GPC (Global Privacy Control)

[ghost]

Please explain why your feature request fall into the scope of ungoogled-chromium? GPC? Is Stand For Global Privacy Control If This Enabled By Default

This Browser Will Automatic Send Signal On Website To Not Track And Sell Userdata

Please describe the feature you would like to have GPC Global Privacy Control

Describe the solution you'd like You Add GPC And Enabled By Default (Make It Cannot be disabled )

Describe alternatives you've considered No Alternative Because Many Extension Not Working Include Privacy Badger That's Why I Request To Add GPC By Default

Additional context https://globalprivacycontrol.org/#download

[wchen342]

One question, how did you know Privacy Badger doesn't work? How did you test it?

EDIT: I tested it on both android and desktop version. Both worked correctly.

[wchen342]

I think this is worth being implemented in main repo btw. I will post it there.

[ghost]

I think this is worth being implemented in main repo btw. I will post it there.

Actually you can limit third party by block all cookies but yeah you can't login which very annoying

Add it for extension version first :v

(Pre-Release)

[ghost]

One question, how did you know Privacy Badger doesn't work? How did you test it?

Go to mentioned web on Additional context if this working

Text like Signal GPC Received Or Something Similar Will Appear

[ghost]

desktop version. Both worked correctly.

I discuss it on android version

Bruh

If on pc it should work did official chromium doesn't support extension? 🤔🤨

[hbarsaiyan]

desktop version. Both worked correctly.

I discuss it on android version

Bruh

If on pc it should work did official chromium doesn't support extension

It is working fine on android version.

[wchen342]

Go to mentioned web on Additional context if this working

Sorry what do you mean? I don't quite get what you were saying.

If you enable GPC in privacy badger and go to https://www.whatismybrowser.com/detect/what-http-headers-is-my-browser-sending, you will see sec-gpc is set to 1. This is exactly how GPC is supposed to work.

[ghost]

Go to mentioned web on Additional context if this working

Sorry what do you mean? I don't quite get what you were saying.

If you enable GPC in privacy badger and go to https://www.whatismybrowser.com/detect/what-http-headers-is-my-browser-sending, you will see sec-gpc is set to 1. This is exactly how GPC is supposed to work.

Oh i check if gpc work or not using this web: https://globalprivacycontrol.org/#download

If work you will see text say gpc signal detected duh 🤦

[ghost]

desktop version. Both worked correctly.

I discuss it on android version Bruh If on pc it should work did official chromium doesn't support extension

It is working fine on android version.

EDIT: Crap i Forgot To Update My UC :-(

[wchen342]

The page is only a list of extensions and browsers supporting GPC, it doesn't detect whether your browser is sending the header.

[ghost]

The page is only a list of extensions and browsers supporting GPC, it doesn't detect whether your browser is sending the header.

Yes but if you implement the gpc feature this web should detect it

Actually in my opinion this is are unfair when specific browser (ex: DDG Brave) have these gpc while my favourite browser ungoogle chromium don't :-(

[wchen342]

That list is edited manually by the website admins, not generated automatically..

If I want them to add ungoogled-chromium to the list then I need to contact them and ask them to verify the implementation, and then ask them to add the browser to the list.

[ghost]

That list is edited manually by the website admins, not generated automatically..

If I want them to add ungoogled-chromium to the list then I need to contact them and ask them to verify the implementation, and then ask them to add the browser to the list.

Yea

Because privacy is important dude

EDIT: Sorry actually extension are working This my fault i forgot enable js :-(

But web tell me some header like DOM are missing

[wchen342]

Sorry I cannot fully understand what you were trying to say so I may sometimes misunderstand what you intended.

Whether we shall get the browser certified shouldn't be decided solely by me, as ungoogled-chromium shall be seen as a project as a whole in this case. @Eloston do you think it is worth the effort?

But web tell me some header like DOM are missing

That seems to be an unrelated problem.

[ghost]

Sorry I cannot fully understand what you were trying to say so I may sometimes misunderstand what you intended.

