shell-things/etc/opt/chromium/policies/managed/README.md

226 lines
7.6 KiB
Markdown
Raw Normal View History

2024-01-31 12:43:10 +01:00
# Chromium policies
- https://chromeenterprise.google/policies/
2024-01-31 12:43:10 +01:00
<!-- editorconfig-checker-disable -->
<!-- prettier-ignore-start -->
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
- [`aminda-extensions.json`](#aminda-extensionsjson)
- [Silk - Privacy Pass Client for the browser](#silk---privacy-pass-client-for-the-browser)
- [NoScript](#noscript)
- [Dark Reader](#dark-reader)
- [Indiewiki Buddy](#indiewiki-buddy)
2024-03-08 07:35:50 +01:00
- [Wayback Machine](#wayback-machine)
2024-02-07 09:34:43 +01:00
- [Privacy Manager](#privacy-manager)
- [Terms of Service; Didn't Read](#terms-of-service-didnt-read)
- [Fedora User Agent](#fedora-user-agent)
- [Chrome Remote Desktop](#chrome-remote-desktop)
2024-03-08 07:29:54 +01:00
- [Bias Finder](#bias-finder)
- [Snowflake](#snowflake)
2024-02-28 19:04:08 +01:00
- [AdNauseam](#adnauseam)
- [Bitwarden](#bitwarden)
- [UpdateSWH](#updateswh)
- [Privacy Badger](#privacy-badger)
- [TODO/Inconsistencies](#todoinconsistencies)
2024-02-07 09:46:57 +01:00
- [`disable-floc.json`](#disable-flocjson)
- [`disable-incognito.json`](#disable-incognitojson)
- [`doh-automatic.json`](#doh-automaticjson)
- [`doh-dns0.json`](#doh-dns0json)
- [`doh-mullvad-base.json`](#doh-mullvad-basejson)
2024-02-07 09:46:57 +01:00
- [`enable-ech-ocsp.json`](#enable-ech-ocspjson)
- [`fix-edge-search.json`](#fix-edge-searchjson)
2024-02-07 09:46:57 +01:00
- [`force-incognito.json`](#force-incognitojson)
- [`https-everywhere.json`](#https-everywherejson)
- [`README.md`](#readmemd)
2024-01-31 12:43:10 +01:00
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
<!-- prettier-ignore-end -->
<!-- editorconfig-checker-enable -->
## `aminda-extensions.json`
As I cannot separate the keys to multiple files I am forced to keep them in
one and separate by what the file does, `aminda-extensions.json` is unlikely
to overlap with someone else.
Changing `normal_installed` to `force_installed` would also prevent
uninstallation.
### [Silk - Privacy Pass Client for the browser](https://chrome.google.com/webstore/detail/ajhmfdgkijocedmfjonnpjfojldioehi)
- `ajhmfdgkijocedmfjonnpjfojldioehi`
Silk or Privacy Pass has a chance of decreasing the amount of captchas
especially from Cloudflare when "suspicious" traffic is detected.
To intentionally trigger it and what should be allowed in NoScript:
- https://captcha.website
- https://issuance.privacypass.cloudflare.com
### [NoScript](https://chrome.google.com/webstore/detail/doojmbjmlfjjnbmnoijecmcbfeoakpjm)
- `doojmbjmlfjjnbmnoijecmcbfeoakpjm`
**_Not actually installed by `aminda-extensions.json` anymore due to
self-reflection and deciding it's a bit much to push on unsuspecting family
members._**
Appears to make the internet much more pleasant and less distracting in 2024
eliminating the cookie banners and all, while not trusting lists generated by
other people.
### [Dark Reader](https://chrome.google.com/webstore/detail/eimadpbcbfnmbkopoojfekhnkhdbieeh)
- `eimadpbcbfnmbkopoojfekhnkhdbieeh`
As playing around with these policies and constantly removing the profile directory doesn't help my migraine.
### [Indiewiki Buddy](https://chrome.google.com/webstore/detail/fkagelmloambgokoeokbpihmgpkbgbfm)
- `fkagelmloambgokoeokbpihmgpkbgbfm`
I am spoilt by how nice Breezewiki is to use and wikis existing outside of
Fandom is good to be reminded about occassionally. And I just happened to stay
in not so hardened Chromium for a bit due to hardened Firefox being too much
for my task and there is no reason occassionally needed Chromium shouldn't be
tolerable for a few minutes.
2024-03-08 07:35:50 +01:00
### [Wayback Machine](https://chrome.google.com/webstore/detail/fpnmgdkabkmnadcjpehmlllkndpkmiak)
- `fpnmgdkabkmnadcjpehmlllkndpkmiak`
[web.archive.org](https://web.archive.org) saving and discovering.
### [Privacy Manager](https://chrome.google.com/webstore/detail/giccehglhacakcfemddmfhdkahamfcmd)
- `giccehglhacakcfemddmfhdkahamfcmd`
Quick browser options and data removal on _startup_. Maybe beneficial if
incognito is disabled (which again is not great idea for quick guest access?)
