From 8a0fd9d6cd8b723ca1e3ca56a6df1da7762e7602 Mon Sep 17 00:00:00 2001 From: humanacollaborator Date: Sat, 24 Apr 2021 23:03:00 -0400 Subject: [PATCH] greylist more Cloudflare NS sites --- forge_comparison.md | 8 ++++---- input_data/forges.sql | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/forge_comparison.md b/forge_comparison.md index 5d7b108..cf9c92b 100644 --- a/forge_comparison.md +++ b/forge_comparison.md @@ -8,8 +8,6 @@ The following forges have no significant ethical issues: | *forge* | *registration publicly open* | *software* | *Tor-hostile* | *Cloudflare MitM* | *forced re/hCAPTCHA* | *forced execution of non-free software* | *notes* | |---|---|---|---|---|---|---|---| [de.edumat.io](https://de.edumat.io)|✅|Gitea 1.5.2|n|n|n|n|| -[gitea.it](https://gitea.it)|✅|Gitea 1.12.4|n|n|n|n|| -[git.kiwifarms.net](https://git.kiwifarms.net)|✅|Gitea 1.13.1|n|n|n|n|| [git.nixnet.services](https://git.nixnet.services)|❌|Gitea 1.13.1|n|n|n|n|formerly git.nixnet.xyz| [git.disroot.org](https://git.disroot.org)|✅|Gitea 1.13.6|n|n|n|n|SSH over Tor works; based in NL| [git.fuwafuwa.moe](https://git.fuwafuwa.moe)([onion](http://git.fuwafuwaqtlkkxwc.onion))|✅|Gitea 1.13.6|n|n|n|n|SSH over Tor [broken](http://git.fuwafuwaqtlkkxwc.onion/levena/fuwafuwa/issues/1); HTTPS over Tor works| @@ -18,7 +16,6 @@ The following forges have no significant ethical issues: [git.sdf.org](https://git.sdf.org)|✅|Gitea 1.14.1|n|n|n|n|SSH over Tor broken but HTTPS over Tor works; some UTF-8 emoticons apparently broke in upgrade from 1.13.1 to 1.14.1 (this table shows boxes now)| [framagit.org](https://framagit.org)|✅|Gitlab (CE 13.10.2)|n|n|n|n|[may become more restricted](https://framablog.org/2019/09/26/lets-de-frama-tify-the-internet) in mid-2021| [git.jami.net](https://git.jami.net)|✅|Gitlab (CE)|n|n|n|n|possibly restricted to Jami efforts; acces to help page blocked to non-members so CE/EE unknown| -[git.shivering-isles.com](https://git.shivering-isles.com)|❌|Gitlab (CE)|n|n|n|n|Registration is open but broken-- requires 2FA using a device that can QR-scan, and the email verification link is DoA: ![](images/shivering-isles_broken_reg.png) That stale link error triggers even when accessed immediately.| [gitlab.freedesktop.org](https://gitlab.freedesktop.org)|✅|Gitlab (CE)|n|n|n|n|possibly restricted to Freedesktop efforts| [gitlab.gnome.org](https://gitlab.gnome.org)|✅|Gitlab (CE)|n|n|n|n|possibly restricted to Gnome efforts| [gitlab.tails.boum.org](https://gitlab.tails.boum.org)|✅|Gitlab (CE)|n|n|n|n|possibly restricted to Tails efforts but no AUP says otherwise| @@ -38,7 +35,10 @@ These forges are not as seriously flawed as the blacklisted ones, but they shoul ([onion](http://githidep2hynhdmutuv7n2tei4iie2c7lyqz5fes3r5zzoxe5dshtxyd.onion))|❌||n|n|n|n|**dead site**| [codeberg.org](https://codeberg.org)|✅|Gitea|n|n|n|n|Based in Germany; [censored an anti-Cloudflare project](codeberg.md) in a reckless and destructive manner; functions without any JavaScript and the JavaScript that exists is all 1st-party ([ref](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547))| [yerbamate.dev](https://yerbamate.dev)|❌|Gitea|n|n|n|n|**dead site**| +[gitea.it](https://gitea.it)|✅|Gitea 1.12.4|n|n|n|n|**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch)| +[git.kiwifarms.net](https://git.kiwifarms.net)|✅|Gitea 1.13.1|n|n|n|n|**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch)| [git.teknik.io](https://git.teknik.io)|❌|Gitea 1.9.0|n|n|n|n|**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch)| +[git.shivering-isles.com](https://git.shivering-isles.com)|❌|Gitlab (CE)|n|n|n|n|**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch); Registration is open but broken-- requires 2FA using a device that can QR-scan, and the email verification link is DoA: ![](images/shivering-isles_broken_reg.png) That stale link error triggers even when accessed immediately.