7 100644
--- a/articles/chrome_es.html
+++ b/articles/chrome_es.html
@@ -1,3 +1,4 @@
+
diff --git a/articles/discord.html b/articles/discord.html
index dccd257..e941865 100644
--- a/articles/discord.html
+++ b/articles/discord.html
@@ -1,244 +1,418 @@
-
-
-
-
-
+
+
+
+
Discord - Spyware Watchdog
+
+
-
-
-Discord is an instant messaging application for MacOS, Windows, Linux,
-Android, and iOS. Discord is used to communicate via voice chat and
-text chat, and has image-sharing and file-sharing capabilities.
-
-
Spyware Level: EXTREMELY HIGH
-
-
- Thanks to Richard Stallman for linking to our article here! The spotlight is very much appreciated.
-
-
-
-
-Discord is spyware because it collects all information that passes
-through its communication platform. As Discord is a centralized
-communication platform, all communications have to go through Discord's
-official servers, where all of that information can potentially be
-recorded. The vast majority of said information has been confirmed
-to be recorded, such as all communications between users. Discord has
-also been confirmed to use other spyware features such as various forms
-of telemetry. Discord's main source of income is from investment, from which
- it has received over $279.3 million dollars[4]. Discord cannot be built from
-source and the source code for Discord is unavailable.
-
-
Discord does not make its source code available
-
-It is impossible to download and examine Discord's source code,
-which means that it is impossible to prove that Discord is not
-spyware. Any program which does not make its source code available is
- potential spyware.
-
-
Discord confirms that it collects large amounts of sensitive user data
-
-Discord explicitly confirms in its privacy policy[1] that it collects the following information:
-
-
-
IP Address
-
Device UUID
-
User's e-mail address
-
All text messages
-
All images
-
All VOIP data (voice chat)
-
Open rates for e-mail sent by Discord
-
-
-Discord does not explictly confirm that it collects this information, but still collects it by default:
-
-
-
Logs of all of the other programs that are open on your computer
-
-
-The implications of this information can be broken down like this: By
-recording your IP address, Discord can track your general location
-(about as precise as which county you are in). Discord can also tell
-which devices you use, as it uniquely identifies each device, and how
- much you use those devices, as it can record your device usage habits
-(since Discord is usually open in the background so that it can receive
-messages). Discord also records every single interaction you have with
-other users through its service. This means that Discord is confirmed
-to log every conversation that you have through Discord, and record
-everything that you say on Discord, and view all images that you send
- through Discord. Therefore, none of your interactions on Discord are
-private. Discord's privacy policy also contains several occurrences of
- phrases such as "including but not limited to," which is an explicit
-confirmation that Discord contains more spyware features that are not
-disclosed to the user.
-
-
Discord contains features which allow integration with other spyware platforms
-
-Discord contains the opt-in spyware feature known as "social media
-integration." This allows you to sync your persistent user identity
-on Discord with your persistent user identity on other spyware
-platforms, such as Facebook and Twitter. In its privacy policy[1],
- Discord has confirmed that if you opt in to this spyware feature,
-Discord will obtain an undisclosed amount of access to information
-obtained about you by the spyware platforms that you choose to sync
-with.
-
-
Discord contains a process logger
-
-Discord has been confirmed to monitor the open processes on your
-operating system. This is a spyware feature known as a "process logger"
-that is generally used to record your program usage habits. This was
-confirmed by the CTO of Discord in a Reddit thread.[2]
- In the same thread, the CTO also elaborates that this spyware feature (the monitoring of processes) is
-mandatory for several features of the platform. The CTO and a Discord engineer go on
- to claim that Discord does not use the process logger to send records
-of the open processes on the user's computer.
-
-
-The test to prove that Discord logs processes was done again by the writer with procmon on 4/11/2019 with
-the features: "Use data to customize my Discord Experience" and "Display currently running game as a status message"
-turned off. Discord did NOT log all of the processes open this way.
-However when setting the "Display currently running game as a status message" turned on, the behavior
-described in[2] was replecated. You can see that behavior here:
-
-
-
- It turns out that this feature can be disabled through the UI. Because of the nature of closed-source
- software it isn't possible for either this article or the Discord developers to prove how much information is being sent to
- Discord's servers when the process logger is turned on. But it's at least possible to turn it off.
-
-
Discord uses it's process logging for advertising
-
- Discord shows this in it's privacy option here:
-
-
-
- That the process logging features of Discord are now being recorded on Discord's servers as a form of telemetry (spyware),
- and removes speculation about why this feature exists. It is clarified by Discord that this spyware feature is used for advertising
- to it's users.[8] This means that Discord is recording the programs you have open to build
- a statistical model of what programs you might buy/lisence in the future.
-
+ Discord is an instant messaging application for MacOS, Windows, Linux,
+ Android, and iOS. Discord is used to communicate via voice chat and
+ text chat, and has image-sharing and file-sharing capabilities.
+
+
Spyware Level: EXTREMELY HIGH
+
+
+ Thanks to Richard Stallman for linking to our article
+ here!
+ The spotlight is very much appreciated.
+
+
+
+
+
+ Discord is spyware because it collects all information that passes
+ through its communication platform. As Discord is a centralized
+ communication platform, all communications have to go through
+ Discord's official servers, where all of that information can
+ potentially be recorded. The vast majority of said information has
+ been confirmed to be recorded, such as all communications between
+ users. Discord has also been confirmed to use other spyware features
+ such as various forms of telemetry. Discord's main source of income is
+ from investment, from which it has received over $279.3 million
+ dollars[4]. Discord cannot be built from source and the source code for Discord
+ is unavailable.
