this post was submitted on 24 Sep 2023
49 points (98.0% liked)

Privacy

31892 readers
778 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I've noticed that dark reader on occasion phones home to darkreader.org, also with a increasing amount of sponsored links on their page. So what does everyone think, are they safe right now or should they not be trusted?

top 12 comments
sorted by: hot top controversial new old
[–] nix@merv.news 28 points 1 year ago* (last edited 1 year ago) (1 children)

The coder of Hover Zoom+ publishes all the offers he gets to sell his users data. Here’s an offer that mentions their partnership with Dark Reader:

1/25/2021

We'd love to have redacted sponsor Hover Zoom+ in a similar manner to how we're partnering with Dark Reader. See attached for how that partnership has come to life, but we're honestly super flexible on implementation. We'd essentially love to pay you in exchange for helping us drive users to redacted.

https://github.com/extesy/hoverzoom/discussions/670

Based on this it seems like Dark Reader has sold out to some type of partnership of some kind. If they did agree to start selling users data without informing their users would they even publish this code on their github? They could easily publish code that didn’t include the code in the extension to track their users.

Im going to try emailing them and I think I’ll be looking for an alternative

Edit: I went to their website to find an email to contact them and wow. I know they want people to download their app but this is excessive I cant dismiss this giant button to download the app and when I accidentally clicked it, it became wayy bigger and doesn’t hide

Edit 2: they replied

I've never heard about Hover Zoom. At the moment we only partner with Honey and DuckDuckGo, you can see their banners and install their products. We don't collect any data. Best Regards, Redacted

Follow up email:

The dates reflect with Toucan, again, we had installation links to their app. Last year their product was shut down. Some time ago it was acquired by a bigger company.

I then asked mentioned your concern about the extension periodically phoning home and they replied:

The extension periodically checks if there are new blog posts on the website and displays the latest news in the News section https://darkreader.org/blog/ Best, Redacted

Seems alright imo

Edit 3: I’m actually confused by the email because it states their only partnered with Honey and Duckduckgo but they also have Adblockplus, icon8, Vpnwelt, and instinctools in their sponsored section?

Edit 4: I asked why there were more links in the sponsored section than Honey and Duckduckgo and they replied

It depends on your business structure. You need an agreement for advertising services, or some invoices, and pay taxes from your revenue. Open Collective acts as an intermediate, we don't have agreements with those sponsors or any invoices, just decided to put their links on our website to attract more sponsors.

Seems a little odd but overall understandable.

[–] fachpersonal@lemmy.ml 13 points 1 year ago* (last edited 1 year ago)

Thank you for the effort researching all of this!

[–] anon5621@lemmy.ml 18 points 1 year ago
[–] Mikelius@lemmy.ml 9 points 1 year ago

Just ran a Wireshark on it for 12 hours. The only thing it ever does is a frequent ping to their home site, but includes no useful data other than an IP address if you're not on VPN. I wouldn't worry about it personally. If it's a big deal, DNS block darkreader.org or block pings to it through your firewall... Chances are it's just to download the latest css rules when they have them or something.

[–] sturlabragason@lemmy.world 6 points 1 year ago

I like how everyone is just going fucking nuts in this thread; combing over the code, contacting the maintainer, running a Wireshark trace on it. Good work everyone!

[–] Qvest@lemmy.world 5 points 1 year ago

If you don't know how to read code, then you pretty much have to trust them, and all other open-source software out there. The good thing with FOSS is that there's probably someone who cares about it enough to read it and audit it, although there can also be a chance that no knowledgeable person cares about the code so no one ends up actually knowing what it's doing.

I don't know how to read code, so I pretty much have to trust all of the FOSS that I use. Although open-source is usually more trustworthy than proprietary counterparts (read: PRISM)

[–] celmit@lemmy.ca 5 points 1 year ago (1 children)

maybe you're up to something, look at my comment in this post

[–] macallik@kbin.social 3 points 1 year ago
[–] Raisin8659@monyet.cc 3 points 1 year ago

Since I am not in anyway inclined to go read their code, I probably will just trust FF's "recommended" flag until there is an obvious problem. Of course, when it is like that, then it's too late. I tried the "Dark theme" on FF for a little bit, switch back to using Dark Reader in no time.

[–] GlitzyArmrest@lemmy.world 2 points 1 year ago

A valid question that got me thinking. It's probably relatively straight forward to use something like TamperMonkey instead especially if you only care about a few sites being in dark mode. Might be worth looking into as an alternative.

[–] kraniax@lemmy.wtf 1 points 1 year ago

Personally I don't like this kind of extensions since they affect your browser's fingerprint. But yeah, it looks bad.

[–] aPirate@lemmy.dbzer0.com 1 points 1 year ago

Op here, from what I have been seeing from everyone there are suspicious elements to darkreader, I'll keep it for right now though I may eventually switch to something else or use TamperMonkey or Stylus. Thanks everyone for all your knowledge and help.