readme.md 10.9 KB
Newer Older
Aral Balkan's avatar
Aral Balkan committed
1
# Better
Aral Balkan's avatar
Aral Balkan committed
2

Aral Balkan's avatar
Aral Balkan committed
3
Better protects you from unethical web sites. It makes your web experience safer, lighter, and faster.
Aral Balkan's avatar
Aral Balkan committed
4

Aral Balkan's avatar
Aral Balkan committed
5
Better enforces the [Ethical Design Manifesto](https://ind.ie/ethical-design). It helps the Web respect human rights, effort, and experience.
Aral Balkan's avatar
Aral Balkan committed
6

Aral Balkan's avatar
Aral Balkan committed
7
Better is curated by Ind.ie, a social enterprise that defends human rights. It’s free, open, and transparent.
Aral Balkan's avatar
Aral Balkan committed
8

Aral Balkan's avatar
Aral Balkan committed
9
## Content
Aral Balkan's avatar
Aral Balkan committed
10

Aral Balkan's avatar
Aral Balkan committed
11
This repository contains the Better content: Better’s database of information on trackers and other malware as well as the web sites that host them.
Aral Balkan's avatar
Aral Balkan committed
12

Aral Balkan's avatar
Aral Balkan committed
13
This content is in Blockdown format. Blockdown is an extension of Markdown with special vocabulary to describe web malware. Blockdown can also contain WebKit content blocking rules. The Blockdown pages in Better’s content repository both describe web malware and contain the rules to block them.
Aral Balkan's avatar
Aral Balkan committed
14

Aral Balkan's avatar
Aral Balkan committed
15
This content is processed by [Better Builder](https://source.ind.ie/better/builder) to generate the [Better web site](https://better.fyi) as well as the data for the [Better iOS App](https://source.ind.ie/better/app), including a WebKit `blockerList.json` file.
Aral Balkan's avatar
Aral Balkan committed
16

Aral Balkan's avatar
Aral Balkan committed
17
A seminal advantage of Better is that its database is human-readable, open, and extensible via pull requests. (The database is curated by Ind.ie using the Ethical Design Manifesto as the criteria for blocking rules.)
Aral Balkan's avatar
Aral Balkan committed
18

19
Contributing to the content is as easy as creating an account on [source.ind.ie](https://source.ind.ie) and editing a content page in your browser.
20

Aral Balkan's avatar
Aral Balkan committed
21
## I’m not a developer, I just want to experience a Better web.
22

Aral Balkan's avatar
Aral Balkan committed
23
Get Better from the App Store.
24

Aral Balkan's avatar
Aral Balkan committed
25 26 27 28 29 30
## How can I support Better?

Buying Better on the App Store is one way to support us. If you want to help with the ongoing costs of developing and maintaining Better, you can [donate to Ind.ie](https://ind.ie/fund/) or, even better, [become a patron](https://ind.ie/fund/) by setting up a recurring donation.

## I’m a developer, let me in!

31 32
The easiest way to get started is to follow the instructions in the readme for the [Better iOS app](https://source.ind.ie/better/app) repository.

33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
## Testing locally.

[Better Builder](https://source.ind.ie/better/builder) will automatically pick up your changes as you save and rebuild your local data.

To persist your changes locally, commit them in Git and push to origin:

```bash
git commit -am "My awesome content update"
git push origin master
```

Note that these changes will be destroyed if you run the Better Builder installer (or the Better iOS installer, which runs the Better Builder installer as part of its own installation process). To not lose any work, save your changes regularly by pushing to production, as explained below.

## Saving your changes by pushing to production

You can push to production with:

```bash
./save
```

Or, manually run what the save script does, which is:

```bash
git push live master
```

## Deployment

If you have commit rights to the content repository, just run the deployment script:

```bash
./deploy
```

This will create a tag (you will have to enter a tag mesage when prompted, describing the release) and push it to production. Please make sure that you have already committed your changes and pushed them to production either via `git push live master` or by running the `./save` script, which does the same thing.

70
# Guide to Blockdown
71

72 73
Better content is authored in Blockdown.

74 75
Blockdown is Markdown with an extended high-level vocabulary for describing web malware for the Better database.

76
## Sites
77 78 79

Site pages have the following sections:

80
### Ethical design violations
81 82 83 84 85

```markdown
## Ethical design violations
```

86
This is a list of ethical design violations that gets converted to a collection of badges on the rendered site pages. The Trackers part of the list, detailed below, is updated automatically by [Better Inspector](https://source.ind.ie/better/inspector)
87 88 89

#### Trackers

90 91 92
The first badge is always the trackers badge. In Blockdown it is represented by a list item introduced by the word `Trackers`:

```markdown
93 94 95 96 97 98
  * Trackers
    * Automatically
    * Generated
    * List
    * of
    * Trackers
99 100 101 102
```

This gets automatically translated by [Better Builder](https://source.ind.ie/better/builder) to a badge similar to the one below:

103
![Screenshot of the trackers badge](images/readme/blockdown/trackers-badge-example.png)
104 105 106

Tapping on the badge displays a popover with links to the actual trackers.

107 108
![Screenshot of the trackers popover](images/readme/blockdown/trackers-popover-example.png)

109
The other badges are manually added if they apply to the site in question:
110 111 112 113

#### Aggressive

```markdown
114
* Aggressive
115 116
```

117 118
Attempts to block content blockers.

119 120 121 122 123 124
![Screenshot of the Aggressive Badge](images/readme/blockdown/aggressive-badge-example.png)


#### Doorslam

```markdown
125
* Doorslam
126 127
```

128 129
Interrupts and blocks using modal dialogs.