+
+
Discord does not make its source code available
+
+ It is impossible to download and examine Discord's source code, which
+ means that it is impossible to prove that Discord is not spyware. Any
+ program which does not make its source code available is potential
+ spyware.
+
+
+ Discord confirms that it collects large amounts of sensitive user data
+
+
+ Discord explicitly confirms in its privacy policy[1]
+ that it collects the following information:
+
+
+
IP Address
+
Device UUID
+
User's e-mail address
+
All text messages
+
All images
+
All VOIP data (voice chat)
+
Open rates for e-mail sent by Discord
+
+
+ Discord does not explictly confirm that it collects this information,
+ but still collects it by default:
+
+
+
+ Logs of all of the other programs that are open on your computer
+
+
+
+ The implications of this information can be broken down like this: By
+ recording your IP address, Discord can track your general location
+ (about as precise as which county you are in). Discord can also tell
+ which devices you use, as it uniquely identifies each device, and how
+ much you use those devices, as it can record your device usage habits
+ (since Discord is usually open in the background so that it can
+ receive messages). Discord also records every single interaction you
+ have with other users through its service. This means that Discord is
+ confirmed to log every conversation that you have through Discord, and
+ record everything that you say on Discord, and view all images that
+ you send through Discord. Therefore, none of your interactions on
+ Discord are private. Discord's privacy policy also contains several
+ occurrences of phrases such as "including but not limited to," which
+ is an explicit confirmation that Discord contains more spyware
+ features that are not disclosed to the user.
+
+
+ Discord contains features which allow integration with other spyware
+ platforms
+
+
+ Discord contains the opt-in spyware feature known as "social media
+ integration." This allows you to sync your persistent user identity on
+ Discord with your persistent user identity on other spyware platforms,
+ such as Facebook and Twitter. In its privacy policy[1], Discord has confirmed that if you opt in to this spyware feature,
+ Discord will obtain an undisclosed amount of access to information
+ obtained about you by the spyware platforms that you choose to sync
+ with.
+
+
Discord contains a process logger
+
+ Discord has been confirmed to monitor the open processes on your
+ operating system. This is a spyware feature known as a "process
+ logger" that is generally used to record your program usage habits.
+ This was confirmed by the CTO of Discord in a Reddit thread.[2]
+ In the same thread, the CTO also elaborates that this spyware feature
+ (the monitoring of processes) is mandatory for several features of the
+ platform. The CTO and a Discord engineer go on to claim that Discord
+ does not use the process logger to send records of the open processes
+ on the user's computer.
+
+
+ The test to prove that Discord logs processes was done again by the
+ writer with procmon on 4/11/2019 with the features: "Use data to
+ customize my Discord Experience" and "Display currently running game
+ as a status message" turned off. Discord did
+ NOT log all of the processes open
+ this way. However when setting the "Display currently running game as
+ a status message" turned on, the behavior described in[2]
+ was replecated. You can see that behavior here:
+
+
+
+ It turns out that this feature
+ can be disabled through the UI.
+ Because of the nature of closed-source software it isn't possible for
+ either this article or the Discord developers to prove how much
+ information is being sent to Discord's servers when the process logger
+ is turned on. But it's at least possible to turn it off.
+
+
Discord uses it's process logging for advertising
+
+ Discord shows this in it's privacy option here:
+
+
+
+ That the process logging features of Discord are now being recorded on
+ Discord's servers as a form of telemetry (spyware), and removes
+ speculation about why this feature exists. It is clarified by Discord
+ that this spyware feature is used for advertising to it's users.[8]
+ This means that Discord is
+ recording the programs you have open to build a statistical model
+ of what programs you might buy/lisence in the future.
+
+
-
Discord tries to force some users to give their Telephone numbers
-
-Discord will lock users out of it's service and will not allow them to continue using it without giving their phone number or contacting Discord
-support. This kind of feature is designed to extract very personal information out of it's users (phone numbers). The criteria for locking out
-users isn't known.
-
-
+
+ Discord tries to force some users to give their Telephone numbers
+
+
+ Discord will lock users out of it's service and will not allow them to
+ continue using it without giving their phone number or contacting
+ Discord support. This kind of feature is designed to extract very
+ personal information out of it's users (phone numbers). The criteria
+ for locking out users isn't known.
+
+
+
-
Discord receives government requests for your information
-
-Discord has confirmed in an email correspondence[6]
- that it does receive government requests for information. So, we know
-that the government potentially has access to all of the information
-that Discord collects about you. You can read a copy of the email image
-posted in the source here in case the link there dies.
-
-
-
Speculation on Discord's future
-
-It's unknown whether Discord currently is or isn't selling user information. Currently Discord has been able
-to consistently raise new invesment capital, which is at a level where it could reasonably be covering
-all of its operating costs. However, Discord, like any other company, is not going to exist in a
-constant state of investment. Discord is going to have to transition away from an investment-financed
-business model to a revenue model that exclusively relies on generating revenue from the users of the
-platform.
-
-
-Discord has several ways of making money. It can lisence emoji's and other features of the program with
-Discord Nitro[5], or it can make money lisencing video games through it's
-new online store, as a competitor to Steam. However both of these revenue
-sources may not be enough. Discord has raised $279.3 million dollars[4]
-and it has to return on this investment. (which is more than 279.3 million dollars that has to be paid back)
-
-
-If Discord is not able to satisfy it's obligation to it's investors, it has a third option- selling user information
-to advertisers. Discord is already datamining it's users to produce it's recommendation system,[8] which means that it
-is already turning it's userbase into extremely valueble, sellable, advertising data. Discord has 130 million users[7],
-and it can produce a statistical model of what games each user (who does not opt-out of advertising) owns, plays, and wants to buy.
