Article about BleachBit.

2022-01-05 00:22:27 +02:00 · 2022-01-05 00:22:27 +02:00 · f783e462d6
parent f83f3244d2
commit f783e462d6
14 changed files with 193 additions and 29 deletions
--- a/articles/bleachbit.html
+++ b/articles/bleachbit.html
@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.w3.org/MarkUp/SCHEMA/xhtml11.xsd" xml:lang="en">
+	<head>
+		<meta http-equiv="Content-type" content="application/xhtml+xml;charset=utf-8"/>
+		<meta name="viewport" content="width=device-width,initial-scale=1"/>
+		<meta http-equiv="onion-location" content="http://spywaredrcdg5krvjnukp3vbdwiqcv3zwbrcg6qh27kiwecm4qyfphid.onion/articles/lynx.html"/>
+		<link rel="icon" href = "../images/favicon.ico"/>
+		<title>BadWolf - Spyware Watchdog</title>
+		<link href="../style.css" rel="stylesheet" type="text/css" media="all"/>
+	</head>
+	<body>
+		<div class="case">
+ 			<div class="nav">
+				<a href="index.html">&larr; Catalog</a>
+			</div>
+  			<div class="center">
+				<img src="../images/bleachbit_logo.png" alt="BleachBit Logo"/>
+				<h1>BleachBit</h1>
+				<p>Bleachbit is Tool to Clean Your System and Free Disk Space </p>
+				<h2>Spyware Level: <span class="green">Not Spyware</span></h2>
+				<p>BleachBit <span class="green">makes no unsolicited requests at all.</span></p>
+				<hr></hr>
+				<h4>Further Reading</h4>
+				<p><a href="https://www.bleachbit.org/">BleachBit Home Page</a></p>
+				<hr></hr>
+				<p>This article was created on 5/1/2022</p>
+				<hr></hr>
+				<p>If you want to contribute to this website, you can always <a href="https://codeberg.org/shadow/SpywareWatchdog">make a pull request</a>.</p>
+				<p>All contributions must be licensed under the CC0 license to be accepted.</p>
+				<a href="../LICENSE.txt"><img class="icon" src="../images/cc0.png" alt="CC0 License"/></a>
+			</div>
+		</div>
+	</body>
+</html>
--- a/articles/brave.html
+++ b/articles/brave.html
@ -53,13 +53,6 @@
 			<p>On the first run, Brave fetches five extensions from <code>brave-core-ext.s3.brave.com</code> and tries to install them:</p>
 			<img class="screenshot" src="../images/brave/brave-extensions.png" alt="brave extensions"/>
 			<h3>Not spyware related, but worth noting</h3>
-			<h3>Whitelisting spyware from Facebook and Twitter</h3>
-			<p>On its website, Brave claims that <i>"Brave fights malware and prevents tracking, keeping your information safe and secure. It’s our top priority."</i><sup><a href="#six">[6]</a></sup>. Yet despite this claim, Brave actually disables its tracking protections for Facebook and Twitter's scripts that allow them to track people across the web.<sup><a href="#five">[5]</a></sup> Brave has been actively downplaying the role that JavaScript plays when tracking someone.</p>
-			<br></br>
-			<p><i>"Loading a script from an edge-cache does not track a user without third-party cookies or equivalent browser-local storage, which Brave always blocks and always will block. In other words, sending requests and receiving responses without cookies or other means of identifying users does not necessarily create a tracking threat."</i><sup><a href="#seven">[7]</a></sup></p>
-			<br></br>
-			<p>This couldn't be more far from the truth. Just because a website isn't able to store cookies, doesn't mean it can't uniquely identify you. Using JavaScript from Facebook and Twitter would be more than enough to track you and blocking cookies alone isn't going to stop that. Just as a quick point of reference to what information JavaScript can scrape, you might want to visit <a href="https://coveryourtracks.eff.org">this website</a>.</p>
-			<p>They recently added an option <a href="brave://settings/socialBlocking">here</a> to block some of the scripts from Facebook, Twitter, and LinkedIn after receiving pushback as a result of the controversy. A quick note is that so long as you're using a chromium based browser, you should be able to manage JavaScript usage either way <a href="chrome://settings/content/javascript">here</a>.</p>
