Online Spyware Watchdog

spyware.neocities.org/

I just started a website on neocities which is supposed to host articles about spyware programs explaining why they are spyware, and I want to know if anyone wants to contribute to it. All you have to do is email me an HTML file with your article, and i'll put it up. The goal is to have a resource on the web explaining why certain programs are spyware based on a reasonable criteria, so that people can have a comprehensive reference in one place. I have begun writing a first draft of this criteria here: spyware.neocities.org/guides/classify.html But it's obviously incomplete and needs a lot of work. Eventually I hope that this site will have a lot of well written articles, but right now it needs people who want to contribute. You don't have to create anything that's perfect or lists all of the reasons why X program is spyware, any content at all is good enough as a base, since articles can be improved in the future.

An example article is provided here: spyware.neocities.org/articles/example.html which should be used as a base for writing articles to submit to the site.

Other urls found in this thread:

motherfuckingwebsite.com/
sfsu.edu/~jtolson/textures/textures.htm
sfsu.edu/~jtolson/textures/sort/mixed/grstripe/9.htm
spyware.neocities.org/guides/style.html
spyware.neocities.org/articles/discord.html
neocities.org/terms
spyware.neocities.org/articles/firefox.html
pixabay.com/p-157347
tldrlegal.com
pastebin.com/x6BGxKVD
pastebin.com/cgmjpknS
unhandledexpression.com/2013/12/17/telegram-stand-back-we-know-maths/
cryptofails.com/post/70546720222/telegrams-cryptanalysis-contest
f-droid.org/en/packages/org.telegram.messenger/
bestmotherfucking.website/
palemoon.org/privacy.shtml
detectportal.firefox.com/success.txt)
bettermotherfuckingwebsite.com/
spyware.neocities.org/articles/vivaldi.html
spyware.neocities.org/guides/classify.html
ghacks.net/2017/07/13/privacy-blunder-firefox-getaddons-page-google-analytics/
github.com/mozilla/addons-frontend/issues/2785
creativecommons.org/licenses/by-sa/4.0/
support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections
spyware.neocities.org/articles/chrome.html
8ch.net/tech/chrome.html

Does the FSF not already sort of have this with a somewhat wider scope? These days it is safe to assume that proprietary software targeted at consumers is spyware, however finding the concrete mechanisms might be pretty difficult. For example most use "web apps" these days like YouTube Facebook etc. but the tracking scripts are heavily obfuscated, bundled with the ones necessary for site functionality so that adblockers don't block them etc.

The FSF has some articles about why some programs are bad, and so does Stallman's personal website, but this is a website specifically about the topic, since I couldn't find one. The point is just to put all of the information into one place where it can be easily found, instead of remembering links spread around the internet when you want a resource documenting different incidents and proofs that a program is spyware.

It's also important to differentiate the many levels of severity of the spyware that the program can have, and explain why something like Steam is much more severe than paint.net, but both have problems.

That example article really doesn't show how we're supposed to write one. You need an actual example.

You're right, but, really I will accept any kind of article that loosely follows that structure, so there isn't any pressure in submitting something. I plan on writing a few articles to get it started, I was just excited and wanted to share the site here.

If you don't know shit about html, use static site generators at least. Scores are dum, but color coding would help. Simply explain what and how the program collects the data, who developed it and whom it might collect data for. Start with Discord.

I know HTML, I just don't think there is anything wrong with posting basic HTML sites. See motherfuckingwebsite.com/

But I do know how to make a nicer looking site. I'll take your advice since most people find basic HTML off-putting.

The scores are just supposed to be a TLDR, at-a-glance look at how many spyware features a program has. I could make a 1-5 scale of how bad the spyware is, I don't really know what the best metric is.

This website is an aesthetic 8/10.

You're looking at it as im editing it right now, that's why it looks such a way.

