diff --git a/PEOPLE.md b/PEOPLE.md index 32cf415..4d8a97e 100644 --- a/PEOPLE.md +++ b/PEOPLE.md @@ -27,7 +27,7 @@ Disqualify: "[I don’t trust Cloudflare with IPFS](https://blog.kareldonk.com/i-dont-trust-cloudflare-with-ipfs/)" by [Karel Donk](https://blog.kareldonk.com/) -"[Cloudflare IPFS experiment](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/cloudflare-IPFS-experiment.html)" by [Joe](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/index.html) +"[Cloudflare IPFS experiment](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/cloudflare-IPFS-experiment.html)" by [Joe](https://js.ipfs.io/ipns/QmZJBQBXX98AuTcoR1HBGdbe5Gph74ZBWSgNemBcqPNv1W/index.html) - ([archive](http://archive.fo/139z1)) "[Don't Trust CloudFlare](https://write.lain.haus/thufie/dont-trust-cloudflare)" by [@lunaterra@cyberia.social](https://cyberia.social/@lunaterra) diff --git a/cloudflare_owned_NS.txt b/cloudflare_owned_NS.txt index a52412b..152aeef 100644 --- a/cloudflare_owned_NS.txt +++ b/cloudflare_owned_NS.txt @@ -1,68 +1,101 @@ abby.ns.cloudflare.com adrian.ns.cloudflare.com +aida.ns.cloudflare.com +alan.ns.cloudflare.com albert.ns.cloudflare.com alex.ns.cloudflare.com +alina.ns.cloudflare.com alla.ns.cloudflare.com +amanda.ns.cloudflare.com amber.ns.cloudflare.com amy.ns.cloudflare.com andy.ns.cloudflare.com anna.ns.cloudflare.com +apollo.ns.cloudflare.com +arch.ns.cloudflare.com +aria.ns.cloudflare.com art.ns.cloudflare.com +asa.ns.cloudflare.com athena.ns.cloudflare.com austin.ns.cloudflare.com -ben.ns.cloudflare.com bella.ns.cloudflare.com +ben.ns.cloudflare.com +beth.ns.cloudflare.com bob.ns.cloudflare.com -norman.ns.cloudflare.com +brit.ns.cloudflare.com chan.ns.cloudflare.com +coby.ns.cloudflare.com coco.ns.cloudflare.com cody.ns.cloudflare.com +cory.ns.cloudflare.com darwin.ns.cloudflare.com dee.ns.cloudflare.com -dom.ns.cloudflare.com +demi.ns.cloudflare.com dina.ns.cloudflare.com +dom.ns.cloudflare.com +dora.ns.cloudflare.com +dorthy.ns.cloudflare.com drew.ns.cloudflare.com +duke.ns.cloudflare.com ed.ns.cloudflare.com +edna.ns.cloudflare.com elinore.ns.cloudflare.com +elmo.ns.cloudflare.com emma.ns.cloudflare.com +etta.ns.cloudflare.com +fay.ns.cloudflare.com foo.ns.cloudflare.com fred.ns.cloudflare.com +gabe.ns.cloudflare.com gail.ns.cloudflare.com glen.ns.cloudflare.com guy.ns.cloudflare.com +hank.ns.cloudflare.com +heather.ns.cloudflare.com hugh.ns.cloudflare.com ian.ns.cloudflare.com igor.ns.cloudflare.com +iris.ns.cloudflare.com +jasmine.ns.cloudflare.com jeff.ns.cloudflare.com jerry.ns.cloudflare.com jill.ns.cloudflare.com jim.ns.cloudflare.com +john.ns.cloudflare.com +jonah.ns.cloudflare.com josh.ns.cloudflare.com kate.ns.cloudflare.com +kevin.ns.cloudflare.com +kim.ns.cloudflare.com kip.ns.cloudflare.com leah.ns.cloudflare.com lee.ns.cloudflare.com leia.ns.cloudflare.com lex.ns.cloudflare.com +lily.ns.cloudflare.com +lucy.ns.cloudflare.com matt.ns.cloudflare.com +max.ns.cloudflare.com +megan.ns.cloudflare.com melinda.ns.cloudflare.com +miki.ns.cloudflare.com +nelly.ns.cloudflare.com newt.ns.cloudflare.com nina.ns.cloudflare.com norm.ns.cloudflare.com +norman.ns.cloudflare.com +olga.ns.cloudflare.com pam.ns.cloudflare.com paul.ns.cloudflare.com pete.ns.cloudflare.com +peyton.ns.cloudflare.com rachel.ns.cloudflare.com rick.ns.cloudflare.com rob.ns.cloudflare.com rose.ns.cloudflare.com seth.ns.cloudflare.com sofia.ns.cloudflare.com +tegan.ns.cloudflare.com terin.ns.cloudflare.com theo.ns.cloudflare.com -zoe.ns.cloudflare.com -kevin.ns.cloudflare.com -megan.ns.cloudflare.com -peyton.ns.cloudflare.com -tegan.ns.cloudflare.com -aida.ns.cloudflare.com \ No newline at end of file +zoe.ns.cloudflare.com \ No newline at end of file diff --git a/ismitmlink/bg.js b/ismitmlink/bg.js index 87a73de..6a2a939 100644 --- a/ismitmlink/bg.js +++ b/ismitmlink/bg.js @@ -1,4 +1,14 @@ -const apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php'; +let apiurl = 'https://searxes.danwin1210.me/collab/open/ismitm.php'; +let TORapiurl = 'http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/ismitm.php'; + +fetch('http://searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion/collab/open/hi.php', { + method: 'GET', + mode: 'cors' +}).then(r => r.text()).then(r => { + if (r == 'hi') { + apiurl = TORapiurl; + } +}).catch(() => {}); function is_infected(f) { return new Promise((g, b) => { @@ -9,9 +19,7 @@ function is_infected(f) { 'Content-Type': 'application/x-www-form-urlencoded' }, body: 'f=' + f - }).then(function (r) { - return r.json(); - }).then(function (r) { + }).then(r => r.json()).then(r => { if (r[0]) { g(r[1]); } else { @@ -66,6 +74,4 @@ browser.storage.local.clear().then(() => { }, () => {}); } }); -}, (e) => { - console.log(e); -}); \ No newline at end of file +}, () => {}); \ No newline at end of file diff --git a/ismitmlink/cs.js b/ismitmlink/cs.js index c274e3b..1361a66 100644 --- a/ismitmlink/cs.js +++ b/ismitmlink/cs.js @@ -1,34 +1,32 @@ -if (document.body) { - if (!