-This is incredibly valueble information that Discord can sell if it cannot reach it's profit obligations with it's current
-revenue model. If Discord is a successful games store, then it wont need to do this. But if Discord gets in financial trouble,
-it probably will be forced to liquiate this asset.
-
+
Discord receives government requests for your information
+
+ Discord has confirmed in an email correspondence[6]
+ that it does receive government requests for information. So, we know
+ that the government potentially has access to all of the information
+ that Discord collects about you. You can read a copy of the email
+ image posted in the source
+ here
+ in case the link there dies.
+
+
+
Speculation on Discord's future
+
+ It's unknown whether Discord currently is or isn't selling user
+ information. Currently Discord has been able to consistently raise new
+ invesment capital, which is at a level where it could reasonably be
+ covering all of its operating costs. However, Discord, like any other
+ company, is not going to exist in a constant state of investment.
+ Discord is going to have to transition away from an
+ investment-financed business model to a revenue model that exclusively
+ relies on generating revenue from the users of the platform.
+
+
+ Discord has several ways of making money. It can lisence emoji's and
+ other features of the program with Discord Nitro[5], or it can make money lisencing video games through it's new online
+ store, as a competitor to Steam.
+ However both of these revenue sources may not be enough. Discord has
+ raised $279.3 million dollars[4]
+ and it has to return on this investment. (which is more than 279.3
+ million dollars that has to be paid back)
+
+
+ If Discord is not able to satisfy it's obligation to it's investors,
+ it has a third option- selling user information to advertisers.
+ Discord is already datamining it's users to produce it's
+ recommendation system,[8] which means
+ that it is already turning it's userbase into extremely valueble,
+ sellable, advertising data. Discord has 130 million users[7], and it can produce a statistical model of what games each user (who
+ does not opt-out of advertising) owns, plays, and wants to buy. This
+ is incredibly valueble information that Discord can sell if it cannot
+ reach it's profit obligations with it's current revenue model. If
+ Discord is a successful games store, then it wont need to do this. But
+ if Discord gets in financial trouble, it probably will be forced to
+ liquiate this asset.
+
-Internet Explorer is a Web Browser distributed by Microsoft with most versions of the Microsoft Windows Operating system.
-
-
Spyware Level: EXTREMELY HIGH
-
-Internet Explorer contains many serious spyware features, however all of these features appear to be "opt-out" features. It is not verified whether or not opting out will actually disable all of these features, or if there are other spyware features that are not known which cannot be opted out of. Internet Explorer can record your search history and location, and report that information to Microsoft. Internet Explorer is not the worst spyware, but it is still loaded with spyware features that can mine serious information from users.
-
-
Internet Explorer does not have available source code
-
-Internet Explorer cannot be built from available source code. This means that it is impossible to prove that it is not a spyware program or that it does not have unknown spyware features inside of it.
-
-
Internet Explorer is self-updating software
-
-Internet Explorer can be updated through spyware programs such as Windows Update[1]. Automatic software updates are a spyware feature becuase they cannot be verified to be non-spyware by the user. Luckily, this spyware feature is opt-out and can be turned off.
-
-
Internet Explorer sends your search history to Microsoft
-
-Internet Explorer contains a spyware feature called "flip ahead"[1]. Flip ahead will periodically send your browsing history to Microsoft. This spyware feature is opt-out and can be disabled. Microsoft claims that the information it recevies is encrypted to protect user privacy and santized to prevent personal information from being stored. This is unverifiable. Microsoft confirms that it does use the information obtained from flip ahead to build statstical models of your browsing habits. Other spyware features such as "Smartscreen filter", and "Suggested Sites" also confirm that they send your internet history to Microsoft.
-
-
Internet Explorer can track your location
-
-Internet Explorer has the spyware feature commonly referred to as "location services", which is a feature that allows it to track the location of the user. The privacy statement[1] explains that your location is obtained through a "Microsoft Location Service". Which means that your location is sent to a Microsoft server. Microsoft does not elaborate on what it does with this data or whether it stores this data. This spyware feature is opt-out.
-
-
Internet Explorer has an anti-privacy search engine by default
-
The default search engine is Bing which datamines its users and sells that information to advertisers.
+ Internet Explorer is a Web Browser distributed by Microsoft with most versions of the Microsoft Windows Operating system.
+
+
Spyware Level: EXTREMELY HIGH
+
+ Internet Explorer contains many serious spyware features, however all of these features appear to be "opt-out" features. It is not verified whether or not opting out will actually disable all of these features, or if there are other spyware features that are not known which cannot be opted out of. Internet Explorer can record your search history and location, and report that information to Microsoft. Internet Explorer is not the worst spyware, but it is still loaded with spyware features that can mine serious information from users.
+
+
Internet Explorer does not have available source code
+
+ Internet Explorer cannot be built from available source code. This means that it is impossible to prove that it is not a spyware program or that it does not have unknown spyware features inside of it.
+
+
Internet Explorer is self-updating software
+
+ Internet Explorer can be updated through spyware programs such as Windows Update[1]. Automatic software updates are a spyware feature becuase they cannot be verified to be non-spyware by the user. Luckily, this spyware feature is opt-out and can be turned off.