By the way, if you want to know an easy way of being aesthetic, it's to add in some of these:
sfsu.edu/~jtolson/textures/textures.htm

Because of the way modern web is viewed you can't simply slap text into body tag and call it a day. Go read something about typography first.
Add some CSS and structured links, as I said, use a static generator and don't pretend to be tryharder. You may pick werc as an example. The site will be perfectly fine for those autists who choose to navigate it with Lynx.

Pure heaven
sfsu.edu/~jtolson/textures/sort/mixed/grstripe/9.htm

Why not? It looks fine and works fine. I don't get how it's "tryhard" to type out a website.

I will be writing an article on Mozilla Firefox. Should I post the images here or send them by email too?

You should send them by email, that makes it easier for me. Thanks a lot for contributing!

Also, I need some feedback on how the site looks now, of course I can change it easily, so i'm trying to find something that looks nice.

this web1.0 website is excellent.

found a typo
spyware.neocities.org/guides/style.html
"example article as a refrence, so"
refrence

maybe type this out in something with spellcheck before formatting it into html.

i don't know about this background. maybe straight black background + white or light light gray would work better.

I've begun working on an article about discord, as an user previously suggested. You can read it in progress here:
spyware.neocities.org/articles/discord.html

Any helpful links or info about this topic would be very nice to have.


Thanks! I've fixed this error now. I plan on doing that later.


If you want, you could play with the HTML attributes on the page and show me what kind of thing you're thinking of. You're right that maybe it should just be a straight black, i'll try and see if I can find a nicer background that isn't as noisy.

i'm shit at design but something similar to a dark terminal theme might look cool
pic related is gentoo's terminal colors

I hope your site contains spyware because that would be hilarious

Make sure to add that the desktop client is worse than the regular client.

If you're making a site like this, I definitely would use a static site generator. It's much less of a hassle than keeping track of templates, and let's you easily set up things like tags and archives. I used Hugo to make my website.
Https://spacebudokan.com
Shameless shilling.

Finished and sent Firefox article. Hope you'll like it!

i looked at neocities terms thinking i would find some ridiculous privacy policy or something referencing all the data collect and found this.

forgot link
neocities.org/terms

That is pretty cool, but wouldn't you just open the site in lynx in your gentoo terminal to see it that way? I like terminal sites, but I usually just open up a terminal to look at them that way.


Can you elaborate? I've only used the desktop client.


Thanks for the contribution! It's up right now, you can look at it here:
spyware.neocities.org/articles/firefox.html

It looks like a great start, i'm sure lots of other anons know a lot about things to add on to this article as well.

that's a good point, and since this is html only it would show up fine in console browsers.

IIRC it snoops on the programs that are currently open and sends them to Discord. I don't think it broadcasts every game that is running, but it tries to figure out what game / software you are running. They recently added a feature where certain applications can even share data about their current status.

...

The firefox article has broken images.

screenshot? It looks fine on my end, so I don't know what to fix.

There is the logo, but I sent a few other images showing the requests Firefox makes, and they aren't there.

Oh, i'm sorry about that. I didn't realize. It's fixed now.

I'm going to go to bed, so if anyone submits any articles or suggests any changes to existing articles, i'll check my email when I wake up and sort that out. I have finished the discord article for now, so if anyone has something to add to that article, please email me with a new file.

I made a mistake in the Firefox article. The "is" in " is uniquely identifies you." should be removed.

Also, in your Discord article, anywhere you have "availlibie" it should be "available".

bookmarked. that's nice

they do but they do not provide solid proofs

Nobody is going to take you seriously, and righfully so.

Please don't.

If a program collects information on it's users, it's spyware. The article about Firefox has some solid evidence in it.

...

I just updated the entry on firefox, because overnight two anons emailed me with amendments and changes that I could make to the article, which were successfully merged. Any further edits should be made with the most up-to-date firefox article, in case anyone is working on changes to the article right now. You can view it at: spyware.neocities.org/articles/firefox.html

Thanks to everyone for contributing!

I think I've made my final additions to the Firefox article. By the way, I love the project. Hope it grows!

Those changes have just been added, thanks again for the contributions. I'm going to try and cross post this on other websites to increase the contributor pool, as well.