 			<h3>Anti-privacy search engine by default</h3>
 			<p><a href="../articles/google.html">Google</a> is the default search engine of Brave. For a browser that claims to be privacy oriented, this is a red flag. They at least make it easy for you to change the default search engine on the first run.</p>
 			<hr></hr>
--- a/articles/brave_ru.html
+++ b/articles/brave_ru.html
@ -53,13 +53,6 @@
 			<p>При первом запуске Brave скачивает пять расширений из <code>brave-core-ext.s3.brave.com</code> и пытается установить их:</p>
 			<img class="screenshot" src="../images/brave/brave-extensions.png" alt="brave extensions"/>
 			<h3>Не связано со слежением, но стоит отметить</h3>
-			<h3>Twitter и Facebook занесены в белый список</h3>
-			<p>На своём веб-сайте Brave утверждает: <i>"Brave борется с вредоносными программами и предотвращает отслеживание, сохраняя вашу информацию в целости и сохранности. Это наш главный приоритет."</i><sup><a href="#six">[6]</a></sup>. Тем не менее, несмотря на это утверждение Brave фактически отключает защиту от отслеживания со стороны Facebook и Twitter<sup><a href="#five">[5]</a></sup>. Brave преуменьшает роль JavaScript при отслеживании кого-либо.</p>
-			<br></br>
-			<p><i>"Работа скрипта из кеша не отслеживает пользователя без сторонних файлов cookie или похожего локального хранилища, которые Brave всегда блокирует и всегда будет блокировать. Другими словами, отправка запросов и получение ответов без cookie или других средств определения пользователя не создаёт угрозу отслеживания."</i><sup><a href="#seven">[7]</a></sup></p>
-			<br></br>
-			<p>Это не может быть даже похоже на правду. Просто по тому, что сайт не может хранить файлы cookie, нельзя сказать, что он не может однозначно вас определить. Использование JavaScript со стороны Twitter и Facebook будет более чем достаточно, чтобы отследить вас, и блокирования только файлов cookie недостаточно, чтобы остановить слежку. В качестве быстрой демонстрации возможностей отслеживания JavaScript посетите <a href="https://coveryourtracks.eff.org">этот веб-сайт</a>.</p>
-			<p>Недавно <a href="brave://settings/socialBlocking">здесь</a> была добавлена возможность блокировки скриптов от Facebook, Twitter и Linkedin. Примечание: если вы используете браузер на основе Chromium, то у вас всегда есть возможность управлять JavaScript <a href="chrome://settings/content/javascript">здесь</a>.</p>
 			<h3>Неконфиденциальный поисковик по умолчанию</h3>
 			<p><a href="../articles/google.html">Google</a> - стандартная поисковая система в Brave. Это очень странно для браузера, позиционирующего себя приватным. По крайней мере, при первом запуске Brave даёт выбор поисковой системы по умолчанию.</p>
 			<hr></hr>
--- a/articles/chrome.html
+++ b/articles/chrome.html
@ -162,5 +162,4 @@
    </div>
  </div>
 </body>
-
 </html>
--- a/articles/index.html
+++ b/articles/index.html
@ -56,7 +56,7 @@
 				<a href="../articles/qutebrowser_ru.html">[Русский]</a></li>
 				<li><a href="../articles/ungoogled_chromium.html">Ungoogled Chromium</a></li>
 				<li><a href="../articles/webbrowser.html">Web Browser</a></li>
-				<li><a href="../articles/tor.html">Tor Browser</a></li>
+				<li><a href="../articles/tbb.html">Tor Browser</a> <a href="../guides/tbb.html">[Mitigation Guide]</a></li>
 			</ul>
 			</div>
 			<div class="directory-list">
@ -117,6 +117,7 @@
 			<h2>Misc Software</h2>
 			<ul>
 			<li><a href="../articles/ccleaner.html">CCleaner</a></li>
+			<li><a href="../articles/bleachbit.html">BleachBit</a></li>
 			<li><a href="../articles/poweriso.html">PowerISO</a></li>
 			<li><a href="../articles/cdex.html">CDex</a></li>
 			<li><a href="../articles/paint.net.html">Paint.NET</a></li>
--- a/articles/palemoon.html
+++ b/articles/palemoon.html
@ -27,13 +27,6 @@
  This page connects to Google Analytics, which can fingerprint and track you across the internet.