+
+
Internet Explorer sends your search history to Microsoft
+
+ Internet Explorer contains a spyware feature called "flip ahead"[1]. Flip ahead will periodically send your browsing history to Microsoft. This spyware feature is opt-out and can be disabled. Microsoft claims that the information it recevies is encrypted to protect user privacy and santized to prevent personal information from being stored. This is unverifiable. Microsoft confirms that it does use the information obtained from flip ahead to build statstical models of your browsing habits. Other spyware features such as "Smartscreen filter", and "Suggested Sites" also confirm that they send your internet history to Microsoft.
+
+
Internet Explorer can track your location
+
+ Internet Explorer has the spyware feature commonly referred to as "location services", which is a feature that allows it to track the location of the user. The privacy statement[1] explains that your location is obtained through a "Microsoft Location Service". Which means that your location is sent to a Microsoft server. Microsoft does not elaborate on what it does with this data or whether it stores this data. This spyware feature is opt-out.
+
+
Internet Explorer has an anti-privacy search engine by default
+
The default search engine is Bing which datamines its users and sells that information to advertisers.
+
+
+
+
+
-
-
- This article was last updated on 2/18/2019
-
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
-
\ No newline at end of file
diff --git a/articles/falkon.html b/articles/falkon.html
index 714182f..ca17ee5 100644
--- a/articles/falkon.html
+++ b/articles/falkon.html
@@ -1,3 +1,4 @@
+
diff --git a/articles/firefox.html b/articles/firefox.html
index 978189b..65ec20d 100644
--- a/articles/firefox.html
+++ b/articles/firefox.html
@@ -1,3 +1,4 @@
+
@@ -6,7 +7,7 @@
Firefox - Spyware Watchdog
-
+
Mozilla Firefox
Spanish Translation
diff --git a/articles/firefox_es.html b/articles/firefox_es.html
index e5cef59..98b37df 100644
--- a/articles/firefox_es.html
+++ b/articles/firefox_es.html
@@ -1,4 +1,4 @@
-
+
@@ -12,7 +12,7 @@
Back to catalog Guía de mitigación
-
+
Mozilla Firefox es uno de los navegadores web más populares y perdurables. Sus desarrolladores han adquirido cierta reputación por desarrollar un "navegador que respeta la privacidad y seguridad del usuario" - pero, ¿es algo justificado o sólo una estrategia de marketing? Bueno, de hecho, a través de sus años de existencia, los desarrolladores han tomado varias decisiones que podrían ser consideradas anti-privacidad (y anti-usuario en general), pero en este artículo nos estaremos enfocando exclusivamente en aquellas que pueden ser consideradas spyware. Versión testeada: 52.5.0, con la configuración por defecto. Programas usados para buscar solicitudes web: Mitmproxy.
Este navegador envía bastante información de forma frecuente (mucha de la cual podría ser utilizada para identificarte de forma única). Todos los "servicios" que provee, como los buscadores que vienen por defecto y Pocket, son anti-privacidad. La clasificación puesta no es más alta porque al menos puedes desactivar or modificar la mayoría de estas características, aunque esto requiera lidiar bastante con about:config
Iridium is a privacy-based fork of Google Chrome. From their website: "All modifications enhance the privacy of the user and make sure that the latest and best secure technologies are used. Automatic transmission of partial queries, keywords and metrics to central services is prevented and only occurs with the approval of the user." Unlike other browsers of its kind, this one is fully featured (has all the addons that are available for Chrome), and so is recommended for everyday usage.
diff --git a/articles/iron.html b/articles/iron.html
index 1999abd..b420fce 100644
--- a/articles/iron.html
+++ b/articles/iron.html
@@ -1,180 +1,188 @@
-
-
-
-SRWare Iron is a free web browser, and an implementation of Chromium by SRWare of Germany.
-
-
Spyware Level: EXTREMELY HIGH
-
-SRWare Iron claims to be a privacy respecting web browser that is an alternative to Google Chrome's
-spyware, and specifically brands itself as a privacy respecting web browser that aims to give users
-the Chrome experience without Google's spyware. However when examining this program, these claims
-instantly melt away. SRWare Iron connects to an absolutely incredible amount of trackers and opens
-connections to an enormous amount of servers on it's first run. It racks up a rough estimate of
-~400-500 unsolicited connections, and it actually took several minitues for it to stop making new
-requests and connections. SRWare Iron uses the spyware search engine Bing as it's default search
-engine, however it goes beyond that and routes your requests to Bing through it's own servers
-so that it can spy on your internet searches as well. The bottom line is that this browser is just
-another false privacy initiative and is really no better than Chrome.
-
-
-Version 69.0.3600.0 of SRWare Iron was tested on Windows 7 64-bit. MITMproxy, Microsoft Network Montior 3.4,
-and Sysinternals ProcMon were used to monitor the behavior of this program.
-
-
False Privacy Initiative
-
-SRWare Iron claims on it's website that it is:
-
-
- "Chrome thrilled with an extremely fast site rendering, a sleek design and innovative features. But it also gets critic from data protection specialists , for reasons such as creating a unique user ID or the submission of entries to Google to generate suggestions. SRWare Iron is a real alternative. The browser is based on the Chromium-source and offers the same features as Chrome - but without the critical points that the privacy concern."
- [1]
-
-The reality is that you are merely trading in one spyware product for another. Where Chrome's spyware has been removed,
-Iron's spyware is there to replace it. Which poision are you going to pick? The worst part is that people will read what is
-claimed on SRWare's website and beleive it without doing any tests for themselves. Like
-this article
-[web.archive.org]
-that just copies the comparison-list from Iron's website without any real investegation before delcaring it a privacy alterantive to Chrome.