| [git.hardenedbsd.org](https://git.hardenedbsd.org)|✅|Gitlab (EE)|n|n|n|n|**Cloudflare NS server** (they can route all traffic via CF at the flip of a switch); possibly restricted to BSD efforts| [source.puri.sm](https://source.puri.sm)|✅|Gitlab (EE)|n|n|n|n|open registration but activity is [restricted](https://social.librem.one/@kyle/106030358887310621) to puri.sm efforts; accounts are subject to spontaneous unjustified bans (apparent censorship): ![](images/purism_ban.png); no CAPTCHA (confirmed March 2021); is the JavaScript non-free with the enterprize edition?| @@ -52,7 +52,7 @@ github.com|❌ (exclusive walled garden)||y|n|n|☣|**access granted or denied b sourceforge.net|❌ (exclusive walled garden)||n|n|n|☣|**access granted or denied based on national origin**; Important site [functionality does not work without non-free JavaScript](https://www.gnu.org/software/repo-criteria-evaluation.html)| bitbucket.org|✅|Bitbucket Server|n|n|n|☣|**Amazon AWS-hosted**; needs non-free javascript that [clusterfucks uMatrix](https://github.com/privacytoolsIO/privacytools.io/issues/843#issuecomment-483830547); has some relationship with Netlify; access to source code [restricted](https://en.wikipedia.org/wiki/Bitbucket#Bitbucket_Server)| libregit.org|❌|Gitea|n|y|n|n|reg by invite only| -git.openprivacy.ca|❌ (exclusive walled garden)|Gitea 1.12.4|y|n|n|n|Tor users get 404 - suspected botnet; [listed](https://codeberg.org/crimeflare/cloudflare-tor/src/branch/master/cloudflare_users/cloudflare_supporter.txt) as a Cloudflare supporter| +git.openprivacy.ca|❌ (exclusive walled garden)|Gitea 1.12.4|y|n|n|n|Tor users get 404 - suspected botnet; [listed](https://git.sdf.org/deCloudflare/deCloudflare/src/branch/master/cloudflare_users/cloudflare_supporter.md) as a Cloudflare supporter| git.feneas.org|✅|Gitlab (CE)|n|n|⚒|☣|reCAPTCHA impedes registration and imposes non-free s/w| gitlab.com|❌ (exclusive walled garden)|Gitlab (EE)|n|y|⚒|☣|flagship instance running the *Enterprise Edition*; uses both hCAPTCHA & reCAPTCHA; heavily restricted with discriminatory policies; [copious ethical issues](gitlab-dot-com.md)| diff --git a/input_data/forges.sql b/input_data/forges.sql index 12a5ffe..7c0f44f 100644 --- a/input_data/forges.sql +++ b/input_data/forges.sql @@ -28,7 +28,7 @@ insert into forgesTbl (url_clrnet, antitor, forced_nfsw, nation_discrimination, insert into forgesTbl (url_clrnet, software, notes) values ('https://launchpad.net','Launchpad','It''s [unknown](https://wiki.freephile.org/wiki/Comparison_of_git_hosting_options) whether it functions without JavaScript; no wiki'); insert into forgesTbl (url_clrnet, software, dead) values ('https://yerbamate.dev','Gitea',1); -insert into forgesTbl (url_clrnet, software, antitor, notes) values ('https://git.openprivacy.ca','Gitea 1.12.4',1,'Tor users get 404 - suspected botnet; [listed](https://codeberg.org/crimeflare/cloudflare-tor/src/branch/master/cloudflare_users/cloudflare_supporter.txt) as a Cloudflare supporter'); +insert into forgesTbl (url_clrnet, software, antitor, notes) values ('https://git.openprivacy.ca','Gitea 1.12.4',1,'Tor users get 404 - suspected