logo

blog

My website can't be that messy, right? git clone https://anongit.hacktivis.me/git/blog.git/

BadWolf, two years later.xhtml (4241B)


  1. <article xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" class="h-entry">
  2. <a href="/articles/BadWolf%2C%20two%20years%20later"><h1>BadWolf, two years later</h1></a>
  3. <h2>Google-WebRTC × Mozilla Firefox</h2>
  4. <p>
  5. Pandemic happened so instead of AFK meetups I sometimes had to use BigBlueButton and Jitsi (Meet), which require WebRTC, that WebKitGTK doesn't have yet because of licensing issues with Google's BoringSSL bundled in libwebrtc (used by virtually everyone and with no proper releases done on it, have fun).
  6. This means that I need to use either chromium or Mozilla Firefox from time to time. The only way so far that I've managed to is to use an Arch/Artix chroot, something that I used to reserve for things like LibreOffice and gigantic proprietary programs like Steam.<br />
  7. Why? Because Mozilla Firefox is even more flirting with the limits of open-source than it used to.
  8. </p>
  9. <p>
  10. Firefox has been bundling an ancient binary of Python 2.7 into it's tarball for years (detected that in <a href="https://archives.gentoo.org/gentoo-dev/message/55bfdf32bfc3263342fe6aa03909997f">December 2019</a> with version 68.3.0) and still does as of version 78.7.1 (February 2021), and when that copy of python is removed it fails to build, even if a version of Python 2.7 is available on the system (because of renpy).<br />
  11. With the addi(c)tion of Rust into the system there is now a huge blob festival, I detected 2791 blobs (<code>ELF</code> and <code>ar(1)</code> files) in 78.7.1 with my <a href="/git/go-deblob">go-deblob</a> tool as detector.
  12. </p>
  13. <p>Reminder: Open-source releasing means you have modifications rights <strong>and</strong> the proper original material available to you.</p>
  14. <p>Note: WebKitGTK will probably get WebRTC from GStreamer (<a href="https://github.com/philn/webkit/commits/gstwebrtc-2021-04">WIP branch</a>), which already seems like a much better codebase.</p>
  15. <h2>Bookmarks</h2>
  16. <p>
  17. This has been a long planned feature of badwolf, I wanted a format which was easily readable and writable by a machine and a human and hopefully in a standard format.
  18. uzbl, dwb, … all have their own take on what's the best format for bookmarks in plain text, it's awfully non-extensible.
  19. </p>
  20. <p>
  21. I ended up discovering <a href="http://pyxml.sourceforge.net/topics/xbel/">XBEL</a>, I'm not a huge fan of XML but it solves a bunch of issues in a relatively clean way provided that you ignore most of the extensions done by the W3C (as usual), specially ones related to SOAP and Linked Data.<br />
  22. </p>
  23. <p>
  24. XBEL was the format supported by a lot of alternative browsers from about a decade ago, most of them switched to unreadable blobs based on SQLite + Firefox Sync (yay to the cloud™).<br />
  25. Currently the modern software I'm aware of with support for XBEL are keditbookmarks (probably linked with Konqueror) and elinks. They are pretty good tools but I think there should be a graphical yet minimalist XBEL bookmark manager so I'll probably build one based on Qt or GTK.
  26. </p>
  27. <h2>Content Filters and Intelligent Tracking Protection</h2>
  28. <p>Content Filters is basically what would allow to store rules that are as precise as most adblockers but with the ability to fully block all requests like umatrix, which to me had the major issue that no one would actually use it the same way, thus actually having the risk of enhancing fingerprinting. This one doesn't have this problem, I will likely try to create a repository which contains rules more powerful that what you usually have with EasyList.</p>
  29. <p>Intelligent Tracking Protection seems very similar to what Privacy Badger does but built into WebKit directly, so it's not going to be limited by the rare API endpoints provided to extensions (a quite understandable one to avoid extensions harvesting too much of users data). I haven't hooked some interface to it's API to see how effective it is but from reading the development blogs it is quite promissing, I only doubt a bit on it for browsers without sessions like badwolf.</p>
  30. <p><a href="https://queer.hacktivis.me/objects/fd81f68d-4469-40c5-b1d4-23a91b65ae2b">Fediverse post for comments</a>, published on 2021-04-20T00:00:00Z, last updated on 2021-04-20T00:00:00Z</p>
  31. </article>