-The most audacious thing about it is this incredible quote on the FAQ section for the Iron browser:
-
-
- "Can i really check that Iron doesn't submit any private data, how you say? Yes, you can. There are tools like Wireshark, which scan the whole network-traffic. We could not recognize any obvious activity. But you can proof this by yourself."
- [2]
-
-Which is just an amazing gem in the context of what is actually found when running tests on the software.
-
-
Massive amount of connections on first startup
-
-When you first start SRWare Iron, it will immediately open the following two pages: https://iron.start.me/us and
-https://www.srware.net/en/software_srware_iron.php. The most offensive page is the start.me domain
-which begins loading in an enormous amount of spyware from all over the internet. I did not count the specific amount of requests
-but it was somewhere in the 400-500 range (my software doesn't provide a great amount of automation... or maybe i'm not using it
-as well as I could). This image (at 1.06 MB- almost 1/4 of the size of the entire site as of writing!)
-should give you an idea of the amount of requests I was swamped by. It took a while for it to die down. On subsequent runs the
-amount of requests it sent was far less. It connected to spyware platforms like Google Analytics and Piwik, and executed their JavaScript payloads.
-There were a lot of redundant connections to Google Analytics so it's probable that multiple companies are able to send their own
-analytics payloads through this homescreen. Thus throughly fingerprinting and profiling your web browser and computer the moment you
-begin browsing the internet with your new "privacy respecting" browser- so that all of these advertising companies can track you
-everywhere you go!
-
-
- When checking the browser's connections in Network Monitor 3.4, you could see that it connected to a huge amount
-of servers, even though only two domains were ever contacted.This screenshot doesn't caputre
-all of the IP addresses that it connected, but should give you an idea.
-
-
-And just so that there is no ambiguity, this notice is shown when you load this homepage:
-
-
- "We use cookies to personalise content and ads, to provide social media features
-and to analyse our traffic. We also share information about your use of our site
-with our social media, advertising and analytics partners who may combine it
-with other information you’ve provided to them or they’ve collected from your
-use of their services."
-
-
-Just so that there is no doubt- you are being served tracking cookies by advertising companies.
-
-
Redirecting of internet searches through developer's domain
-
-After you've finished identifying your web browser to just about every single spyware company on the internet, you can begin
-making internet searches with your new SRWare Iron browser. The default search engine is the spyware search engine Bing.
-However it's not enough to just point you at a spyware search engine... when you try and actually run a search on Bing, this is what happens:
-
-
-
-Basically, every time you make a search with this browser, your searches are sent through the developer's servers.
-So, the developer can know exactly what your internet history is, in this way. Your searches are also being sent through
-wisesearches.com, but I don't know who they are. So now instead of giving up your search history to one
-spyware company, Google, you can give it to three spyware companies, by switching to this browser. This is a very similar
-tactic to the one that the spyware browser Slimjet uses, where it routes searches to
-Bing through it's own domains.
-
-
Motivations of the SRWare Iron developer?
-
- If you dig deeper into how SRWare Iron was created, you can find some interesting information from some of the developers of
- Chrome about the motivations behind the creation of this fork. More specifically this very interesting conversation:[3]
-
-
-<Kmos> Iron: why not contribute to it, instead of forking ?
-<Iron> because i removed all privacy-related code
-<Iron> e.g. RLZ
-<Iron> and URL tracking every 5 seconds after start
-<Iron> the original chrome is heavily communitating to google...i hate that
-<jamessan> all of those are supposed to have options to disable them, iirc
-<Iron> yes but they haven't options yet
-<Iron> and nobody knows when the next beta is released
-<jamessan> so work on getting the options added so they'll be there for the next release
-<mgreenblatt> Iron.. why not propose a patch based on preprocessor defines that disables the sections you dislike without forking the code?
-<mgreenblatt> (assuming such a thing doesn't already exist)
-<Iron> because a fork will bring a lot of publicity to my person and my homepage
-<Iron> that means: a lot of money too ;)
-<Kmos> rotflol
-<Iron> what means rotful?
-<mgreenblatt> Iron.. you're a large corporation that can dedicate the time to support a fork of something as complicated as chromium?
-<Kmos> Iron: google about it
-<Iron> yes there is enough time to support it
-<jamessan> heh, you're expecting to make lots of money from making a fork of chromium? that's quite amusing
-<Iron> i dont take money for my fork
-<Iron> but i have adsense on my page ;)
-<Iron> a lot of visitor -> a lot of clicka > a lot of money ;)
-<Kmos> and do you think google should support your fork
-<Kmos> lol
-<mgreenblatt> Iron.. it's always good to have dreams ;-)
-<Iron> we are here in germany
-<Iron> the press will love my fork
-<Iron> i talked to much journalists already
-<DrPizza> Why are you forking?
-<DrPizza> to do what?
-<Iron> to remove all things in source talking to google ;)
-<jamessan> to get fame and fortune
-<Iron> nobody here trusts google
-<Iron> the german people say: google is very evil
-<jamessan> yet you use google's adsense
-
-
- So, this could explain a lot... the motivation for this web browser to exist was to monetize
- privacy concerns by generating traffic to his website, where he could make money by serving spyware
- to the very users that wanted to escape from it. Then his fork gets loaded up with all sorts of
- spyware from all sorts of other companies... which he probably makes some amount of money from as well.
- (why else would he take the time to integrate these things into his browser? we can only speculate.)
