Interesting thread too +1 as well for uMatrix you get a lot more control than NoScript.
Also to note that Google Recatcha v3 looks like its doing this kind of session recording https://www.fastcompany.com/90369697/go … -dark-side
]]>@siva . . . Hello stranger! Nice to see you. We're looking at Gitea. It will hopefully be up for testing soon but then require extensive testing before the final decision is made.
See Rocket Git
]]>How about https://codeberg.org/ ?
Two red flags . . . more java script licenses than I can count on my 10 fingers and a rather strange ToS. Plus emojis . . . really? We want to minimize the web interface not expand it.
]]>imhigh.today wrote:I'm disturbed that GitLab is on that list.
FYI . . . the Devuan team is looking at alternative options to gitlab.
Any progress?
]]>I'm disturbed that GitLab is on that list.
FYI . . . the Devuan team is looking at alternative options to gitlab.
]]>Like, image a hierarchy of js things where the bottom is the largest safe set, and the ones above it are progressively less safe, and you can white/blacklist any combination of them. Maybe I'm nuts but that is how I would write a JavaScript engine and integrate it into a web browser.
There would be categories within each step of the hierarchy for things that are unsafe in the same amount but different ways.
Really what's needed is a modular browser where you can drop in every concievable piece of a browser.
]]>https://www.ghacks.net/2017/11/24/how-t … -tracking/
You can use a browser extension like NoScript, uBlock Origin or uMatrix to block these scripts from being loaded on sites you visit. This protection works only if you don't allow the scripts to run on sites you visit though, so keep that in mind.
I'll bet w3m doesn't have these issues
P.S. Something else I found interesting on the Princeton site, our friends at Google and Amazon don't have any of these listed. I also appreciated the irony that a Javascript-based filter is used. (If you disable scripts, it'll fallback to a simple list of all the notorious sites.)
]]>https://www.eff.org/the-end-of-trust
Most of it is familiar but I did discover something that I didn't know. Tucked away in the sidebar on page 226 is this interesting factoid:
"The website freedom-to-tinker.com, hosted by Princeton’s
Center for Information Technology Policy, published a study
highlighting a particularly invasive data-mining software
called “session replay scripts” that are being used by an
increasing number of websites. According to the study, session
replay scripts “record your keystrokes, mouse movements,
and scrolling behavior, along with the entire contents of the
pages you visit.” Unlike most third-party analytics services,
which provide aggregate statistics of your searches and the
pages you visit, session replay scripts actually record your
individual browsing session in its entirety, “as if someone is
looking over your shoulder”.The study lists tens of thousands of websites that were
either found recording users’ browsing sessions or have the
capability to do so. Among the big-name sites are xfinity.com,
windows.com, texas.gov, petco.com, and fandango.com. The
following sites were also found on that list."
—Landon Bates
Here are links to the study and full list:
https://freedom-to-tinker.com/2017/11/1 … y-scripts/
https://webtransparency.cs.princeton.ed … sites.html
It just keeps getting worse and worse . . .
]]>