CHEF-KOCH / Blocker Database
Programming Languages
Projects that are alternatives of or similar to Blocker Database
This project is a global domain database for NoScript/uBlock/uMatrix/ScriptSafe powered by the community - which means YOU! It's original created by CHEF-KOCH and it's under ISC License (see License).
The goal of this little project is to get an almost complete whitelist for NoScript/uBlock/uMatrix, ScriptSafe & Cookie AutoDelete, it's created due the fact that e.g. Tor Browser temporarily allow all domains by default. I personally I don't like this, so this is one of the reasons I created the project; another reason is to avoid syncing with a Mozilla or Google Cloud.
Project Goal
- All social networks except Twitter (because I use it for myself, backlinks to the network on external resources are blocked!)
- uMatrix/uBlock is set to an 'high blocking mode' to block all 3rd-party requests which also blocks things like crypto mining & co.
- Maximum possible settings are used without breaking the web, this (sadly) requires lot of clicks (due to overblocking) but it's worth.
- CDN's unless it's proven that there dangerous are allowed, the bad ones are globally blocked
- Smaller pages which needs ads to survive are supported unless there is something like a script integrated which is dangerous
- To whitelist something is in general better than to blacklist something, this is one of the goal however, exceptions must be made to not break certain pages
- Reducing fingerprinting mechanism is not a goal, I do believe the Browser must at some point project it's user but we set certain rules to ensure nothing can be bypassed
Why was NoScript removed?!
This project ditched NoScript because of the following reasons:
- You can use uBO instead.
- The new NS does not support ABE, HTTPS Cookie Management nor clearclick (starting with v10+).
- uBO can block Cross-Site-Scripting (CSS) (it has no "own XSS protection") because third-party resources inherently protecting you.
- Content Security Policy (CSP) replaced XSS and, XSS attacks are less and less a problem.
Usage
- The lists are tested and working on Chrome (Chromium), Firefox, Opera (Chrome) and soon Microsoft own Chrome version.
- Install the official extensions and import the lists.
Contributing to the list
- Download and import the latest list from this repository.
- Find your whitelist and blacklist as described above.
- To add to whitelist, ensure no bad reputation is present for your reported page.
- Your website must not be blocked by the built-in safe-browsing feature.
- If you know how to, please confirm the page is not compromised by XSS or other attacks.
- Check the page/domain if the webmaster is trusted and all whois given information are valid.
- It does not matter much if you use the http:// or https:// prefix on domains as NoScript handles this.
What are the benefits?
- Personally I think most stuff can be prevented by disabling JavaScript on a website. Instead to temporarily allow all sites access to JavaScript I prefer to whitelist only the 'secure' ones. In fact this would help, because all other pages are by default blocked.
- A community based list is easier to maintain + there is less space for problems, the four eyes principle!
What about the cons?
- The negative thingy is that this is more about user needs, if you never visit xyz listed page you normally not need to whitelist them, but on the other hand it's not dangerous because they are trustworthy and should never connect to your pages (except social pages for e.g. the little share buttons).
- Another thing is that you also could just block the entire domain via router, so this would mean this would have no affect.
- All social media platforms except Twitter are blocked.
- Static filtering requires a lot of effort because you need to check each entry manually.
QnA's
Q: Is there a NoScript Database?
A: Not anymore, seems NoScript isn't widely used anymore or some features already are not implemented in the Browser. Some people (including me) switched to the uBO and uMatrix combination instead.
Known issue
The bigger issues are pinned. "Special" issue are not directly related to this project, they are addon/extension related (see here):
- #5
- Privacy Badger import/export tracker settings
- Firefox Sync only permits 16384 byte objects to be saved
- webRequest API related limitations
Project based issue:
Reference
Supported Addons/Extensions
- Canvas Blocker
- Cookie AutoDelete
- Firefox NoScript Security Suite - (Chrome version)!
- Nano Adblocker
- ScriptSafe
- Skip Redirect
- uMatrix
NoScript