  </p>
  <img class="screenshot" src="../images/pm_analytics.png" alt="Google Analytics requests sent by Pale Moon's default homepage">
-  <h3>Blocking privacy-enhancing addons</h3>
-  <p>
-Pale Moon by default won't allow you to install the privacy-enhancing addon NoScript, citing this rationale for
-blocking such an important addon: <i>"NoScript is known to cause severe issues with a large (and growing) number of websites. Unless finely tuned for every website visited,
-NoScript will cause display issues and functional issues."</i><sup><a href="#1">[1]</a></sup>
-<b><font color=yellow>To disable this blocklist, set <code>extensions.blocklist.enabled</code> to <code>false</code> in about:config.</font></b>
-  </p>
  <h3>Auto-updates</h3>
  <p>
  Pale Moon will automatically update itself, addons and search engines, as well as its blocklist.xml file with the addons it considers "malicious". Some of these can be turned off from the GUI, and some only from about:config.
@ -45,8 +38,19 @@ NoScript will cause display issues and functional issues."</i><sup><a href="#1">

  <h3>OCSP querying</h3>
  <p>Will automatically check every site's SSL certificate to see if it is valid, which necessitates sending it to a third party. Can be turned off from the GUI.</p>
-  <hr>
+
+  <h3>Not spyware related, but worth noting</h3>
+
+  <h3>Blocking privacy-enhancing addons</h3>
+  <p>
+Pale Moon by default won't allow you to install the privacy-enhancing addon NoScript, citing this rationale for
+blocking such an important addon: <i>"NoScript is known to cause severe issues with a large (and growing) number of websites. Unless finely tuned for every website visited,
+NoScript will cause display issues and functional issues."</i><sup><a href="#1">[1]</a></sup>
+<b><font color=yellow>To disable this blocklist, set <code>extensions.blocklist.enabled</code> to <code>false</code> in about:config.</font></b>
+  </p>
+  
  <center>
+  <hr>
  <h2>Sources</h2>
  <p>

--- a/articles/tbb.html
+++ b/articles/tbb.html
@ -0,0 +1,61 @@
+<!-- NOTICE!!!! -->
+
+<!-- BEFORE MAKING A PULL REQUEST OR PUSH PLEASE ALWAYS CHECK WITH THE VALIDATOR -->
+<!-- http://validator.w3.org/#validate-by-input -->
+
+<!-- NOTICE!!!! -->
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
+	<head>
+		<meta http-equiv="Content-type" content="application/xhtml+xml;charset=utf-8"/>
+		<title>Tor Browser Bundle — Spyware Watchdog</title>
+		<link rel="stylesheet" href="../style.css" />
+	</head>
+	<body>
+		<div class="case">
+		<div class="nav"><a href="index.html">&larr; Catalog</a></div>
+			<div class="main">
+				<img src="../images/tor_browser_logo.png" alt="Tor Browser Bundle Logo"/>
+				<h1>Tor Browser Bundle</h1>
+				<p>Version tested: 11.0.3</p>
+				<br/>
+				<p>Tor is free software and an open network that helps you defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security.<sup><a href="#s1">[1]</a></sup> This article is about the desktop Tor Browser Bundle, which is based on Firefox.  Tor itself can be used with any browser.</p>
+				<h2>Spyware Level: <span class="yellowgreen">Low</span></h2>
+				<p>The Tor browser is a privacy focused web browser that is used to access the internet through the Tor Network.  Connections through the Tor network are much more private than normal connections as you do not have an IP address that is associated with you.  While spyware services can tell that you are connecting from the Tor network, their ability to identify and profile you is greatly reduced.</p>
+				<br/>
+				<p>Tor Browser has automatic updates, and sends telemetry, albeit over Tor.</p>
+				<br/>
+				<p>If you go to about:networking, you will see several addresses that are affiliated with Mozilla, even before Tor is connected. You can <a href="../guides/tbb.html">mitigate the spyware</a>, but note that there is a chance that it will be overwritten by future updates.</p>
