From cooperq at eff.org Mon Dec 1 12:29:01 2014 From: cooperq at eff.org (Cooper Quintin) Date: Mon, 01 Dec 2014 12:29:01 -0800 Subject: [PrivacyBadger] ref google chrome code added to my webpages In-Reply-To: References: Message-ID: <547CCF8D.20209@eff.org> The malware link you are seeing here is actually unrelated to Privacy Badger. The CSS file is coming from privacy badger (it's the file that privacy badger uses to replace Facebook like buttons. It gets injected into all pages.) However, Privacy Badger is not inserting the other two javascript links, those are being created by something else. This is the reason why when you uninstalled privacy badger it removed the one link but not the other two. In short, Privacy Badger is not the culprit here, instead it sounds like you have a malware problem. Since this is happening only in chrome, and on multiple operating systems there may be some malware on your server or you may be including a malicious advertisement inadvertently. You should work with your hosting provider to solve this problem. Also make sure you disable any other addons that you have running in chrome, and maybe even reinstall it. Good Luck! - Cooper On 11/29/2014 11:19 AM, John Owen-Jones wrote: > with reference to my previous post > > by uninstalling privacy badger i still have added javascript in my pages > > but less now is > > > > > just youradexchange.com and this strange app.js > > regards > > john > > > _______________________________________________ > PrivacyBadger mailing list > PrivacyBadger at eff.org > https://lists.eff.org/mailman/listinfo/privacybadger > From cooperq at eff.org Wed Dec 3 15:10:14 2014 From: cooperq at eff.org (Cooper Quintin) Date: Wed, 03 Dec 2014 15:10:14 -0800 Subject: [PrivacyBadger] Chrome browser automation for privacy badger enhancement In-Reply-To: References: <20141110223747.GU27318@eff.org> <20141111025340.GI27318@eff.org>

<20141124015004.GW22175@eff.org> <20141124044120.GY22175@eff.org> <54738661.30005@eff.org> Message-ID: <547F9856.4050302@eff.org> Great! I will take a look at whats up there so far (with the understanding that it's a WIP). I'm not suprised selenium doesn't have window/tab stuff. It also didn't have any way to use the same browser profile more than once until a couple of days ago. Now you can tell it not to delete the temporary browser profile that it creates, but only if you are using firefox. And only in the .net selenium library so far... - Cooper On 12/03/2014 02:51 PM, Alexei Miagkov wrote: > Hey everybody! > > Here's the WIP Chameleon automation > repo: https://github.com/ghostwords/chameleon-crawler. Still have to > figure out how to communicate Chameleon's findings back to Selenium > successfully. Will work on that next. By the way, doesn't it seem crazy > Selenium still doesn't have built-in tab/window management? Yikes! > > On Mon, Nov 24, 2014 at 2:26 PM, Cooper Quintin > wrote: > > > Alexei, > Thats great, I'm excited to have you on board! As for testing, we > already have some Selenium tests for privacy badger chrome which Gunes > wrote. They are pretty extensive and are, IMO, the easiest way to > accomplish your task--especially since the bootstrapping has already > been done. If you have an argument for not using Selenium let me know, > but otherwise I think selenium is excellent. > > - Cooper > On 11/23/2014 08:41 PM, Peter Eckersley wrote: > > +PrivacyBadger list. > > > > Alexei will be doing some work to enhance and port anti-fingerprinting > > features from Chameleon to Privacy Badger. > > > > Does anyone have opinions about which Chrome browser automation > tools we > > should be using for Privacy Badger crawling & testing work? > > > > On Sun, Nov 23, 2014 at 10:01:11PM -0500, Alexei Miagkov wrote: > > > >> For testing the heuristic, I think we should automate Chrome with > Chameleon > >> preloaded to visit a predefined list of websites and compare > actual to > >> expected results. Any suggestions for the automation setup? I > have some > >> experience with Selenium/chromedriver, but I wonder if there is > something > >> easier for testing a Chrome extension ... Remember, this has to > be a real > >> Chrome browser (need Chrome's exact V8 featureset, extensions > support), > >> which means things PhantomJS are out. > >> > > > > From