130 131 132 133 134 135
![Screenshot of the Doorslam Badge](images/readme/blockdown/doorslam-badge-example.png)


#### Clickbait

```markdown
136
* Clickbait
137 138
```

139 140
Uses exploitative, addictive content syndication network(s).

141 142 143 144 145 146
![Screenshot of the Clickbait Badge](images/readme/blockdown/clickbait-badge-example.png)


#### Fingerprint

```markdown
147
* Fingerprint
148 149
```

150 151
Uses hidden Canvas fingerprinting.

152 153 154
![Screenshot of the Fingerprint Badge](images/readme/blockdown/fingerprint-badge-example.png)


155
#### Web Bug
156 157

```markdown
158
* Web bug
159 160
```

161 162
Uses invisible tracking pixels.

163 164 165
![Screenshot of the Web Bugs Badge](images/readme/blockdown/web-bugs-badge-example.png)

We might create new badges as and when we find new types of web malware and unethical practices to document and warn people about.
166 167 168 169 170 171 172

## After Better section

```markdown
## After Better
```

173
The After Better section provides statistics about the before (without the Better content blocker active) and after (with the Better content blocker active) performance of a site.
174

175
It is automatically generated by [Better Inspector](https://source.ind.ie/better/inspector)
176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201

![Screenshot of the After Better Section](images/readme/blockdown/after-better.png)

## Block Rules section

This is the section where we enter the actual WebKit content blocking rules. Each rule is written in a strict subset of MSON (Markdown JSON) and has a brief explanation detailing what the rule does and why.

The blocking rules in this section serve the following purposes, in line with the [Ethical Design Manifesto](https://ind.ie/ethical-design)

  * Remove any first-party trackers (respect human rights)
  * Improve the usability of the site by removing first-party impediments like doorslams (respect human effort)
  * Improve the experience of the site (respect human effort) – we should especially aim to create a better experience after trackers have been removed (like removing empty spaces left over, etc.)

Please note that this is not the place to put blocking rules for trackers. Each tracker encountered should be entered into the [Trackers](#trackers) section and you have its own page in the `/trackers` section of the content.

Here is an example of a site-specific blocking rule in MSON format:

```markdown
```mson
- trigger:
  - url-filter: cdn.cultofmac.com/wp-content/plugins/com2014-ads/static/js/frontend-functionality.js
- action:
  - type: block
``` 
```

202 203 204 205 206 207
The Blockdown parser in Better supports all of the [WebKit content blocking rules](https://webkit.org/blog/3476/content-blockers-first-look/). Instead of JSON, however, we enter blocking rules in MSON. All Blockdown rules are combined by Better Builder into a single `blockerList.json` file.

# Investigation process

Currently, you need to have commit rights to the Content repository to use the Better commandline commands. However, you can use Git directly to fork the repository and submit merge requests and you can [add and edit pages through the online GitLab interface](https://source.ind.ie/better/content) without commit rights.

208 209
## Find who owns and runs the tracker

Laura Kalbag's avatar
Laura Kalbag committed
210
1. Start by editing the tracker: `better/edit drafts/trackers/somedoma.in`. This will create an issue in GitLab (or update an existing issue, if one already exists) and create or checkout a branch for you. It will also open your working copy of the tracker page in your system editor and in the browser.
211 212 213 214 215

2. First, enter the domain into your browser in a private window to see if it loads.

3. If it doesn’t load, or if you get a blank page, perform a whois. We are currently using http://whois.domaintools.com for these so we can link to is as a source when stating ownership information. However, you will sometimes get more information from a direct whois look-up on your machine. In Terminal: `whois somedoma.in`

216
4. Some trackers use a domain proxy or a cloaking service (e.g., Domains by Proxy) to further hide their origins. In this case, open up the source of some sites that the tracker originated on in the Web Developer console (Timeline view) of Safari (or in the web inspector of your browser of choice) and try to recreate the original call. That might give you more clues about its origin. (To find which sites a tracker is on, perform a search on the *~/better.fyi/drafts/trackers folder*. For example, you can open up the folder in Sublime Text and do a global search for the tracker name.)
217 218 219 220 221 222

Other useful tools:

  * [Wikipedia](wikipedia.org)
  * [Mozilla Lightbeam](https://www.mozilla.org/en-US/lightbeam/)

223 224 225 226 227 228
## Add the site description

1. Add a concise one-line description of what the tracker, or the tracker owner, does.

*Usually the tracker sites have vague marketing spiel to describe themselves. Often a clearer description can be found in their privacy policy. If you can’t find a concise description in their own words, try to find their entry on [Wikipedia](https://wikipedia.org), Bloomberg or Crunchbase.*

229 230 231 232 233
# Content authoring guidelines

  * Be brief: do not quote the whole privacy policy; pick out interesting bits.
  * You can editorialise (with restraint). Sometimes you just have to laugh at the ridiculousness of some of the trackers that we’re covering. It also helps, when trudging through the cesspit of surveillance capitalism to retain our humour. And it also makes the pages more interesting to read (we don’t want to create a dry database). Please only add editorial comments for something unusually important or to highlight egregious abuses. A good rule of thumb would be: “would this make a good slide in a presentation to illustrate the problem with this particular thing or practice?” Editorial comments should be brief, marked with ‘– Ed.’ and limited to at most one per tracker.
  * Use images (sparingly). Not every humdrum tracker page needs images. However, if you are making an editorial comment and you feel that a visual aid is important in highlighting the point, please feel free to use images. Images and screenshots should be 1,160px wide (to display well at their 580pt width on high resolution screens). Please resize and compress images properly. On Mac, [ImageOptim](https://imageoptim.com/mac) is a great application for compressing PNGs and [PhotoBulk](https://itunes.apple.com/us/app/photobulk-watermark-resize/id537211143?mt=12) is a convenient app for converting between formats.