- At the end of the day it's pretty clear that this browser is a huge scam and you shouldn't use it.
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg.All contributions must be licensed under the CC0 liscence to be accepted.
-
+ SRWare Iron is a free web browser, and an implementation of Chromium by SRWare of Germany.
+
+
Spyware Level: EXTREMELY HIGH
+
+ SRWare Iron claims to be a privacy respecting web browser that is an alternative to Google Chrome's
+ spyware, and specifically brands itself as a privacy respecting web browser that aims to give users
+ the Chrome experience without Google's spyware. However when examining this program, these claims
+ instantly melt away. SRWare Iron connects to an absolutely incredible amount of trackers and opens
+ connections to an enormous amount of servers on it's first run. It racks up a rough estimate of
+ ~400-500 unsolicited connections, and it actually took several minitues for it to stop making new
+ requests and connections. SRWare Iron uses the spyware search engine Bing as it's default search
+ engine, however it goes beyond that and routes your requests to Bing through it's own servers
+ so that it can spy on your internet searches as well. The bottom line is that this browser is just
+ another false privacy initiative and is really no better than Chrome.
+
+
+ Version 69.0.3600.0 of SRWare Iron was tested on Windows 7 64-bit. MITMproxy, Microsoft Network Montior 3.4,
+ and Sysinternals ProcMon were used to monitor the behavior of this program.
+
+
False Privacy Initiative
+
+ SRWare Iron claims on it's website that it is:
+
+
+ "Chrome thrilled with an extremely fast site rendering, a sleek design and innovative features. But it also gets critic from data protection specialists , for reasons such as creating a unique user ID or the submission of entries to Google to generate suggestions. SRWare Iron is a real alternative. The browser is based on the Chromium-source and offers the same features as Chrome - but without the critical points that the privacy concern."
+ [1]
+
+ The reality is that you are merely trading in one spyware product for another. Where Chrome's spyware has been removed,
+ Iron's spyware is there to replace it. Which poision are you going to pick? The worst part is that people will read what is
+ claimed on SRWare's website and beleive it without doing any tests for themselves. Like
+ this article
+ [web.archive.org]
+ that just copies the comparison-list from Iron's website without any real investegation before delcaring it a privacy alterantive to Chrome.
+ The most audacious thing about it is this incredible quote on the FAQ section for the Iron browser:
+
+
+ "Can i really check that Iron doesn't submit any private data, how you say? Yes, you can. There are tools like Wireshark, which scan the whole network-traffic. We could not recognize any obvious activity. But you can proof this by yourself."
+ [2]
+
+ Which is just an amazing gem in the context of what is actually found when running tests on the software.
+
+
Massive amount of connections on first startup
+
+ When you first start SRWare Iron, it will immediately open the following two pages: https://iron.start.me/us and
+ https://www.srware.net/en/software_srware_iron.php. The most offensive page is the start.me domain
+ which begins loading in an enormous amount of spyware from all over the internet. I did not count the specific amount of requests
+ but it was somewhere in the 400-500 range (my software doesn't provide a great amount of automation... or maybe i'm not using it
+ as well as I could). This image (at 1.06 MB- almost 1/4 of the size of the entire site as of writing!)
+ should give you an idea of the amount of requests I was swamped by. It took a while for it to die down. On subsequent runs the
+ amount of requests it sent was far less. It connected to spyware platforms like Google Analytics and Piwik, and executed their JavaScript payloads.
+ There were a lot of redundant connections to Google Analytics so it's probable that multiple companies are able to send their own
+ analytics payloads through this homescreen. Thus throughly fingerprinting and profiling your web browser and computer the moment you
+ begin browsing the internet with your new "privacy respecting" browser- so that all of these advertising companies can track you
+ everywhere you go!
+
+
+ When checking the browser's connections in Network Monitor 3.4, you could see that it connected to a huge amount
+ of servers, even though only two domains were ever contacted.This screenshot doesn't caputre
+ all of the IP addresses that it connected, but should give you an idea.
+
+
+ And just so that there is no ambiguity, this notice is shown when you load this homepage:
+
+
+ "We use cookies to personalise content and ads, to provide social media features
+ and to analyse our traffic. We also share information about your use of our site
+ with our social media, advertising and analytics partners who may combine it
+ with other information you’ve provided to them or they’ve collected from your
+ use of their services."
+
+
+ Just so that there is no doubt- you are being served tracking cookies by advertising companies.
+
+
Redirecting of internet searches through developer's domain
+
+ After you've finished identifying your web browser to just about every single spyware company on the internet, you can begin
+ making internet searches with your new SRWare Iron browser. The default search engine is the spyware search engine Bing.
+ However it's not enough to just point you at a spyware search engine... when you try and actually run a search on Bing, this is what happens:
+
+
+
+ Basically, every time you make a search with this browser, your searches are sent through the developer's servers.
+ So, the developer can know exactly what your internet history is, in this way. Your searches are also being sent through
+ wisesearches.com, but I don't know who they are. So now instead of giving up your search history to one
+ spyware company, Google, you can give it to three spyware companies, by switching to this browser. This is a very similar
+ tactic to the one that the spyware browser Slimjet uses, where it routes searches to
+ Bing through it's own domains.
+
+
Motivations of the SRWare Iron developer?
+
+ If you dig deeper into how SRWare Iron was created, you can find some interesting information from some of the developers of
+ Chrome about the motivations behind the creation of this fork. More specifically this very interesting conversation:[3]
+
+
+ <Kmos> Iron: why not contribute to it, instead of forking ?
