scarline
commented
6 years ago Hallo, are there any attempts to get these points addressed in future development? Some of theme can be considered as critical I think!
Open scarline opened 6 years ago
scarline
commented
6 years ago Hallo, are there any attempts to get these points addressed in future development? Some of theme can be considered as critical I think!
There are several privacy issues in a raw installation of iridium. Some of them can be treated by installing plugins. The better option would be to include these fixes in the code basis.
Include option to prevent dom storage (keep storage for plugins active) alternatively include an option to delete cookies after side visit, including dom storage (like self-destroying cookies but on chrome the dom-storage is untouched by the plugin)
Include tab containers: The cookie and dom storage in a tab or a tab groud (for example facebook, google, twitter) is limited to a specific domain, so content from the inside of the container can‘t be read from the outside (no plugin in existance for chrome, for firefox there is a plugin called tab containers)
Include option to prevent referer sending
Include some functionality to prevent social media tracking (see above tab containers or plugins like disconncet for facebook, also the plugin noscript may help but for me in allday use it makes surfing very unsatisfying because one has to apply whitelist entries for every side)
Include option to deactivate mine types sending
Include option to deactivate to data urls
Include option to deactivate header sending
Include option to prevent font deanonymizing (plugin: FontPrivacy)
Include option to hide window name (a way for de anoynmizing the user)
Include option to hide actual screen size
Fake system details for java-script (a unique system identifies the user)
Include functionalities to prevent pixel tracking (plugin currently doing this is the privacy batcher of the EOF)
Include the addon HTTPS everywhere (or rebuild it's functionality)
Include the addon canvas defender for canvas noise hash (or rebuild it's functionality)
Prevent sides form reading the tab history
WebGL may be used for fingerprinting with the GPU
Regarding the static IP adress wich is also a possible tracking vector a seamless integration to services like tor, direct from the browsing window with an indication which connection type is currently being used etc would be nice, especially white- and blacklisting would increase useability
(List may be extended)