privacybadger icon indicating copy to clipboard operation
privacybadger copied to clipboard

Published 20 hours ago verified publisher icon EFForg

Audit the yellowlist for entries that can be removed

Open cowlicks opened this issue 7 years ago • 7 comments

If a domain has been added to a mdfp group, we might be able to remove it from the yellowlist.

cowlicks avatar Aug 21 '17 01:08 cowlicks

Removing domains from the yellowlist is inadvisable as long as pre-2017.7.24 releases are still around (https://github.com/EFForg/privacybadger/issues/1474#issuecomment-314803154).

This depends on #1474.

ghostwords avatar Aug 21 '17 14:08 ghostwords

When we upgrade the yellowlist format (to json, or a signed thing) we should make sure to include a safe way to propagate changes to older versions. While still being able to remove things.

cowlicks avatar Aug 21 '17 19:08 cowlicks

Related to this, I noticed zergnet.com and its subdomains are on the yellowlist and was trying to find a reason why. I can't see any reason why they can't be blocked and checking the logs on github didn't give any info either. So here are probably some other things other than just mdfps that can be removed too..

redranamber avatar Aug 30 '17 10:08 redranamber

Yeah, zergnet.com is in the original "example whitelist" from 2013 contributed by @jonathanmayer. I don't see documentation around those domains.

ghostwords avatar Aug 30 '17 12:08 ghostwords

Yandex domains probably belong in the MDFP list, not the yellowlist (at least not all yandex.com subdomains ...): #649.

ghostwords avatar Apr 18 '18 16:04 ghostwords

Might be able to remove turner.com after most users update to 7e18dedbabeb0ea47d5db866ad16e8f52050bab7

ghostwords avatar Oct 22 '19 18:10 ghostwords

www.facebook.com was removed in 39d2c1c892b27b8c0df56eaa973300a5df907d3e (see also: #2279)

ghostwords avatar Dec 02 '22 20:12 ghostwords