I could design the site; HTML & CSS isn't difficult and I need some more things to do in my free time. Where can I submit some potential templates?

Email me at: [email protected] . (It's in my email field ) and i'd be happy to check those out!

Polite sage on myself. Just saw the email address in the FAQ. The project wants a basic and organized look, yes?

Basically, yes. It's also important to only use basic HTML features.

Only negative critique I wan't to add is that horrendous background image (tiling). Why not some plain color? It's extremely distracting.

what year is it?

Hey, what's the font used in the logo?

Impact

I hope this isn't too post-modern.

I've got the canine from here: pixabay.com/p-157347 It's safe to use.

If you're interested in the stylesheet lemme know and i'll email it to you.

That looks good, I usually make sites that looks like they are a lot older than they are, but it's probably a good idea to figure out how to give the site some kind of feature like a preferred layout.

Feel free to email it to me

tldrlegal.com
Read some EULAs and such

That'd be a good idea, and easy to implement considering how basic the HTML and CSS is.


I'll finish polishing it and i'll send you.

I'm happy you two liked it.

Attached are some of my scrapped attempts at the logo, i wasn't taking myself too seriously with ones with the white doodles over it.

I don't understand the relevance of this- is this the right thread?

Whether a program is free or not doesn't make it spyware or not. Free programs like firefox contain spyware, and nonfree programs can be spyware free.


Just one person, I forgot to mention that you should email me.

Oh god, I'm not even reading your website, I just love the goddam a e s t h e t i c . Gotta love that old Geocities/Angelfire early 90s feel.

Been working on it off and on. Welcome criticism and changes. Here's some pics.

Wow, shitty screenshot utility. Here's the fixed stuff.

More pics.

Do you know how to make a site use two different layouts? This is my only problem, since I want to be able to view it as the current layout that it has now, since I like the current layout the best.

It's best to just pick a single layout and roll with it.

I guess I could think about redesigning the site later, then, since I like the layout that I have right now quite a lot. Sorry about the trouble...

No worries. We're just tossing around ideas. Helps everyone get organized.

No problem. But you can enable changing the style with simple Javascript though.

Instead of emailing you my contribution i'll just provide it here if anyone want to edit it:
Index with CSS and HTML: pastebin.com/x6BGxKVD
Logo: pastebin.com/cgmjpknS

The only thing that annoys me about the current design is that it's too wide. White space isn't always a bad thing, especially when the content is just walls of text.
body { max-width: 1200px; margin: 0 auto; padding-bottom: 5em;}h1,h2,h3,h4 { margin-top: 1.7em; font-family: serif; }h3,h4 { margin-bottom: 0.7em }p { margin: 0.25em 0; }

About Telegram:
- While using phone number as user data, it also sends OTP via SMS every time you log in by default, which is insecure and leaks metadata to cell carrier/LEA taps on SS7. Two Russian politicians were hacked this way.
- A sufficient attacker can bruteforce all phone numbers and find out who is who.
- Chats are not "secret" by default, no e2e encryption.
- "Secret" chats use OTR clone with nonce generated on the server. No key/fingerprint exchange before conversation either.
unhandledexpression.com/2013/12/17/telegram-stand-back-we-know-maths/
cryptofails.com/post/70546720222/telegrams-cryptanalysis-contest
- The protocol is not formally audited unlike Axolotl/OMEMO.
- There is no way to encrypt group chats. Pavel dislikes everything Moxie made. For obvious reasons.
- There is no local message storage encryption.
- Despite being "open soros" it requires non-free binaries to run. Mostly google shit.
f-droid.org/en/packages/org.telegram.messenger/
- Telegram is tied to FSB and is a cheeky honeypot for russian wrongthinkers.

This, it's way too wide. Optimal for reading is 50-60 characters

...

Your site really needs margins. See
bestmotherfucking.website/

This margin shit is stupid. Just let the browser render the text how it wants. User can set browser size to what he wants. Stop second-guessing the user! This is what makes the web so shit today. Also fuck the CSS and JS, those are botnet spyware for web beacons. Use plain HTML! If your content doesn't work in plain HTML, your shit is fucked up to begin with.

This nigger gets it.


Is all the margin you need.

Should we have an "alternatives" section after every article? So that, if people don't want to use spyware, they know what to switch to.

I'm back, thanks everyone for the further feedback and information. I'm going to add an email link to the top of every article so that hopefully more people email me content.


Good idea, i'll add in limits to how wide the text can get.


Thanks for this information, I can add this onto the telegram article, but if you have the time, you should edit the telegram article and email me your improved version. Let me know if you plan on emailing me an improved version of the telegram page, so that I don't duplicate work.


That sounds like a good idea. If you want to get that done faster, the best course of action is to amend the pages and then email me with your edits so that I can change the site. Preferably you can submit articles for the alternative, non spyware software in question so that you can link to those articles when suggesting alternatives.

Wait.
Was GeoCities fucking revived with a different name?

I don't know if its the same people, but neocities has been around for several years now.

Great idea OP. Have a bump

Ha! I was supposed to write an article about Pale Moon as a non-spyware, then I actually ran the same test as on Firefox and realized IT ACTUALLY SENDS ANALYTICS REQUESTS.

Wow, the rabbit hole just goes deeper than I thought.

This sounds great, I can't wait to see it! By the way, the privacy policy of Pale Moon details several spyware features here: palemoon.org/privacy.shtml

God is there any non poz'd web browser nowadays? God damn.

>I know HTML, I just don't think there is anything wrong with posting basic HTML sites. See motherfuckingwebsite.com/

Normies won't read it if it's formatted like this.
And non-normies already are educated on this.
You need to make normies read it.

Is there a proof for this specific part?

You should include possible fixes for each issue and test to see if they work. ex. Firefox has an option to turn off captive portal detection (the connection to detectportal.firefox.com/success.txt) by setting network.captive-portal-service.enabled in about:config to false. Does it work as claimed?
Knowing the problem is good, knowing what to do about it is better.

Wrote Vivaldi article instead.
I will probably write Pale Moon as well later though.

Lynx, (e)Links, w3m, dillo, and so on.


There's nothing wrong with that formatting. Add some color, images, and maybe change the font and people will read it. Well not everyone will read it. It's only the ones who are fed up enough to try and find answers and move away from the botnet. That by definition excludes the vast mass of normies, as they really don't care and will keep facebook-posting with smartphone. They expect the industry to change for them, for politicians to protect them, etc. Well with that mindset, they don't care at all about your page, no matter what it looks like.

>bettermotherfuckingwebsite.com/

Firefox page:
You can unclick "Block dangerous and deceptive content" to disable the "safe" browsing mechanism which sends data to Google. Your page makes it seem like there isn't an opt-out option.

BTW, I've modified the Firefox article so that it includes information about whether the spying can be disabled through the GUI, about:config, or not at all. Just waiting for the OP to upload it.

I'm awake again, so the Vivaldi article is availible here:
spyware.neocities.org/articles/vivaldi.html

And the firefox article has been updated successfully.

I'm not sure saying that it collects CC numbers would constitute it as spyware. The user has to make a conscious choice to give it to them and type it out fully themselves. I think it is more of a privacy concern then one of spying.
This was worded very poorly. What had happened is that there was code in one of the VAC modules which would upload the md5 hash of domain names that you have in your DNS cache. It had nothing to do with the process of searching. Valve said that this module was not active, but regardless from the out roar from the community it was removed. It is probably best to reword what is being said and change it to an example of what they have tried in the past rather than what they are currently doing.

The user also has a choice in other spyware programs to turn on spyware features such as "location services". Having an opt-out doesn't mean that it's not a legitimate criticism of the software. Credit Cards are a spyware platform anyway, so integrating your product with spyware platforms such as that means that any features that use them are spyware features.

You might think that it's overly broad to classify every single type of data collection as spyware, but that's why the project uses "spyware scores". It's up to you to figure out how much spyware you are willing to put up with. Since any form of data collection on users makes a program spyware, we have to decide which shade of gray we are comfortable with.

Steam is proprietary software, so there is no way to confirm that they don't record internet browsing history. You're right and i did change the language of that section.

If a piece of software had a bug report feature which asked for a name, email, and description of the bug would it be spyware because someone could type their real name into the name field? I think there is a clear distinction between when you are conscious of giving someone information and when a program takes this information without you knowing / only finding out at a later date.

Those features are certainly not malicious features, but it is a form of data collection and should be recorded, if only to be exhaustive and complete when documenting a program.

these articles are piss poor and riddled with spelling errors

If you want you can email me better versions, they're supposed to be improved upon.

Pretty good website design so far. But I have two questions. Why the weird background? Just make it a solid dark color. Also, most web browsers can wrap text just fine, you don't need to do it for them.

Earlier in the thread, it was complained about. So, I made it wrap early.

I put the tiling background in because I like tiling backgrounds for the asthetics. Other than that I have no good reason.

Suggestion: sort articles by their spyware score. Worst spyware at the top, maybe bolded or color-coded. But you'd have to develop a standardized spyware scoring method. Maybe out of 10 or percentage based.

Yeah, and this will take a bit of work to do.

I have a very basic attempt at standardizing spyware criteria here: spyware.neocities.org/guides/classify.html

But really it's just not comprehensive enough to be useful yet. I think that once the site gets enough growth, and has enough articles and a steady flow of contributions, that it will really begin to have a need for standardization and more streamlined input. Right now the greatest need is just a greater quantity of content in general to become a useful resource.

Should articles about non-spyware be written?

Sure! Articles about any kind of program should be written, especially since eventually articles should be referring to alternative, non-spyware software, suggested by

The more articles the site has, the better of a resource it is. So, the most important thing is to just increase the amount of articles right now.

Sent article about Otter Browser.

Makes it look like Otter is the better browsing experience, when in reality if you turn all those Firefox options off in the about:config page, you will have a better tracker-free experience on the web if you install uBlock and uMatrix, which Otter Browser does not support. (built in content blocker isn't as powerful as uMatrix)

Perhaps, but this is about being spyware by default. At least, that is the way I write my articles. If something is already proven to be spyware, we can assume it will contain more spy crap in the future. Who's to say the next version of Firefox won't remove the settings from about:config at all? They've already removed many of them from the GUI, so that seems like the logical next step.

If someone was really smart and dedicated, he could just remove all the spy crap from the source code. Or even reverse-engineer closed source spyware. But who the fuck wants to do that if there are alternatives?

Oh, and about uBlock and uMatrix - they're great addons, I use them myself. But what if Mozilla decides one day that they're malicious and blocks them? They could do that tomorrow and there would be nothing you can do about it. They've already spoken out against adblocking on their blog, and even included ads in their New Tab panel at one time (maybe they're still there, but I didn't see them during my testing).

It's probably also worth noting that the website doesn't seem to be rating software itself. Though I do get what you are saying if people are using it as a site to find alternatives. In that case people should submit more spyware free browsers.

it's over, this potential site is officially dead.

What program are you using to get this information? I switched from Firefox to Opera when Quantum came out and I want to see what is happening behind my back.

Mitmproxy

ghacks.net/2017/07/13/privacy-blunder-firefox-getaddons-page-google-analytics/

Wow, how generous. GTFO.

So THAT is what XUL deprecation was for.

Who the fuck still believes Mozilla's claims about privacy?

Thanks for this, iv'e updated the Firefox article with the new information, although im sure that the Firefox article can still be expanded on when discussion this issue. Right now it's a basic explanation and one of the anti-privacy quotes from a developer from the github thread. github.com/mozilla/addons-frontend/issues/2785

There is still nothing on the article explaining the spyware implications of the new WebExtension standard, so that needs to be updated.

nonfree programs that have a EULA that specifies data collection can automatically be considered spyware

I really like the idea, but I think the implementation is off, you should read the "Cathedral and the Bazaar" if you haven't already and think about applying this to the website strongly. First off, I think the whole emailing-you-articles thing is incredibly inefficient, and you should make the whole thing FOSS and move it to a git instance or a wiki format, or both. Just toss it on a gitlab or something.

Even reddit semi-normies want a site that they can easily send to their non-technically inclined friends and say, "look, this is why google chrome is bad", and they would definitely be willing to contribute, whether is be fixing typo, helping debug the site or writing entire articles. This could be bigger than you are probably imagining. You need to take away unnecessary barriers of entry and keep some kind of record of who did what. Which leads me to my second issue.

Another, probably more important, and I assume completely un-thought-of issue is, just like software, when someone writes an article they own the copywrite to it by default, and that could really hurt the project, or even possibly you personally, quite severely. You should figure out what Creative Commons license to have everything under, as well as make sure to get contributors' explicit consent to license it that way. I would assume Redhat figured all this shit out for opensource.com articles, they seem to use CC-BY-SA:
creativecommons.org/licenses/by-sa/4.0/
Which seems fine to me.
This includes the articles you write and the ones people have emailed you already, to be clear.
Not trying to be scary or a downer, but you do not want to get involved in a copywrite law court case, I can assure you.

Also, as has been discussed fixing up the site to be more palatable for people's moms and stuff.

All that being said, very promising project, I very much enjoyed the firefox and discord articles to which anons wrote those, good work.

...

Thanks for the very thoughtful reply, I agree with you on all points in general, it's pretty obvious that the whole site is naively made in the sense that it's totally unusable for large amounts of content being submitted. Since the site is less than A week old, it's only got the most basic features. When I posted it, I had no articles except for the example article. Now, the project has 4,846 hits according to neocities, and I've seen links to it posted on several image boards, so it's really growing at quite a rate. For now only three people have created content and the volume of emails is very low, so it's manageable, but I do agree that as the site grows it needs a more sustainable system and I will work on that.

support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections

No need, nicely formatted plain text (80 columns max) surrounded by tags is sufficient to get the point accross. Or just have the index.html redirect to index.txt. Plain ASCII isn't botnet, and doesn't consume much resources.

Submitted Opera article.

Are you going to modify the design to this?

Because it looks much better.

No, I like how the site looks. I think that you could probably edit your CSS or something to make it look like that, though.

Who is the target audience? Normies won't be modifying their styles.

Normies also will refuse to read more than a paragraph and won't trust any site that doesn't load a million JS frameworks.

So who is the site for? The "hackers" are already using non-spyware.

Supplementary material for flamewars on Holla Forums and other similar forums - it's already being used in this way.

I don't think that "hackers" are using non-spyware, for example Firefox is used by a lot of people who are concerned with privacy, even though it is loaded with spyware... and other people who are technically inclined but not researched enough to know about the spyware capabilities of their software are also able to understand information presented on "old-style" sites like this one.

Fuck right off. The site as it is now looks better, even with the shitty formatting and strange background.

Think I'll be forking this. The idea is great but OP is doing it all wrong.

...

Doesn't this look better?

polite sage

That's a really big claim for a motive that you'd need more to back up if you were actually being serious

No.

I added an article on Google Chrome: spyware.neocities.org/articles/chrome.html

It needs a lot of work, since I don't know about all of the types of spyware inside Chrome other than what is detailed in the privacy policy.

8ch.net/tech/chrome.html

tbh

So this is dead now? That was fast.

GNU icecat

No, I've tested that too. Most of the article about Firefox applies to IceCat as well.

Because it's not loaded with spyware you fucking LARPer.

No, it doesn't you fucking retard.

Keep using your IceCat then, smart guy. Or actually do the tests, like me.

hello vincent canfield

why not make it a wiki?

I like this idea

So since this is dead, can I take those articles and put them on my website?

Firefox systemd chemtrails botnet. Antarctica nazis Steve Klabnik hollow earth botnet Rust anti-american. Icecat botnet cuck license. Water filters 9/11 webkit meme browser based. Nuke Iran.