[privacytoolsIO/privacytools.io] 🌐 Website Issue | Add more categories for Browser Add-ons (#1327) #1346

New Issue

2019-09-24T17:31:13Z

Mikaela commented

2019-09-24 17:31:13 +00:00

(Migrated from github.com)

Restoring issue created by flagged GitHub account.

Description

Currently, we only have two types of categories for add-ons:

Improve your privacy with these browser add-ons.
These addons require quite a lot of interaction from the user. Some sites will not work properly > until you have configured the add-ons.
However, like I previously mentioned, certain extensions don't really fit in either definitions.
Namely:

Terms of Service; Didn’t Read
Snowflake
Cookie AutoDelete (might have uses?)
I think there ought to be a new category for these kind of extensions.

Restoring issue created by flagged GitHub account. > ## Description > Currently, we only have two types of categories for add-ons: > > Improve your privacy with these browser add-ons. > These addons require quite a lot of interaction from the user. Some sites will not work properly > until you have configured the add-ons. > However, like I previously mentioned, certain extensions don't really fit in either definitions. > Namely: > > Terms of Service; Didn’t Read > Snowflake > Cookie AutoDelete (might have uses?) > I think there ought to be a new category for these kind of extensions.

👍 1

blacklight447 commented

2019-09-30 08:50:03 +00:00

(Migrated from github.com)

how about three categories:
Essential,Extra, and For power users?

how about three categories: Essential,Extra, and For power users?

Mikaela commented

2019-10-01 15:37:33 +00:00

(Migrated from github.com)

I need to read the extensions through with a better time. I think I am a bit of disagree'er on Privacy Badger, so I don't think your categories would work as we would have disagreement.

Mikaela commented

2019-10-02 04:47:44 +00:00

(Migrated from github.com)

General

uBlock Origin: Block Ads and Trackers

Cookie AutoDelete: Automatically Delete Cookies

HTTPS Everywhere: Secure Connections

Optional

Decentraleyes: Block Content Delivery Networks

Terms of Service; Didn’t Read: Be Informed

Snowflake

Privacy Badger: Stop Tracking - if you are fine with non-tracking advertisements and don't want to use a external blocklist. May complement your µBlock.

Advanced

uMatrix: Stop Cross-Site Requests

NoScript Security Suite: Be in total control

## General uBlock Origin: Block Ads and Trackers Cookie AutoDelete: Automatically Delete Cookies HTTPS Everywhere: Secure Connections ## Optional Decentraleyes: Block Content Delivery Networks Terms of Service; Didn’t Read: Be Informed Snowflake Privacy Badger: Stop Tracking - if you are fine with non-tracking advertisements and don't want to use a external blocklist. May complement your µBlock. # Advanced uMatrix: Stop Cross-Site Requests NoScript Security Suite: Be in total control

Mikaela commented

2019-10-02 04:50:32 +00:00

(Migrated from github.com)

My list above doesn't take into account https://github.com/privacytoolsIO/privacytools.io/issues/1292 the CSP handling, so it may contain incompatible ones, so I think #1292 should be thought about together with this.

blacklight447 commented

2019-10-04 11:18:32 +00:00

(Migrated from github.com)

I think this would be okay, ill try and make a pr for this this morning . do we still want coolie auto delete though? @thorin-oakenpants had some issues with it if i recall correctly.

Thorin-Oakenpants commented

2019-10-04 14:30:33 +00:00

(Migrated from github.com)

do we still want coolie auto delete though? Thorin-Oakenpants had some issues with it if i recall correctly

I have issues with all cookie extensions that are used for sanitizing (clearing persistent data) because at best, they provide a false sense of privacy. There are no APIs for clearing a lot of persistent local storage by host: and until they can do that, sites can still store persistent data in e.g IndexedDB or service worker cache - and re-apply it on subsequent visits: a la zombie data. Basically, what I'm saying is that Cookie Extensions are snake oil - that's my opinion, not a reflection on those who make them etc.

The only method I would trust is containers: because they do have the right APIs. e.g. use Temporary Containers in a hardened config (every new tab/domain is a new container) - but I don't expect that to be suggested to most of your readers (personally I use a different method: don't ask). Instead I would encourage them to use

start in normal window mode, and use New Private Window a lot
Containers
FPI
Sanitize on close

> do we still want coolie auto delete though? Thorin-Oakenpants had some issues with it if i recall correctly I have issues with all cookie extensions that are used for sanitizing (clearing persistent data) because at best, they provide a false sense of privacy. There are no APIs for clearing a lot of persistent local storage by host: and until they can do that, sites can still store persistent data in e.g IndexedDB or service worker cache - and re-apply it on subsequent visits: a la zombie data. Basically, what I'm saying is that Cookie Extensions are snake oil - that's my opinion, not a reflection on those who make them etc. The only method I would trust is containers: because they do have the right APIs. e.g. use Temporary Containers in a hardened config (every new tab/domain is a new container) - but I don't expect that to be suggested to most of your readers (personally I use a different method: don't ask). Instead I would encourage them to use - start in normal window mode, and use `New Private Window` a lot - Containers - FPI - Sanitize on close

👍 1

blacklight447 commented

2019-10-04 15:21:48 +00:00

(Migrated from github.com)

@Thorin-Oakenpants so technically, if people want the affect they think they get with cookie auto delete, we should advice them to configure firefox to basically always use private mode?

Thorin-Oakenpants commented

2019-10-04 15:35:11 +00:00

(Migrated from github.com)

No, because in PB Mode you have even less control over persistent local storage (designed that way: e.g you can't see or control cookies etc: or at least in the past you couldn't: not really interested in it TBH) - hence I said "start in normal window mode". And in PB Mode you can't use containers.

If you start in normal mode, then when you open a PB window (or several), that's a separate session where everything (I think) is memory only: and everything is sanitized when all PB Mode windows are closed. Then when you open a new one, it starts again.

You can basically achieve almost everything PB Mode does in normal window sessions anyway

No, because in PB Mode you have even less control over persistent local storage (designed that way: e.g you can't see or control cookies etc: or at least in the past you couldn't: not really interested in it TBH) - hence I said "start in normal window mode". And in PB Mode you can't use containers. If you start in normal mode, then when you open a PB window (or several), that's a separate session where everything (I think) is memory only: and everything is sanitized when **all** PB Mode windows are closed. Then when you open a new one, it starts again. You can basically achieve almost everything PB Mode does in normal window sessions anyway

This repo is archived. You cannot comment on issues.