+				<img class="screenshot" src="../images/tbbaboutnetworking1.png" alt="About Networking in Tor Browser, displaying connections prior to connecting with the Tor Network" />
+			</div>
+			<hr/>
+			<div class="footer">
+				<div class="sources">
+					<h4>Sources</h4>
+					<ol>
+						<li id="s1">
+						<a href="https://www.torproject.org/">Tor Browser Official Site</a>
+						<a href="https://web.archive.org/web/20181113230342/https://www.torproject.org/">[web.archive.org]</a>
+						<a href="http://wayback.archive-it.org/all/20181111103241/https://www.torproject.org/">[wayback.archive-it.org]</a>
+						<a href="http://webarchive.loc.gov/all/20170822223331/https://www.torproject.org/">[webarchive.loc.gov]</a>
+						<a href="https://swap.stanford.edu/20141221222101/https://www.torproject.org/">[swap.stanford.edu]</a>
+						<a href="https://arquivo.pt/wayback/20160517095637/http://www.torproject.org/">[arquivo.pt]</a>
+						<a href="http://archive.is/20181011170659/https://www.torproject.org/">[archive.is]</a>
+						<a href="http://wayback.vefsafn.is/wayback/20180915054500/https://www.torproject.org/">[wayback.vefsafn.is]</a>
+						<a href="https://ghostarchive.org/archive/pDSgk?kreymer=false">[ghostarchive.org]</a>
+						</li>
+						<li id="s2">
+							<a href="https://gitlab.torproject.org/legacy/trac/-/issues/24351">https://gitlab.torproject.org/legacy/trac/-/issues/24351</a>
+							<a href="https://web.archive.org/web/20200301013104/https://trac.torproject.org/projects/tor/ticket/24351">https://web.archive.org/web/20200301013104/https://trac.torproject.org/projects/tor/ticket/24351</a>
+						</li>
+					</ol>
+				</div>
+				<hr/>
+				<b>This article was last edited on 1/1/2022</b>
+				<p>If you want to edit this article, or contribute your own article(s), visit us at the git repo on <a href="https://codeberg.org/shadow/SpywareWatchdog">Codeberg</a>.</p>
+				<p>All contributions must be licensed under the CC0 license to be accepted.</p>
+				<a href="../LICENSE.txt"><img class="icon" src="../images/cc0.png" alt="CC0 License" /></a>
+			</div>
+		</div>
+	</body>
+</html>
--- a/articles/youtube.html
+++ b/articles/youtube.html
@ -35,7 +35,7 @@ The YouTube app for android additionally uses the Google Firebase Analytics trac
 It is also worth noting that, in order to function, YouTube requires visitors to run non-free JavaScript. As with any proprietary software, these programs can be doing just about anything with almost no way to determine exactly what.<sup><a href="#10">[10]</a></sup> For example, there has been some speculation as to whether YouTube’s compulsory JavaScript might be useful for YouTube to track your device’s unique MAC address. <sup><a href="#8">[8]</a></sup><sup><a href="#9">[9]</a></sup>
  </p>
  <p>
-  All that said, it would be wise to avoiding using any of Google’s services. If you must access YouTube, we recommend doing so through one of the remaining sanitizers such as Invidious (<a href="https://redirect.invidious.io/">https://redirect.invidious.io/</a>).
+  All that said, it would be wise to avoiding using any of Google’s services. If you must access YouTube, we recommend doing so through one of the remaining sanitizers such as Invidious (<a href="https://invidious.io/">https://invidious.io/</a>).
 </p>
  <hr>
  <center>
--- a/articles/youtube_es.html
+++ b/articles/youtube_es.html
@ -82,7 +82,7 @@
  de Google. Si te es menester acceder a YouTube, se recomienda hacerlo
  a través de uno de los sanitizadores que quedan para ver contenido
  de YouTube como Invidious
-  (<a href="https://www.invidio.us">https://www.invidio.us</a>).
+  (<a href="https://invidious.io/">https://invidious.io/</a>).