+ <Iron> because i removed all privacy-related code
+ <Iron> e.g. RLZ
+ <Iron> and URL tracking every 5 seconds after start
+ <Iron> the original chrome is heavily communitating to google...i hate that
+ <jamessan> all of those are supposed to have options to disable them, iirc
+ <Iron> yes but they haven't options yet
+ <Iron> and nobody knows when the next beta is released
+ <jamessan> so work on getting the options added so they'll be there for the next release
+ <mgreenblatt> Iron.. why not propose a patch based on preprocessor defines that disables the sections you dislike without forking the code?
+ <mgreenblatt> (assuming such a thing doesn't already exist)
+ <Iron> because a fork will bring a lot of publicity to my person and my homepage
+ <Iron> that means: a lot of money too ;)
+ <Kmos> rotflol
+ <Iron> what means rotful?
+ <mgreenblatt> Iron.. you're a large corporation that can dedicate the time to support a fork of something as complicated as chromium?
+ <Kmos> Iron: google about it
+ <Iron> yes there is enough time to support it
+ <jamessan> heh, you're expecting to make lots of money from making a fork of chromium? that's quite amusing
+ <Iron> i dont take money for my fork
+ <Iron> but i have adsense on my page ;)
+ <Iron> a lot of visitor -> a lot of clicka > a lot of money ;)
+ <Kmos> and do you think google should support your fork
+ <Kmos> lol
+ <mgreenblatt> Iron.. it's always good to have dreams ;-)
+ <Iron> we are here in germany
+ <Iron> the press will love my fork
+ <Iron> i talked to much journalists already
+ <DrPizza> Why are you forking?
+ <DrPizza> to do what?
+ <Iron> to remove all things in source talking to google ;)
+ <jamessan> to get fame and fortune
+ <Iron> nobody here trusts google
+ <Iron> the german people say: google is very evil
+ <jamessan> yet you use google's adsense
+
+
+ So, this could explain a lot... the motivation for this web browser to exist was to monetize
+ privacy concerns by generating traffic to his website, where he could make money by serving spyware
+ to the very users that wanted to escape from it. Then his fork gets loaded up with all sorts of
+ spyware from all sorts of other companies... which he probably makes some amount of money from as well.
+ (why else would he take the time to integrate these things into his browser? we can only speculate.)
+ At the end of the day it's pretty clear that this browser is a huge scam and you shouldn't use it.
+
-Slimjet is a clone of the SlimBrowser web browser from FlashPeak that uses the Chromium as a base.
-
-
Spyware Level: EXTREMELY HIGH
-
-Slimjet's website claims that it is very committed to user privacy, and that it blocks Google tracking, unlike Google Chrome[1]. However this claim is not true. Slimjet is constantly sending information to google and connecting to google
-services. Slimjet claims to be concerned about privacy but ultimately retains just about all of the spyware features found in Google Chrome, as well as additional spyware added on by FlashPoint. In this way, Slimjet manages to implement all of the spyware that is found in browsers like Google Chrome, except instead of one company having this information, it's split up among several companies...
-
-
Phoning Home
-
- Even though on its site, FlashPeak claims that: "Slimjet doesn't send any usage data back to Google like Chrome."[1]
- the moment I turn it on with MITMproxy running, I am greeted with this:
-
-
-
- So, this claim just isn't true at all. It's still got a lot of Google's spyware in it, if it's still connecting to so many Google services. What's kind of surprising is that it didn't seem connect to any servers explicitly operated by FlashPeak when I was testing it. Even though, it claims to collect information about it's users for internal usage.[2] So, it must be phoning home as well as sending information to Google. Maybe it sends information through some kind of Google web service?
-
-
Default Search Engine is Spyware
-
- The default search engine is Bing, which sells your information to advertisers. If that isn't enough, it's
- "served from fpseek.com" which means that not only are you exposing your information to Bing, this is also being logged by fpseek, which
- has it's own privacy policy[3]. Whenever you search something using the default search engine, requests are sent to both Bing and fpseek.
-
-
-
- So, not only are you sharing everything with Microsoft, now there is another company looking at all of your searches. This is a uniquely bad
- default search engine because of how much information it leaks out. Fpseek itself is a company that seems to be tracking how users interact
- with advertisments and it says that it uses information it collects about it's users to:
-
-
- "...maintain and improve the quality and operation of the Software & Services, including, monitoring viewability of and interaction with advertisements, search results and other products and services provided by Company."
- [3]
-
- So, it looks like your searches are sent to two advertising companies instead of just one. At the very least when the search engine is changed to
- an alternative like DuckDuckGo the requests to fpseek stop.
-
-
Collecting Information about Users
-
- Slimjet claims to collects "some anonymous feature usage statistics information", and claims not to record your IP or sell that information
- to advertisters. However it is still opt-out spyware.
-
-
Using the Microsoft BITS service to upload search history to Google servers
-
- When you start Slimjet, it will begin using the BITS (Background Intelligent Transfer Service) which is designed to use spare bandwidth to transfer
- updates and other information. These requests are sent between Slimjet and a Google server, with confirmation from Process Monitor and MITMproxy:
-
-
-
-
-
- Personal information was censored from these images. It's unclear what this is for specifically but this is probably being done to implement the
- "CLOUD SYNC OF BOOKMARK & DATA" that is advertised on Slimjet's website. This is probably how they upload all of your search history and bookmarks into their cloud services, which seem to be provided by Google. There are no other features or requests made that would require large amounts of data to be sent too an external server in this way, so by process of elimination this is my theory as to how it's implemented.