### [Terms of Service; Didn't Read](https://chrome.google.com/webstore/detail/hjdoplcnndgiblooccencgcggcoihigg)
- `hjdoplcnndgiblooccencgcggcoihigg`
### [Fedora User Agent](https://chrome.google.com/webstore/detail/hojggiaghnldpcknpbciehjcaoafceil)
2024-01-31 12:43:10 +01:00
2024-02-07 09:46:57 +01:00
- `hojggiaghnldpcknpbciehjcaoafceil`
2024-01-31 12:43:10 +01:00
Communicates websites that Ubuntu isn't the only Linux distribution and makes
some offer rpm packages directly.
### [Chrome Remote Desktop](https://chrome.google.com/webstore/detail/inomeogfingihgjfjlpeplalcfajhgai)
- `inomeogfingihgjfjlpeplalcfajhgai`
Remote support integrated to Chrome.
The additional component is:
- Debian: `https://dl.google.com/linux/direct/chrome-remote-desktop_current_amd64.deb`
- Others: _unsupported_
2024-03-08 07:29:54 +01:00
### [Bias Finder](https://chromewebstore.google.com/detail/jojjlkfeofgcjeanbpghcapjcccbakop)
Political bias of English language media sites powered by allsides.com
### [Snowflake](https://chrome.google.com/webstore/detail/mafpmfcccpbjnhfhjnllmmalhifmlcie)
- `mafpmfcccpbjnhfhjnllmmalhifmlcie`
Helps bridge traffic to Tor by looking like WebRTC call.
2024-02-28 19:04:08 +01:00
### [AdNauseam](https://microsoftedge.microsoft.com/addons/detail/adnauseam/mlojlfildnehdpnlmpkeiiglhhkofhpb)
- `mlojlfildnehdpnlmpkeiiglhhkofhpb`
Complementing PrivacyBadger with an adblocker so first profile runs have at
least something to block Malvertising now that I no longer enable NoScript out
of the box.
### [Bitwarden](https://chrome.google.com/webstore/detail/nngceckbapebfimnlniiiahkandclblb)
2024-02-07 09:34:43 +01:00
- `nngceckbapebfimnlniiiahkandclblb`
2024-02-07 09:34:43 +01:00
The password manager of my choice.
### [UpdateSWH](palihjnakafgffnompkdfgbgdbcagbko)
- `palihjnakafgffnompkdfgbgdbcagbko`
Adds a floating coloured button to source code forges reflecting the status
of it being in Software Heritage Archive and allows quick archiving requests
to be made.
### [Privacy Badger](https://chrome.google.com/webstore/detail/pkehgijcmpdhfbdbbnkijodmdjhbjlgp)
- `pkehgijcmpdhfbdbbnkijodmdjhbjlgp`
Configured to learn locally and also in incognito as opposed to only relying
on vendor list. Also not display the "Welcome to Privacy Badger screen".
See also:
- https://github.com/EFForg/privacybadger/blob/master/doc/admin-deployment.md
- https://github.com/EFForg/privacybadger/blob/master/src/data/schema.json
2024-02-07 09:34:43 +01:00
### TODO/Inconsistencies
- I am not aware of any _New Tab Suspender_ equivalents, but it might be an
integrated feature on some Chromiums.
- [Peertubeify doesn't support Chromium yet.](https://codeberg.org/Booteille/peertube-companion/issues/15)
2024-02-07 09:46:57 +01:00
## `disable-floc.json`
Disables floc or ad topics that are against privacy.
- https://start.duckduckgo.com/?q=google+floc+privacy+topics
## `disable-incognito.json`
Disables incognito mode. I don't recommend this.
## `doh-automatic.json`
If no DNS over HTTPS policy is used, this unlocks the setting. Enabling managed policies disable it by default.
Incompatible with any actual DoH policy.
## `doh-dns0.json`
2024-01-31 12:43:10 +01:00
Simply enables DNS-over-HTTPS with DNS0.eu. `automatic` means downgrade is
allowed (the system resolver is encrypted), `secure` would lock it.
## `doh-mullvad-base.json`
Enables DNS-over-HTTPS with Mullvad Base, which features ad, malware & tracker blocking.
- https://mullvad.net/en/help/dns-over-https-and-dns-over-tls#specifications
2024-02-07 09:46:57 +01:00
## `enable-ech-ocsp.json`
Enables encrypted client hello and OCSP (or CRL?) checks.
## `fix-edge-search.json`
Tells Microsoft Edge to redirect queries from new tab search box to URL bar
effectively forcing it to respect user configured search engine instead of
stealthily sending those queries to Bing.
2024-02-07 09:46:57 +01:00
## `force-incognito.json`
Forces incognito mode. I don't recommend this.
## `https-everywhere.json`
Enforces https and attempts to upgrade http to https.
## `README.md`
You are reading this file, are you not?