['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org'].includes(location.hostname)) { - let cs = (function () { - let s = document.createElement('style'); - document.head.appendChild(s); - return s.sheet; - })(); - if (cs) { - cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0); - cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1); - cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2); - cs.insertRule("a[data-mitm]:hover{color:red !important}", 3); - } - let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb']; - document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => { - let aF = (new URL(a.href)).hostname; - if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) { - asked.push(aF); - browser.runtime.sendMessage(aF); - } - }); - browser.runtime.onMessage.addListener((request, sender, sendResponse) => { - if (request.length == 2) { - if (request[1]) { - document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => { - a.dataset.mitm = 1; - a.title = 'DANGER! DANGER! MITM!'; - }); - } - } - sendResponse(null); - }); +if (document.body && !['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb'].includes(location.hostname)) { + let cs = (function () { + let s = document.createElement('style'); + document.head.appendChild(s); + return s.sheet; + })(); + if (cs) { + cs.insertRule("a[data-mitm]{text-decoration-line:line-through !important;text-decoration-color:red !important;text-decoration-style:double !important}", 0); + cs.insertRule("a[data-mitm]::before{content:'[MITM!]';font-weight:bold !important;color:red !important}", 1); + cs.insertRule("a[data-mitm]:hover::before{content:'[Privacy Risk!!]'}", 2); + cs.insertRule("a[data-mitm]:hover{color:red !important}", 3); } + let asked = ['searxes.danwin1210.me', 'searxes.nmqnkngye4ct7bgss4bmv5ca3wpa55yugvxen5kz2bbq67lwy6ps54yd.onion', 'searxes.cyb', 'addons.mozilla.org']; + document.querySelectorAll("a[href^='http://']:not([data-mitm]),a[href^='https://']:not([data-mitm]),a[href^='//']:not([data-mitm])").forEach(a => { + let aF = (new URL(a.href)).hostname; + if (!/^(.*)\.(onion|i2p|invalid|test|local|localhost|([0-9]{1,3})|bbs|chan|cyb|dyn|geek|gopher|indy|libre|neo|null|o|oss|oz|parody|pirate|bit|lib|coin|emc|bazar|fur)$/.test(aF) && !asked.includes(aF)) { + asked.push(aF); + browser.runtime.sendMessage(aF); + } + }); + browser.runtime.onMessage.addListener((request, sender, sendResponse) => { + if (request.length == 2) { + if (request[1]) { + document.querySelectorAll("a[href^='http://" + request[0] + "/']:not([data-mitm]),a[href^='https://" + request[0] + "/']:not([data-mitm]),a[href^='//" + request[0] + "/']:not([data-mitm])").forEach(a => { + a.dataset.mitm = 1; + a.title = 'DANGER! DANGER! MITM!'; + }); + } + } + sendResponse(null); + }); } \ No newline at end of file diff --git a/ismitmlink/manifest.json b/ismitmlink/manifest.json index 7c851fa..f064778 100644 --- a/ismitmlink/manifest.json +++ b/ismitmlink/manifest.json @@ -2,7 +2,7 @@ "manifest_version": 2, "name": "Are links vulnerable to MITM attack?", "description": "Scan FQDN using Searxes' API", - "version": "1.0.3", + "version": "1.0.4", "homepage_url": "https://notabug.org/themusicgod1/cloudflare-tor/src/master/ismitmlink", "author": "Maslin Bossé", "permissions": [ diff --git a/what-to-do.md b/what-to-do.md index 0e68e6f..9f30aa4 100644 --- a/what-to-do.md +++ b/what-to-do.md @@ -144,10 +144,16 @@ Let's talk about _other software's privacy_... - Chrome is a [spyware](https://www.gnu.org/proprietary/malware-google.en.html). -- Brave Browser [whitelist Facebook/Twitter trackers](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/). +- SRWare Iron make too many [phones home connection](https://spyware.neocities.org/articles/iron.html). It also connect to google domains. + +- Brave Browser [whitelist Facebook/Twitter trackers](https://www.bleepingcomputer.com/news/security/facebook-twitter-trackers-whitelisted-by-brave-browser/). Here's [more issues](https://spyware.neocities.org/articles/brave.html). - Microsoft Edge lets Facebook [run Flash code behind users' backs](https://www.zdnet.com/article/microsoft-edge-lets-facebook-run-flash-code-behind-users-backs/). +- Vivaldi [does not respect your privacy](https://spyware.neocities.org/articles/vivaldi.html). + +Therefore we recommend "Tor Browser" only. Nothing else. + ------------ ###### "Mozilla Firefox" user