-
-
-
- Obviously you can tell that any kind of service to sync your search history "in the cloud" is a privacy nightmare. Now both Google and Slimjet have access to your search history...
-
- If you want to edit this article, or contribute your own article(s), contact us on XMPP over in spyware@conference.nuegia.net, or visit us at the git repo on Codeberg. All contributions must be licensed under the CC0 liscence to be accepted.
-
+ Slimjet is a clone of the SlimBrowser web browser from FlashPeak that uses the Chromium as a base.
+
+
Spyware Level: EXTREMELY HIGH
+
+ Slimjet's website claims that it is very committed to user privacy, and that it blocks Google tracking, unlike Google Chrome[1]. However this claim is not true. Slimjet is constantly sending information to google and connecting to google
+ services. Slimjet claims to be concerned about privacy but ultimately retains just about all of the spyware features found in Google Chrome, as well as additional spyware added on by FlashPoint. In this way, Slimjet manages to implement all of the spyware that is found in browsers like Google Chrome, except instead of one company having this information, it's split up among several companies...
+
+
Phoning Home
+
+ Even though on its site, FlashPeak claims that: "Slimjet doesn't send any usage data back to Google like Chrome."[1]
+ the moment I turn it on with MITMproxy running, I am greeted with this:
+
+
+
+ So, this claim just isn't true at all. It's still got a lot of Google's spyware in it, if it's still connecting to so many Google services. What's kind of surprising is that it didn't seem connect to any servers explicitly operated by FlashPeak when I was testing it. Even though, it claims to collect information about it's users for internal usage.[2] So, it must be phoning home as well as sending information to Google. Maybe it sends information through some kind of Google web service?
+
+
Default Search Engine is Spyware
+
+ The default search engine is Bing, which sells your information to advertisers. If that isn't enough, it's
+ "served from fpseek.com" which means that not only are you exposing your information to Bing, this is also being logged by fpseek, which
+ has it's own privacy policy[3]. Whenever you search something using the default search engine, requests are sent to both Bing and fpseek.
+
+
+
+ So, not only are you sharing everything with Microsoft, now there is another company looking at all of your searches. This is a uniquely bad
+ default search engine because of how much information it leaks out. Fpseek itself is a company that seems to be tracking how users interact
+ with advertisments and it says that it uses information it collects about it's users to:
+
+
+ "...maintain and improve the quality and operation of the Software & Services, including, monitoring viewability of and interaction with advertisements, search results and other products and services provided by Company."
+ [3]
+
+ So, it looks like your searches are sent to two advertising companies instead of just one. At the very least when the search engine is changed to
+ an alternative like DuckDuckGo the requests to fpseek stop.
+
+
Collecting Information about Users
+
+ Slimjet claims to collects "some anonymous feature usage statistics information", and claims not to record your IP or sell that information
+ to advertisters. However it is still opt-out spyware.
+
+
Using the Microsoft BITS service to upload search history to Google servers
+
+ When you start Slimjet, it will begin using the BITS (Background Intelligent Transfer Service) which is designed to use spare bandwidth to transfer
+ updates and other information. These requests are sent between Slimjet and a Google server, with confirmation from Process Monitor and MITMproxy:
+
+
+
+
+
+ Personal information was censored from these images. It's unclear what this is for specifically but this is probably being done to implement the
+ "CLOUD SYNC OF BOOKMARK & DATA" that is advertised on Slimjet's website. This is probably how they upload all of your search history and bookmarks into their cloud services, which seem to be provided by Google. There are no other features or requests made that would require large amounts of data to be sent too an external server in this way, so by process of elimination this is my theory as to how it's implemented.
+
+
+
+ Obviously you can tell that any kind of service to sync your search history "in the cloud" is a privacy nightmare. Now both Google and Slimjet have access to your search history...
+
Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.[1]
diff --git a/articles/ungoogled_chromium.html b/articles/ungoogled_chromium.html
index 1447032..25ba567 100644
--- a/articles/ungoogled_chromium.html
+++ b/articles/ungoogled_chromium.html
@@ -1,3 +1,4 @@
+
@@ -8,7 +9,7 @@
-
+
Ungoogled-Chromium
Ungoogled-chromium is Google Chromium, sans integration with Google. It also features some tweaks to enhance privacy,
diff --git a/articles/unity.html b/articles/unity.html
index 722f294..5cbf51d 100644
--- a/articles/unity.html
+++ b/articles/unity.html
@@ -1,3 +1,4 @@
+
Waterfox is a web browser that is a fork of Firefox.
@@ -22,7 +23,7 @@ information about you with Mozilla, and has other spyware features.
If you start up Waterfox for the first time, it will make 109 requests[5] to several spyware platforms, most notably
Google Analytics, and Mozilla online services like its Geolocation service, and several other Mozilla services, as
well as Waterfox's own update service. You can look at a list of these requests
- here or a on mirror here.
+ here or a on mirror here.
+ 
- 
- 
- 
- 
It will also make a connection to Google to download some fonts. You can disable these on subsequent runs by changing the start page.
- 
It probably has something to do with their project of working with advertisers to provide more relevant targeted ads, which sounds pretty disgusting, but can be turned off ("Notify me about token promotions"). You can read more about it here
+ 
+ 
+ 
+ 
+ 
- 
- 
- 
- 
- 
![Discord process logging as described in [2] confirmed with procmon](../images/discord_process_logging.png)
- 
- 
+ 
+ 
- 
- 
- 
- 
- 
- 
- 
- 
- 
+ 