dmarti at zgp.org Sat Dec 13 08:07:20 2014 From: dmarti at zgp.org (Don Marti) Date: Sat, 13 Dec 2014 08:07:20 -0800 Subject: [PrivacyBadger] Tracking warnings for sites Message-ID: <20141213160720.GA10336@rosmarinus.attlocal.net> There are many reasons for a legit site to encourage users to install a tracking protection tool. For example, an ad-supported original content site can benefit by making it harder to track its valuable audience to less expensive sites. For most users on most browsers, though, third-party tracking is hard to spot. Sites can help with a little bit of third-party JavaScript. Experiment with a tracking warning system: http://ad.aloodo.com/ The general idea is: add an iframe on the page and try a tracking cookie within the iframe. If site-to-site tracking succeeds, send a message to the containing page, which can put up a notification, or implement a lightweight, easy to bypass, "reverse tracking wall" on a page (hide content or redirect if tracking has succeded). Comments, suggestions, pull requests welcome. -- Don Marti http://zgp.org/~dmarti/ dmarti at zgp.org From cooperq at eff.org Tue Dec 16 18:29:24 2014 From: cooperq at eff.org (Cooper Quintin) Date: Tue, 16 Dec 2014 18:29:24 -0800 Subject: [PrivacyBadger] Privacy Badger 0.2.4 has been released! Message-ID: <5490EA84.1020607@eff.org> Privacy Badger 0.2.4 has been released: https://www.eff.org/files/privacy-badger-0.2.4.xpi >From the Changelog: 0.2.4 (2014-12-05) * Dialog to allow user to whitelist certain trackers to improve functionality. * Fixes to icon display code to make Privacy Badger work in nightly. * Revamped icon that should look better on dark backgrounds. * Misc other bug fixes 0.2.3 (2014-10-16) * Strip cookies from DNT policy recheck * Don't recheck DNT policy each time the browser is started * User preference to turn off DNT policy check From borisdn34 at gmail.com Wed Dec 17 12:10:32 2014 From: borisdn34 at gmail.com (Boris Dayan) Date: Wed, 17 Dec 2014 22:10:32 +0200 Subject: [PrivacyBadger] PrivacyBadger Digest, Vol 8, Issue 4 In-Reply-To: References: Message-ID: where can I download privacy-badger-0.2.4. 2014-12-17 22:00 GMT+02:00 : > > Send PrivacyBadger mailing list submissions to > privacybadger at eff.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.eff.org/mailman/listinfo/privacybadger > or, via email, send a message with subject or body 'help' to > privacybadger-request at eff.org > > You can reach the person managing the list at > privacybadger-owner at eff.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of PrivacyBadger digest..." > > > Today's Topics: > > 1. Privacy Badger 0.2.4 has been released! (Cooper Quintin) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 16 Dec 2014 18:29:24 -0800 > From: Cooper Quintin > To: privacybadger at eff.org > Subject: [PrivacyBadger] Privacy Badger 0.2.4 has been released! > Message-ID: <5490EA84.1020607 at eff.org> > Content-Type: text/plain; charset=utf-8 > > Privacy Badger 0.2.4 has been released: > > https://www.eff.org/files/privacy-badger-0.2.4.xpi > > >From the Changelog: > > 0.2.4 (2014-12-05) > * Dialog to allow user to whitelist certain trackers to improve > functionality. > * Fixes to icon display code to make Privacy Badger work in nightly. > * Revamped icon that should look better on dark backgrounds. > * Misc other bug fixes > 0.2.3 (2014-10-16) > * Strip cookies from DNT policy recheck > * Don't recheck DNT policy each time the browser is started > * User preference to turn off DNT policy check > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > PrivacyBadger mailing list > PrivacyBadger at eff.org > https://lists.eff.org/mailman/listinfo/privacybadger > > > ------------------------------ > > End of PrivacyBadger Digest, Vol 8, Issue 4 > ******************************************* > -------------- next part -------------- An HTML attachment was scrubbed... URL: From borisdn34 at gmail.com Wed Dec 17 12:11:35 2014 From: borisdn34 at gmail.com (Boris Dayan) Date: Wed, 17 Dec 2014 22:11:35 +0200 Subject: [PrivacyBadger] PrivacyBadger Digest, Vol 8, Issue 4 In-Reply-To: References: Message-ID: I understand this is the new version? 