Sailfish Community News, 12th January, Privacy and Control

Yes, there is /etc/hosts and also /etc/hosts.editable , but no hosts.allow and no hosts.deny as I once upon a time saw in some desktop linux distros.

How can I use these files to block some adresses (e.g. G**gle or fb)?

Highly interesting would be to hold back and supress all the outgoing requests to these (or some other) adresses that are coded in nearly all webpages, and not only block incoming data packages from them (G*, fb & similars)!

3 Likes

The hosts file is functioning as your local Domain Name System, so if it maps google.com to 0.0.0.0 then you won’t be communicating with google.com at all.

2 Likes

I added this way:

127.0.0.1               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
0.0.0.0         google.com
0.0.0.0         consent.google.com
~                                                                                                                                   
~                                         

and restarted network with SF utilities.

At a first tried only ‘google.com’. Then I came to a page ‘consent.google.com’ and was asked for assent. Then I added ‘consent.google.com’ as shown above and rebooted the network again. But still the same, the ‘google.com’ and ‘consent.google.com’ can still display their content and if I simply type ‘google.com’ into the address line of a new browser tab, the request still goes out. Did I make something wrong?

edit: can I write 0.0.0.0 only once and separate URL names with commas or semikolons?

Then you have a local resolver that is ignoring hosts. That happens. You need to configure your dns. If I do that I get: PING consent.google.com (127.0.0.1) 56(84) bytes of data.

How can I configure the dns?

Sorry, it could also be that the application you used, the browser, had cached the IP address.

Generally you shouldn’t have to do anything, but you can look what your system is using in /etc/resolv.conf . On the machine I’m using to type this, the resolver is the one provided by systemd. The entry is:

nameserver 127.0.0.53
search fritz.box

But /etc/hosts still takes precedence. What is your operating system?

EDIT: If it is a systemd system then you need to lookup how resolvconf works and the systemd-resolved.service

1 Like

SFOS 4.4.0.72 on a Volla/GS290, and tweaking in it’s system files I do with Ubuntu 22.04 on a X64 laptop by ssh.

Ok, hosts works on my 4.4.0.72 GS290 system for most cases (ie. I don’t see ads on many sites). I would guess that’s the browser’s cache. I’m not sure how clear that out. There were some issues reported vis. nssswitch.conf:

1 Like

@poetaster will have a look there, thank you so much!

edit: A network reset by Sailfish Utilities is not sufficient, but a full reboot did it!
Now ‘Unable to connect’ to G**gle !!! (other websites work)

Any ideas if there will be a live from the FOSDEM or some youtuber filming it ?

I think the issue you had here is caused by combination of boosting and sandboxing. Browser has application booster which is sandboxed and sandboxing copies files in /etc into the sandbox on startup. You’d need to restart that booster to update the file:

systemctl --user restart booster-browser@sailfish-browser.service

As a separate tip, you can list all running application boosters with systemctl --user list-units | grep -E 'booster-.*@.*\.service' and there should be one for email and browser each and two for camera, assuming that email app is installed.

4 Likes

How nice, this interview with Cyberlyra, thank you! I remember having read her story about pregnancy. In those years many articles about privacy emerged. Now there is more silence it seems. Shushana Zuboff described a striking example of privacy robbery about a man who bought an engagement ring. Without his knowledge and consent the seller placed a message on his Facebook to gratulate him. Thereafter everyone congratulated him and the surprise for his girlfriend was gone. People don’t see the value and importance of privacy and the many temptations are too powerful to resist.
Developments in tech are going further and deeper and I wonder when smartphones will reach their perfection. Do we really need all the features that Apple wants us to use? Seeing the row of smartphones above, I think nearly everyone here can produce such a line of devices. This brings us to another issue besides privacy: sustainability. Imagine a person who gets his/her first smartphone at 18. When he/she changes to 6 devices in 8 years, he/she will have used 42 devices at the age of 74. Imagine that every person does the same. Apple even wanted us to change every year. Impossible of course.
So where do software and hardware end? And how can companies survive without regular payments?

2 Likes

Will https://www.google.com also be blocked?

Oh, I am getting lost between here and the other thread, I’m sorry.
Finally, what file was it important to modify?

I don’t think so.
With ‘www.google.com’ it jumps immediately to ‘consent.google.com’, that is blocked (yellow frame and no connection).
With ‘google.com’ it jumps not to ‘consent…’ and also no connection.

Therefore I assume that ‘www.google.com’ was not blocked and led to ‘consent…’, what was blocked. But so quick that I didn’t see much.

As I meanwhile read in the howto’s, the servername must exactly match. But I also find ‘dnsmasq’, and I think this offers much more options, also to block e.g. everything that contains ‘g**gle’.

It was /etc/hosts , and it works! But only if hostname/URL exactly matches! Now I search and play with dnsmasq for more practical solutions.

1 Like

Will there be a Jolla resturant event in Brussels this year in relation to FOSDEM? :slight_smile:

1 Like

Yes, details coming…

Edit: Here they are!

3 Likes

Without going into details here, I d like to make privacy-conscious people aware of the existence of privoxy.

It’s a bitch to set up, it potentially regularly breaks web sites left and right, and its overall concept is a bit dated, but it can still serve as an powerful privacy-enhancing tool in the absence of support of the “usual” browser plugins on Sailfish OS.

Using the guides provided in the README you can (in a way) emulate the blocking functionality provided by uBlock and similar browser extensions, if set up right.

I’d love to hear from the SFOS community about their custom configurations for this tool, and overall feedback about it. (Just not in this thread! :slight_smile: )

4 Likes

This topic was automatically closed after 30 days. New replies are no longer allowed.