Whether we shall get the browser certified shouldn't be decided solely by me, as ungoogled-chromium shall be seen as a project as a whole in this case. @Eloston do you think it is worth the effort?

But web tell me some header like DOM are missing

That seems to be an unrelated problem.

If i use privacy badger Gpc signal are working but some header are missing:

[ghost]

Sorry I cannot fully understand what you were trying to say so I may sometimes misunderstand what you intended.

Hmm which one that you are not understand?

Sorry english is not my native lang

[wchen342]

Hmm which one that you are not understand?

I was referring to the above conversations as a whole.

Sorry english is not my native lang

Me too, so no worries, it's basically two non-native trying to understand each other :)

I accidentally edited your post instead of replying..

So from your screenshot it seems privacy badger's implementation is not complete. Interesting.

[ghost]

Hmm which one that you are not understand?

I was referring to the above conversations as a whole.

Sorry english is not my native lang

Me too, so no worries, it's basically two non-native trying to understand each other :)

I accidentally edited your post instead of replying..

So from your screenshot it seems privacy badger's implementation is not complete. Interesting.

Actually without this extension Ungoogle chromium can't send gpc signal right?

I want you add GPC signal So i No Longer Need Extension Only For GPC

[wchen342]

Yes I understand that. I am just waiting for reply from the main repo so I know whether I shall do it here or open a PR upstream.

[ghost]

Yes I understand that. I am just waiting for reply from the main repo so I know whether I shall do it here or open a PR upstream.

Yes? And implementation should complete

Issues are same on duck duck go browser i open new issues there soon

[wchen342]

I had a look and the client-side actually needs browser support I think. Privacy Badger cannot do that. It needs to be implemented natively.

[wchen342]

I will implement it here first and if main repo think it can be upstreamed then I will push it there.

The certification of the browser is a different problem though.

[ghost]

The certification of the browser is a different problem though.

But you need solve it first

[wchen342]

No, whether the impletation works and whether the browser is recognized by the website are two unrelated things. An implementation doesn't need someone's approve to work. And since GPC is backed by law, it doesn't actually need any certification to work.

[ghost]

No, whether the impletation works and whether the browser is recognized by the website are two unrelated things. An implementation doesn't need someone's approve to work. And since GPC is backed by law, it doesn't actually need any certification to work.

Yea but you need to make gpc implementation perfect dude please :-(

[uazo]

I will implement it here first

@wchen342 can this be useful?

https://github.com/brave/brave-core/commits/64f9bfc921466b40a91341af19cd453f4d273f12/browser/net/global_privacy_control_network_delegate_helper.cc

[ghost]

I will implement it here first

@wchen342 can this be useful?

https://github.com/brave/brave-core/commits/64f9bfc921466b40a91341af19cd453f4d273f12/browser/net/global_privacy_control_network_delegate_helper.cc

Wait for a second Do you want trus brave? They still inject ads inside the app that was annoying though

[wchen342]

@uazo Thanks for finding the commits.

@NSTAdventure The code part itself is good though. However I will rewrite the whole thing to avoid overlapping code.

[ghost]

@uazo Thanks for finding the commits.

@NSTAdventure The code part itself is good though. However I will rewrite the whole thing to avoid overlapping code.

Yay! 😍😍😍😍😍😍

Edit: WTF?! Bro, don't imitate it I'm too happy Wah XD😂🙏

[wchen342]

Added in d2331cf.

[uazo]

wow what speed! @csagan5 FYI

[wchen342]

I basically mirrored Do Not Track with a few modifications, so it was quite simple.

[uazo]

so it was quite simple.

congratulations anyway! I just compile, retry and recompile and retry (and retry :) it takes hours...

[wchen342]

Isn't ninja only compile the modified parts? Also ccache is quite useful when debugging, although the hit rate varies depends on what is modified.

[uazo]

Isn't ninja only compile the modified parts?

yes, just the different parts. I've tried them all, but I think the problem is the amount of cores, because I have more than enough ram. never mind, I'm used to it by now and in the meantime I'm studying the code.

[wchen342]

the problem is the amount of cores

Yes that makes quite the difference. I kind of miss the jumbo build days.