2014-12-17 22:10 GMT+02:00 Boris Dayan : > > where can I download privacy-badger-0.2.4. > > 2014-12-17 22:00 GMT+02:00 : >> >> Send PrivacyBadger mailing list submissions to >> privacybadger at eff.org >> >> To subscribe or unsubscribe via the World Wide Web, visit >> https://lists.eff.org/mailman/listinfo/privacybadger >> or, via email, send a message with subject or body 'help' to >> privacybadger-request at eff.org >> >> You can reach the person managing the list at >> privacybadger-owner at eff.org >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of PrivacyBadger digest..." >> >> >> Today's Topics: >> >> 1. Privacy Badger 0.2.4 has been released! (Cooper Quintin) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Tue, 16 Dec 2014 18:29:24 -0800 >> From: Cooper Quintin >> To: privacybadger at eff.org >> Subject: [PrivacyBadger] Privacy Badger 0.2.4 has been released! >> Message-ID: <5490EA84.1020607 at eff.org> >> Content-Type: text/plain; charset=utf-8 >> >> Privacy Badger 0.2.4 has been released: >> >> https://www.eff.org/files/privacy-badger-0.2.4.xpi >> >> >From the Changelog: >> >> 0.2.4 (2014-12-05) >> * Dialog to allow user to whitelist certain trackers to improve >> functionality. >> * Fixes to icon display code to make Privacy Badger work in nightly. >> * Revamped icon that should look better on dark backgrounds. >> * Misc other bug fixes >> 0.2.3 (2014-10-16) >> * Strip cookies from DNT policy recheck >> * Don't recheck DNT policy each time the browser is started >> * User preference to turn off DNT policy check >> >> >> ------------------------------ >> >> Subject: Digest Footer >> >> _______________________________________________ >> PrivacyBadger mailing list >> PrivacyBadger at eff.org >> https://lists.eff.org/mailman/listinfo/privacybadger >> >> >> ------------------------------ >> >> End of PrivacyBadger Digest, Vol 8, Issue 4 >> ******************************************* >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From alexander.buchner at posteo.de Wed Dec 17 12:54:43 2014 From: alexander.buchner at posteo.de (Alexander Buchner) Date: Wed, 17 Dec 2014 21:54:43 +0100 Subject: [PrivacyBadger] Privacy Badger 0.2.4 has been released! In-Reply-To: <5490EA84.1020607@eff.org> References: <5490EA84.1020607@eff.org> Message-ID: <5491ED93.1030402@posteo.de> On 17.12.2014 03:29, Cooper Quintin wrote: > Privacy Badger 0.2.4 has been released: > > https://www.eff.org/files/privacy-badger-0.2.4.xpi > > From the Changelog: > > 0.2.4 (2014-12-05) > * Dialog to allow user to whitelist certain trackers to improve > functionality. > * Fixes to icon display code to make Privacy Badger work in nightly. > * Revamped icon that should look better on dark backgrounds. > * Misc other bug fixes > 0.2.3 (2014-10-16) > * Strip cookies from DNT policy recheck > * Don't recheck DNT policy each time the browser is started > * User preference to turn off DNT policy check Is this only for Firefox or is it also coming for Chrome? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From alexander.buchner at posteo.de Wed Dec 17 12:56:09 2014 From: alexander.buchner at posteo.de (Alexander Buchner) Date: Wed, 17 Dec 2014 21:56:09 +0100 Subject: [PrivacyBadger] PrivacyBadger Digest, Vol 8, Issue 4 In-Reply-To: References: Message-ID: <5491EDE9.7020706@posteo.de> On 17.12.2014 21:10, Boris Dayan wrote: > where can I download privacy-badger-0.2.4. For Firefox: https://www.eff.org/files/privacy-badger-0.2.4.xpi For Chrome it will hopefully be updated through the web store?! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From cooperq at eff.org Wed Dec 17 14:28:15 2014 From: cooperq at eff.org (Cooper Quintin) Date: Wed, 17 Dec 2014 14:28:15 -0800 Subject: [PrivacyBadger] PrivacyBadger Digest, Vol 8, Issue 4 In-Reply-To: <5491EDE9.7020706@posteo.de> References: <5491EDE9.7020706@posteo.de> Message-ID: <5492037F.9090507@eff.