botnet; [listed](https://git.sdf.org/deCloudflare/deCloudflare/src/branch/master/cloudflare_users/cloudflare_supporter.md) as a Cloudflare supporter'); insert into forgesTbl (url_clrnet, software, notes) values ('https://sr.ht','Sourcehut', 'javascript-free; supports patches sent by email'); insert into forgesTbl (url_onion, dead) values ('http://githidep2hynhdmutuv7n2tei4iie2c7lyqz5fes3r5zzoxe5dshtxyd.onion', 1); @@ -41,9 +41,9 @@ insert into forgesTbl (url_clrnet, software, notes) values ('https://git.slashde insert into forgesTbl (url_clrnet, software, notes) values ('https://git.disroot.org','Gitea 1.13.6','SSH over Tor works; based in NL'); insert into forgesTbl (url_clrnet, software, openpubreg, cflogin, notes) values ('https://libregit.org','Gitea',0,1,'reg by invite only'); insert into forgesTbl (url_clrnet, software, notes) values ('https://git.sdf.org','Gitea 1.14.1','SSH over Tor broken but HTTPS over Tor works; some UTF-8 emoticons apparently broke in upgrade from 1.13.1 to 1.14.1 (this table shows boxes now)'); -insert into forgesTbl (url_clrnet, software) values ('https://gitea.it','Gitea 1.12.4'); +insert into forgesTbl (url_clrnet, software, cfns) values ('https://gitea.it','Gitea 1.12.4',1); insert into forgesTbl (url_clrnet, software) values ('https://de.edumat.io','Gitea 1.05.2'); -insert into forgesTbl (url_clrnet, software) values ('https://git.kiwifarms.net','Gitea 1.13.1'); +insert into forgesTbl (url_clrnet, software, cfns) values ('https://git.kiwifarms.net','Gitea 1.13.1',1); insert into forgesTbl (url_clrnet, software) values ('https://git.safemobile.org','Gitea 1.13.6'); /* @@ -71,7 +71,7 @@ insert into forgesTbl (url_clrnet, software, notes) values ('https://gitlab.gnom insert into forgesTbl (url_clrnet, software, hrecaptcha, notes) values ('https://gitlab.torproject.org','gitlab_ce','non-essential tasks','open registration; repo creation possibly restricted; Google reCAPTCHA is [allegedley](https://lists.gnu.org/archive/html/repo-criteria-discuss/2021-03/msg00000.html) used, but [not at registration time](https://gitlab.onionize.space)'); insert into forgesTbl (url_clrnet, software, notes) values ('https://source.puri.sm','gitlab_ee','open registration but activity is [restricted](https://social.librem.one/@kyle/106030358887310621) to puri.sm efforts; accounts are subject to spontaneous unjustified bans (apparent censorship): ![](images/purism_ban.png); no CAPTCHA (confirmed March 2021); is the JavaScript non-free with the enterprize edition?'); insert into forgesTbl (url_clrnet, software, openpubreg) values ('https://source.small-tech.org','gitlab_ce',0); -insert into forgesTbl (url_clrnet, software, openpubreg, notes) values ('https://git.shivering-isles.com','gitlab_ce',0,'Registration is open but broken-- requires 2FA using a device that can QR-scan, and the email verification link is DoA: ![](images/shivering-isles_broken_reg.png) That stale link error triggers even when accessed immediately.'); +insert into forgesTbl (url_clrnet, software, openpubreg, cfns, notes) values ('https://git.shivering-isles.com','gitlab_ce',0,1,'Registration is open but broken-- requires 2FA using a device that can QR-scan, and the email verification link is DoA: ![](images/shivering-isles_broken_reg.png) That stale link error triggers even when accessed immediately.'); update forgesTbl set forced_nfsw = 1 where hrecaptcha = 'unavoidable'; update forgesTbl set lst_kind = 'gray' where lst_kind = 'white' and (aws or cfns or dead or nation_discrimination or (notes is not null and (notes like '%google_cloud_hosted%' or notes like '%censor%')));