[ghost]

@wchen342 new updates for extension varians?

[wchen342]

@NSTAdventure The build server can only compile one thing at a time. It is compiling the normal version now.

[hbarsaiyan]

@wchen342 new updates for extension varians?

Give that man some rest bro 😅

[ghost]

@wchen342 new updates for extension varians?

Give that man some rest bro 😅

Hahaha sorry 😂🤟

@wchen342 @hbarsaiyan

[csagan5]

From https://techcrunch.com/2020/10/07/tech-publisher-coalition-backs-new-push-for-browser-level-privacy-controls/?guccounter=1

The aim for the group steering GPC is to develop a standard for a browser-level opt-out for the sale of personal data that businesses subject to CCPA would be legally compelled to respond to — assuming they succeed in getting the standard accepted as legally binding under California’s law.

“We look forward to working with AG Becerra to make GPC legally binding under CCPA,” they write on that.

These are the organisations involved: https://globalprivacycontrol.org/orgs#Business

Right now ~99% of advertisers/companies are ignoring GPC; if it does not succeed in becoming legally compelled it will be dead in the water like Do-Not-Track.

I hope it will succeed, but until that it is as useful as DNT.

[uazo]

if it does not succeed in becoming legally compelled it will be dead in the water like Do-Not-Track.

I agree, but immediately the advantage could be in advertising in https://globalprivacycontrol.org/#download , always if needed

[ghost]

Yes But

Every browser should implement it without any missing header like global privacy control report :) and i hope you do it as developer @wchen342

For now i enjoy pre release you already add gpc

But it will always active right?

[csagan5]

if it does not succeed in becoming legally compelled it will be dead in the water like Do-Not-Track.

I agree, but immediately the advantage could be in advertising in https://globalprivacycontrol.org/#download , always if needed

I doubt they will add ungoogled-chromium or Bromite, one can try of course. So it is more of a political/lobbying move than a technical solution right now.

[ghost]

if it does not succeed in becoming legally compelled it will be dead in the water like Do-Not-Track.

I agree, but immediately the advantage could be in advertising in https://globalprivacycontrol.org/#download , always if needed

I doubt they will add ungoogled-chromium or Bromite, one can try of course. So it is more of a political/lobbying move than a technical solution right now.

Bru in pre release version uc support GPC they only need to add dom header: const gpcValue = navigator.globalPrivacyControl if (gpcValue) { // signal detected, do something }

[wchen342]

I doubt they will add ungoogled-chromium or Bromite, one can try of course. So it is more of a political/lobbying move than a technical solution right now.

I agree, that's why I was asking Eloston whether we shall do this or not. Luckily the implementation is simple so that's not much effort anyway (comparing to extensions).

[csagan5]

Luckily the implementation is simple so that's not much effort anyway (comparing to extensions).

It is not just about the implementation: there is also the fact that with a specific header like DNT or GPC you make the browser extremely unique, so any attempt to "mix up with the crowd" is futile once something like this is active.

[wchen342]

there is also the fact that with a specific header like DNT or GPC you make the browser extremely unique

Right, you reminded me of that. That is why I never enabled DNT myself. I shall put up a warning there. The functionailty is disabled by default though so anyone who want to use it needs to go into settings and activate it manually.

[csagan5]

Vanadium tries to have a "footprint" equal to Chromium only when Javascript is disabled; Tor browser takes a lot of effort to mix with the crowd; Bromite does not attempt to mix with the crowd but rather making fingerprints unusable. I do not know about ungoogled-chromium-android but depending on what user wants sending an extra signal saying "I want more privacy" might be detrimental.

[wchen342]

There is no specific goal here I think since the first priority is to remove google dependencies, and the privacy enhancement is basically here and there and not systematic, here and main repo alike. That is part of the reason I proposed the privacy enhancement in the main repo.

IMO when it comes to anti-fingerprinting TBB is the gold standard since they have researchers dedicated to this and their browser stands long tests. However that is a lot of modifications so that will be even harder to do (right) than extensions so I don't think I can do that alone.