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As Alexander said the firefox release can be found at https://www.eff.org/files/privacy-badger-0.2.4.xpi (the link was in the release announcement email). This release doesn't have an associated chrome release since the fixes to firefox were all fixes that are already in the chrome version. This brings firefox up to feature parity with the chrome version. The next release will include both chrome and firefox. - - Cooper On 12/17/2014 12:56 PM, Alexander Buchner wrote: > On 17.12.2014 21:10, Boris Dayan wrote: >> where can I download privacy-badger-0.2.4. > > For Firefox: https://www.eff.org/files/privacy-badger-0.2.4.xpi > > For Chrome it will hopefully be updated through the web store?! > > > > _______________________________________________ PrivacyBadger > mailing list PrivacyBadger at eff.org > https://lists.eff.org/mailman/listinfo/privacybadger > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUkgN+AAoJENDqe2/wr+LKADAP/2qmdx+zLhP8bYOxet+CUlOZ wsR7oPXxq/UKU2pJZs0Mv3PKtevDsiqgaOLose69hDkKeh6VcZ0ERvAZwWD8YiWM kLkSvLkpOZ2dr7N5GCMWXPieey7f1OofwLCNMGhFFXqWQ+QouQB+xYF76rGYNn9n 0uvVjXAR7k1jrz8bjfwmGeiokGizZjdsBGB359LVDyoTiuGv3nMVqOs32QvpuzdN TmIKT5/GItStbtY76zbUof7zzHJ5daBDYDTjhQmPGRBW0a9ynT2dbkUkxeZgUpXy mNO5A49O7Y6ykW8AymZXk21cqQJYvVHSzCpXkW7BWzfcTI50cnTS7fj4BkSpY9t1 O3w8rrG9AzT/cYKE5I6pvMbH1o5rN089m4Ln3YL4UIR9l392RHu1UI62JwG71Gb+ sjn0MTC0nbpE8sqr/+KqiyAW+NyIL02rAPi4B9J8C9m/Zb80gFR6/IwOsfG0F96T sNVvfU/lv3g96/cKkEn6lVd/U5+yNLkKNEwYWl0J1W0q6x/scqecsfT6t+vuTj+T PGZCALsrXZ6A1CWT2FTipyK6WBjYQ27ZDDjHERfpoNLGh1bYTHp+pEqhY3acy7bl /B/IM/GrDfCeY/0KLWoyhf2OY2b7ggLvttUwoIR2CKUx3yhGbsuiMOO/P8AEJvPb W9LJ/cXKy0kabfTFyAZ+ =/H3C -----END PGP SIGNATURE----- From cooperq at eff.org Thu Dec 18 15:14:48 2014 From: cooperq at eff.org (Cooper Quintin) Date: Thu, 18 Dec 2014 15:14:48 -0800 Subject: [PrivacyBadger] Privacy Badger 0.2.5 has been released! Message-ID: <54935FE8.4020509@eff.org> Privacy Badger 0.2.5 has been released: https://www.eff.org/files/privacy-badger-0.2.5.xpi >From the Changelog: 0.2.5 (2014-12-18) * Fixes issue with disqus 'allow domain' dialog infinite loop * Adds counter of potential trackers on a site for FF >= 36.0 0.2.4 (2014-12-17) * Dialog to allow user to whitelist certain trackers to improve functionality. * Fixes to icon display code to make Privacy Badger work in nightly. * Revamped icon that should look better on dark backgrounds. * Misc other bug fixes 0.2.3 (2014-10-16) * Strip cookies from DNT policy recheck * Don't recheck DNT policy each time the browser is started * User preference to turn off DNT policy check From sirald66 at gmail.com Mon Dec 22 14:05:04 2014 From: sirald66 at gmail.com (ANDY) Date: Mon, 22 Dec 2014 15:05:04 -0700 Subject: [PrivacyBadger] Rights Badger - terms of service and privacy policy compliance Message-ID: [OFF TOPIC] As a suggestion, an extension that matches the terms/privacy sites offer and the terms/privacy that you expect. The server would provide a secure file classifying the elements of their terms; the client/extension would notify when personal limits have been passed. For example, they declare owning anything you put on their service; can sell/provide it to a 3rd-party; will sell it or destroy it in case of bankruptcy and/or change of ownership. The advantage to such an extension is for those that don't read the endless legalese (virtually everyone) and notification when they make a substantive change. ANDY - Salt Lake, UT US -------------- next part -------------- An HTML attachment was scrubbed... URL: From cooperq at eff.org Mon Dec 22 14:51:42 2014 From: cooperq at eff.org (Cooper Quintin) Date: Mon, 22 Dec 2014 14:51:42 -0800 Subject: [PrivacyBadger] Rights Badger - terms of service and privacy policy compliance In-Reply-To: References: Message-ID: <5498A07E.2020803@eff.org> You should check out ToS;dr it pretty much does exactly this: https://tosdr.org/ On 12/22/2014 02:05 PM, ANDY wrote: > [OFF TOPIC] > > > As a suggestion, an extension that matches the terms/privacy sites offer > and the terms/privacy that you expect. > > The server would provide a secure file classifying the elements of their > terms; the client/extension would notify when personal limits have been > passed. > > For example, they declare owning anything you put on their service; can > sell/provide it to a 3rd-party; will sell it or destroy it in case of > bankruptcy and/or change of ownership. > > The advantage to such an extension is for those that don't read the > endless legalese (virtually everyone) and notification when they make a > substantive change. > > > ANDY - Salt Lake, UT US > > > _______________________________________________ > PrivacyBadger mailing list > PrivacyBadger at eff.org > https://lists.eff.org/mailman/listinfo/privacybadger >