Ah neat! Https Everywhere as an app is a *really *interesting idea, Hans! Do you think it'd be a heavier or lighter load on the device compared to a straight-up Firefox Add-on?
-------------------------------------------- Q: Why is this email [hopefully] five sentences or less? | A: http://five.sentenc.es *NOTE* that my incoming emails are delayed from arriving in my inbox until 9am daily. If you need to reach me sooner, please use other means of getting in touch. #slowwebmovement <http://www.musubimail.com/gmail_timer.html> On Sat, Jan 17, 2015 at 1:37 PM, Hans-Christoph Steiner < [email protected]> wrote: > > I've been playing around with techniques of catching location sharing on > Android, and finding way to remove privacy leaks. Android's IntentFilters > power to match URLs makes this quite easy to do system-wide. > > That work got me thinking: maybe it makes sense to have something like > "HTTPS > Everywhere" as an Android app. It could claim all HTTP links, then the app > would check if it has an HTTPS rewriting rule. If yes, it rewrites it and > passes it on. If no, it either passes it on, or blocks access with a popup > (this could be a preference). > > As an example use case, there are lots of apps that share location, and > basically all of them use a HTTP URL. Some links, like > http://maps.google.com > or http://openstreetmap.org, can easily be rewritten to HTTPS links. > Others > like amap.com or map.baidu.com do not offer HTTPS. A shared location > link can > often be a unique ID, so any network observer could use that to > de-anonymize a > device. > > You can find raw work here: > https://github.com/eighthave/LocationPrivacy > > .hc > > -- > PGP fingerprint: 5E61 C878 0F86 295C E17D 8677 9F0F E587 374B BE81 > https://pgp.mit.edu/pks/lookup?op=vindex&search=0x9F0FE587374BBE81 > _______________________________________________ > Guardian-dev mailing list > > Post: [email protected] > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > To Unsubscribe > Send email to: [email protected] > Or visit: > https://lists.mayfirst.org/mailman/options/guardian-dev/patrick.c.connolly%40gmail.com > > You are subscribed as: [email protected] >
_______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