  </p>
  <hr>
  <center>
--- a/guides/firefox.html
+++ b/guides/firefox.html
@ -22,7 +22,7 @@
 								<br/>
 								<p>
 										Before beginning this guide it is important that you try and cross-reference it with other guides,
-										to see which prespective on this topic is the best way to do it for you. At the bottom of the page are links
+										to see which prospective on this topic is the best way to do it for you. At the bottom of the page are links
 										to <a href="#Other_Guides">other guides</a> and projects like this one. You should strongly consider this as <b><span class="orange">
 										you may find other guides more useful than this one.</span></b>
 								</p>
@ -135,4 +135,4 @@
 						</div>
 				</div>
 		</body>
-</html>
+</html>
--- a/guides/tbb.html
+++ b/guides/tbb.html
@ -0,0 +1,78 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
+		<head>
+				<meta http-equiv="Content-type" content="application/xhtml+xml;charset=utf-8"/>
+				<title>Tor Browser Spyware Mitigation Guide — Spyware Watchdog</title>
+				<link rel="stylesheet" href="../style.css"/>
+		</head>
+		<body>
+				<div class="case">
+						<div class="nav">
+								<a href="../index.html">&larr; Home</a>
+								<a class="right" href="../articles/tbb.html">Tor Browser &rarr; </a>
+								<img src="../images/tor_browser_logo.png" alt="Tor Browser Bundle Logo"/>
+						</div>
+						<h1>Tor Browser Mitigation Guide</h1>
+						<p>Version tested: 11.0.3</p>
+						<br/>
+						<p><b>Note</b>:  Changing browser settings on TBB is not recommended by some, as they argue it is bad because it increases fingerprinting.  Please also note that this is SpywareWatchdog, and not FingerprintWatchdog.</p>
+						<br/>
+						<p>After following this guide the rating changes thusly:</p>
+						<h2>Spyware Rating: <span class="yellowgreen">Low</span> &rarr; <span class="green">Not Spyware</span></h2>
+						<p> Besides using the torrc configuration file, or host files, the only way to completely remove the connections is to unpack two omni.ja files, and remove all the addresses, and then re-zip the omni.ja files.</p>
+						<br/>
+						<p>Find your omni.ja files:</p>
+						<code class="big-code">
+							find . -name omni.ja
+						</code>
+						<p>Unpack them (do this for both of them separately):</p>
+						<code class="big-code">
+							mkdir unpack
+							<br/>
+							mv omni.ja unpack
+							<br/>
+							cd unpack
+							<br/>
+							unzip omni.ja
+						</code>
+						<p>Remove telementry:</p>
+						<code class="big-code">
+							find ./Browser/ -type f -print0 | xargs -0 sed -i 's/https\:\/\/firefox\.settings\.services\.mozilla\.com\/v1\/buckets\/main\/collections\/nimbus-desktop-experiments\/records//g';
+							<br/>
+							find ./Browser/ -type f -print0 | xargs -0 sed -i 's/https\:\/\/firefox\.settings\.services\.mozilla\.com\/v1\/buckets\/main-preview\/collections\/search-config\/records//g';
+							<br/>
+							find ./Browser/ -type f -print0 | xargs -0 sed -i 's/https\:\/\/firefox\.settings\.services\.mozilla\.com\/v1\/buckets\/main\/collections\/search-config\/records//g';
+							<br/>
+							find ./Browser/ -type f -print0 | xargs -0 sed -i 's/https\:\/\/firefox\.settings\.services\.mozilla\.com\/v1//g';
+							<br/>
+							find ./Browser/ -type f -print0 | xargs -0 sed -i 's/onecrl\.content-signature\.mozilla\.org//g';
+							<br/>
+							find ./Browser/ -type f -print0 | xargs -0 sed -i 's/remote-settings\.content-signature\.mozilla\.org//g';
+							<br/>
+							find ./Browser/ -type f -print0 | xargs -0 sed -i 's/normandy\.content-signature\.mozilla\.org//g';
+						</code>
+						<p>Replace the omni.ja files:</p>
+						<code class="big-code">
+							mv omni.ja back.omni.ja
+							<br/>
+							zip -0DXqr omni.ja *
+							<br/>
+							mv omni.ja ..
+						</code>
+						<p>Disable auto updates:</p>
+						<code class="big-code">
+							mkdir -p Browser/distribution/
+						</code>
+						<p>Create file <code>Browser/distribution/policies.json</code> and put in:</p>
+						<code class="big-code">{<br/>  "policies": {<br/>    "DisableAppUpdate": true<br/> }<br/>}</code>
+						<br/>
+						<p>All done!</p>
+						<hr/>
+						<p>If you want to edit this article, or contribute your own article(s), visit us at the git repo on <a href="https://codeberg.org/shadow/SpywareWatchdog">Codeberg</a>. All contributions must be licensed under the CC0 license to be accepted.
+						</p>
+
+						<a href="../LICENSE.txt"><img class="icon" src="../images/cc0.png" alt="CC0 License"></a>
+						</div>
+				</div>
+		</body>
+</html>
--- a/images/bleachbit_logo.png
+++ b/images/bleachbit_logo.png
--- a/images/tbbaboutnetworking1.png
+++ b/images/tbbaboutnetworking1.png
--- a/index.html
+++ b/index.html
@ -13,7 +13,7 @@
 		<div class="case">
 			<div class="nav wide-nav">
 				<a href="./articles/index.html">Articles</a>
-				<a href="./mirrors.html">Mirror list</a>
+				<a href="./mirrors.html">Mirrors</a>
 				<a href="./misc.html">Misc</a>
 			</div>
 			<div class="main">