-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Privacy badger thinks matrix.org is snooping #9185
Comments
Hi @Biep - can you advise where in the process Privacy Badger blocked registration, and how you experienced that as part of the sign up process? Also thanks for sharing those links - I've submitted a whitelist application to acceptableads. I'll try and look into the eff dnt business when I get a chance :) |
Ugh, well, this is fun.
I guess that this means that if you connect to the same homeserver from multiple riot instances, Privacy Badger will start 'helping' by flagging that homeserver as a third party tracker and interfering with its business. Without researching this in more detail, it looks like Privacy Badger's MO might be fundamentally incompatible with browser-based 'client' software; Riot is only useful when it's connecting to a 'third party' service - i.e. the homeserver (and it's not uncommon to connect to the same homeserver from multiple different domains). The scalar instance might be even more of a worry, seeing as (at the moment) almost every riot instance is going to connect to the same scalar instance even if each client is linked with a different homeserver :( |
There might be some utility in trying to get matrix.org onto their 'yellowlist' (criteria), or to making the formal declaration of Do Not Track. Being on the yellowlist would solve the issue for matrix.org (for now at least), but it wouldn't address the issue for homeservers/web-based-riots more generally. Making the do not track statement might work, I'd have to better understand what applies (I imagine not much, because people are only really connecting to a homeserver via the riot client in order to be tracked, if tracked == having an ongoing stateful chat session). |
All of this said, I tried to get matrix.lant.uk blocked by connecting via >3 clients on different domains - PrivacyBadger had flagged it as a potential tracker, but was defaulting to green. |
I understand Matrix.org has been whitelisted already - maybe so have other servers? Or the Privacy Badger team has looked into it and whitelisted all servers, or made them be recognised automatically?
Just guessing some possibilities..
…---- Op Mon, 29 Apr 2019 17:36:58 +0200 Tom Lant <notifications@github.com> schreef ----
All of this said, I tried to get matrix.lant.uk blocked by connecting via >3 clients on different domains - PrivacyBadger had flagged it as a potential tracker, but was defaulting to green.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
fwiw it might be relevant to also whitelist/yellowlist vector.im as I just got stuck by PB suddently deciding it was a tracker that should be blocked entirely (which prevents the whole of Riot to fail to load). |
* Device manager - scroll to filtered list from security recommendations ([\element-hq#9227](matrix-org/matrix-react-sdk#9227)). Contributed by @kerryarchibald. * Device manager - updated dropdown style in filtered device list ([\element-hq#9226](matrix-org/matrix-react-sdk#9226)). Contributed by @kerryarchibald. * Device manager - device type and verification icons on device tile ([\element-hq#9197](matrix-org/matrix-react-sdk#9197)). Contributed by @kerryarchibald. * Ignore unreads in low priority rooms in the space panel ([\element-hq#6518](matrix-org/matrix-react-sdk#6518)). Fixes element-hq#16836. * Release message right-click context menu out of labs ([\element-hq#8613](matrix-org/matrix-react-sdk#8613)). * Device manager - expandable session details in device list ([\element-hq#9188](matrix-org/matrix-react-sdk#9188)). Contributed by @kerryarchibald. * Device manager - device list filtering ([\element-hq#9181](matrix-org/matrix-react-sdk#9181)). Contributed by @kerryarchibald. * Device manager - add verification details to session details ([\element-hq#9187](matrix-org/matrix-react-sdk#9187)). Contributed by @kerryarchibald. * Device manager - current session expandable details ([\element-hq#9185](matrix-org/matrix-react-sdk#9185)). Contributed by @kerryarchibald. * Device manager - security recommendations section ([\element-hq#9179](matrix-org/matrix-react-sdk#9179)). Contributed by @kerryarchibald. * The Welcome Home Screen: Return Button ([\element-hq#9089](matrix-org/matrix-react-sdk#9089)). Fixes element-hq#22917. Contributed by @justjanne. * Device manager - label devices as inactive ([\element-hq#9175](matrix-org/matrix-react-sdk#9175)). Contributed by @kerryarchibald. * Device manager - other sessions list ([\element-hq#9155](matrix-org/matrix-react-sdk#9155)). Contributed by @kerryarchibald. * Implement MSC3846: Allowing widgets to access TURN servers ([\element-hq#9061](matrix-org/matrix-react-sdk#9061)). * Allow widgets to send/receive to-device messages ([\element-hq#8885](matrix-org/matrix-react-sdk#8885)). * Add super cool feature ([\element-hq#9222](matrix-org/matrix-react-sdk#9222)). Contributed by @gefgu. * Make use of js-sdk roomNameGenerator to handle i18n for generated room names ([\element-hq#9209](matrix-org/matrix-react-sdk#9209)). Fixes element-hq#21369. * Fix progress bar regression throughout the app ([\element-hq#9219](matrix-org/matrix-react-sdk#9219)). Fixes element-hq#23121. * Reuse empty string & space string logic for event types in devtools ([\element-hq#9218](matrix-org/matrix-react-sdk#9218)). Fixes element-hq#23115. * Reduce amount of requests done by the onboarding task list ([\element-hq#9194](matrix-org/matrix-react-sdk#9194)). Fixes element-hq#23085. Contributed by @justjanne. * Avoid hardcoding branding in user onboarding ([\#9206](matrix-org/matrix-react-sdk#9206)). Fixes element-hq#23111. Contributed by @justjanne. * End jitsi call when member is banned ([\element-hq#8879](matrix-org/matrix-react-sdk#8879)). Contributed by @maheichyk. * Fix context menu being opened when clicking message action bar buttons ([\element-hq#9200](matrix-org/matrix-react-sdk#9200)). Fixes element-hq#22279 and element-hq#23100. * Add gap between checkbox and text in report dialog following the same pattern (8px) used in the gap between the two buttons. It fixes element-hq#23060 ([\element-hq#9195](matrix-org/matrix-react-sdk#9195)). Contributed by @gefgu. * Fix url preview AXE and layout issue & add percy test ([\element-hq#9189](matrix-org/matrix-react-sdk#9189)). Fixes element-hq#23083. * Wrap long space names ([\element-hq#9201](matrix-org/matrix-react-sdk#9201)). Fixes element-hq#23095. * Attempt to fix `Failed to execute 'removeChild' on 'Node'` ([\element-hq#9196](matrix-org/matrix-react-sdk#9196)). * Fix soft crash around space hierarchy changing between spaces ([\element-hq#9191](matrix-org/matrix-react-sdk#9191)). Fixes matrix-org/element-web-rageshakes#14613. * Fix soft crash around room view store metrics ([\element-hq#9190](matrix-org/matrix-react-sdk#9190)). Fixes matrix-org/element-web-rageshakes#14361. * Fix the same person appearing multiple times when searching for them. ([\element-hq#9177](matrix-org/matrix-react-sdk#9177)). Fixes element-hq#22851. * Fix space panel subspace indentation going missing ([\element-hq#9167](matrix-org/matrix-react-sdk#9167)). Fixes element-hq#23049. * Fix invisible power levels tile when showing hidden events ([\element-hq#9162](matrix-org/matrix-react-sdk#9162)). Fixes element-hq#23013. * Space panel accessibility improvements ([\element-hq#9157](matrix-org/matrix-react-sdk#9157)). Fixes element-hq#22995. * Fix inverted logic for showing UserWelcomeTop component ([\element-hq#9164](matrix-org/matrix-react-sdk#9164)). Fixes element-hq#23037.
I discovered why I had problems creating new accounts in Firefox: Privacy Badger is blocking matrix.org. There is a whitelist - it might be a good idea to get matrix.org on it (by declaring you won't abuse the information you collect).
https://acceptableads.com/en/get-whitelisted/
https://www.eff.org/dnt-policy
The text was updated successfully, but these errors were encountered: