add support "hash Argon2" to hide any "dangerous domains" in the filter list

[KonoromiHimaries]

Describe the issue (Required)

when a domain is really dangerous it should be able to be encrypted this domain to no one would be know about its existence in filter list

currently, it is a directory of malicious or potentially malicious software. anyone can view and search potential unwanted site, with using anyone of these lists

https://raw.githubusercontent.com/azet12/KADhosts/master/KADhosts.txt https://raw.githubusercontent.com/WowDude/PornList/master/PornList.txt https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts

the plan is to hash the domain name with using Argon2 to making it impossible to read it https://github.com/P-H-C/phc-winner-argon2

[jspenguin2017]

1. You still need to have a plain text version, because other people should be able to audit the lists to make sure it is good and trustworthy.
2. When a domain matches, the user would know the domain is in the list. Hashing domains with a secure hashing algorithm would also reduce runtime performance.
3. Why is keeping a directory of malicious domains bad? It can help researchers to better track those criminals.

[KonoromiHimaries]

You still need to have a plain text version, because other people should be able to audit the lists to make sure it is good and trustworthy.

you can create a private key generator and an decoder for it or keep the second list without strict blocking in another host.

When a domain matches, the user would know the domain is in the list.

the most important thing is you do not promote these domains at your own and that's what counts

Hashing domains with a secure hashing algorithm would also reduce runtime performance.

this is no problem if the hash is optional and works only after switching on.

Why is keeping a directory of malicious domains bad? It can help researchers to better track those criminals.

see the theard up

[jspenguin2017]

you can create a private key generator and an decoder for it

If the original source is retrievable by anyone, then what's the point of encrypting it?

keep the second list without strict blocking in another host

I'm not sure what you mean, can you elaborate?

the most important thing is you do not promote these domains at your own and that's what counts

Why do you think I am promoting those domains?

see the theard up

That is a political issue, and fixing a political issue with a technological solution is not the way to go.

[KonoromiHimaries]

Why do you think I am promoting those domains?

you do not promote such domains, this was just an example

If the original source is retrievable by anyone, then what's the point of encrypting it?

the point is to do not promote it so that it is not available on the public repo, so that you can say that i not promote something bad.

for example, m$ can give you ban if you publish a domain that is not compatible with their policy

That is a political issue, and fixing a political issue with a technological solution is not the way to go.

I know that.

[jspenguin2017]

this was just an example

Why do you think listing malware/pornography domains implies that the author promotes those domain?

the point is to do not promote it so that it is not available on the public repo

If you want to keep filters in a private repository, you already can.

can give you ban if you publish a domain that is not compatible with their policy

If you read their policy closely, they can ban you for any reason, or for no reason at all. There is no such thing as compatible with their policy, anything can be incompatible.

See: https://help.github.com/articles/github-terms-of-service/#3-github-may-terminate

Why do you think you're safe if you only listed hashes?

I know this and what can I do?

Create backup. If you feel you may be on the radar, add redundancy and be ready to jump service.

[KonoromiHimaries]

Why do you think listing malware/pornography domains implies that the author promotes those domain?

example majkit in own repo is afraid to block any ads in polish adult site because he would have big problems because of that. https://github.com/NanoAdblocker/NanoFilters/issues/192#issuecomment-430037636

it does not mean that it has a relationship with their publication, but it has an impact on it

Why do you think you're safe if you only listed hashes?

im not safe, but it is always a better protection than none it can also be useful when creating filters that act like nano defender

1. the webmaster will not know too quickly that the ads are on the list
2. the time needed to create a new anty-adblock script will increase
3. you can keep more privacy when creating filters

[KonoromiHimaries]

https://torrentfreak.com/blocking-pirate-sites-is-not-enough-russia-should-shut-them-down-181004/

in Russia, they have adopted a new law and want to censor everything that leads to pirated content

[jspenguin2017]

he would have big problems

Like what?

the webmaster will not know too quickly that the ads are on the list

That doesn't help, most webmasters only maintain a few websites each, they can just test it out instead of watching commit log.

the time needed to create a new anty-adblock script will increase

Nope, just fuzz the solution and it'll break within seconds.

you can keep more privacy when creating filters

That makes filters difficult to audit, which is not good for user security and privacy. If you want a private filter, just make a private repo.

in Russia [...] want to censor everything that leads to pirated content

I don't see filter lists getting on the radar any time soon, they have way bigger fish to fry.

[KonoromiHimaries]

Like what?

Polish lobbies are very fierce

[DandelionSprout]

I can sort-of see what Konoromi is aiming for, but I'd add two major notes about this:

1) I'd wait to see how well it'd go to create backups for lists instead. uBlock Origin and Nano Adblocker supports multiple links for each list, while FilterLists.com currently allows up to 3 links (but with no fallback). 2) I could potentially even see grounds to support subscribing to entirely encrypted files, but no way in hell would Adblock Plus add support for such a state-of-the-art feature anytime soon, even if uBO and Nano did.

[jspenguin2017]

subscribing to entirely encrypted files

That doesn't make sense, how is Nano suppose to use those files? If I publish the decryption key along with the extension package, then everyone would be able to grab the key and decrypt those files.

[jspenguin2017]

I'd wait to see how well it'd go to create backups for lists instead

Apparently Lightsail images are quite different than Linode images, I haven't got time to make a setup script yet. And the manual for Lambda is a bit too long to read in an evening. I'll definitely do it in the near future, but it could be a few weeks.

I also tried GitLab CE, but unfortunately GitLab takes 8GB memory which costs $40 a month...

[DandelionSprout]

I don't know if "encrypted" was the right word for me to use, but I thought of it like some kind of garbling and de-garbling system for lists.

Let's say that someone wants to add example.com to a list, but is for whatever reason wary of adding it in plain text. Through a pre-determined, single-method garbling system, he could convert it into e.g. ghsufdshg.ghd, which when de-garbled by an adblocker according to the same system, would be interpreted by the extension as example.com.

And potentially this could be done with entire lists, thus my original idea for "encrypted files".

[jspenguin2017]

@DandelionSprout What you described is encryption (although strong encryption algorithm usually produce different-looking ciphertext), and you cannot stop other people from grabbing the algorithm and/or key from your extension package. It's just wasted effort that creates an open secret, it does not offer any protection, just inconvenience to everyone.

Hashing, on the other hand, does offer some protection of the original text, as it's usually not possible to unhash something. However, given a list of domains, it's pretty easy to know (and prove) which one of them are in the list.

[DandelionSprout]

I thought it could help prevent issues with auto-mod bots, but okay then.

[jspenguin2017]

@DandelionSprout I'm not too sure about that, I would imagine most bots can detect and flag ciphertext.

[KonoromiHimaries]

Hashing, on the other hand, does offer some protection of the original text, as it's usually not possible to unhash something. However, given a list of domains, it's pretty easy to know (and prove) which one of them are in the list.

this is not a problem if you generate a new private key every 24 hours for all rules

That makes filters difficult to audit, which is not good for user security and privacy. If you want a private filter, just make a private repo.

If the original source is retrievable by anyone, then what's the point of encrypting it?

this will not be a problem if the original source/rules will be available only in private repository only for a few selected people.

[jspenguin2017]

this is not a problem if you generate a new private key every 24 hours for all rules

Why? Even if you generate a new key every hour, a publicly viewable private key is still a publicly viewable private key.

only for a few selected people

Why not just select your users? Sounds a lot safer and more painless to me.

[mikhoul]

As a user I would not use any filter list or ad-blocker that I can see in plain text the rules for my safety and to be able to debug "bad" filters and/or incompatibility.

More over something here that nobody seem to have mentioned is that hiding list/filters will just make the whole thing more suspicious than anything else and would prevent to use those Adblockers/list in many corporate environnement where you have to be able to easily read the source code of the software for security/liability and insurance purpose.

[DandelionSprout]

You mean that you can't see in plain text, right? But other than that, your points were very good, and have managed to win me over, at least.