2024-01-31 12:43:10 +01:00
|
|
|
# Chromium policies
|
|
|
|
|
2024-02-12 16:10:51 +01:00
|
|
|
- https://chromeenterprise.google/policies/
|
|
|
|
|
2024-01-31 12:43:10 +01:00
|
|
|
<!-- editorconfig-checker-disable -->
|
|
|
|
<!-- prettier-ignore-start -->
|
|
|
|
|
|
|
|
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
|
|
|
|
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
|
|
|
|
|
|
|
|
- [`aminda-extensions.json`](#aminda-extensionsjson)
|
2024-02-07 16:07:54 +01:00
|
|
|
- [Silk - Privacy Pass Client for the browser](#silk---privacy-pass-client-for-the-browser)
|
2024-02-11 12:11:37 +01:00
|
|
|
- [NoScript](#noscript)
|
2024-04-04 13:27:43 +02:00
|
|
|
- [OpenDyslexic](#opendyslexic)
|
2024-04-21 08:58:30 +02:00
|
|
|
- [IPvFoo](#ipvfoo)
|
2024-01-31 13:28:14 +01:00
|
|
|
- [Dark Reader](#dark-reader)
|
2024-02-16 16:13:33 +01:00
|
|
|
- [Indiewiki Buddy](#indiewiki-buddy)
|
2024-04-14 13:10:39 +02:00
|
|
|
- [Floccus bookmarks sync](#floccus-bookmarks-sync)
|
2024-03-08 07:35:50 +01:00
|
|
|
- [Wayback Machine](#wayback-machine)
|
2024-02-07 09:34:43 +01:00
|
|
|
- [Privacy Manager](#privacy-manager)
|
2024-02-26 11:20:47 +01:00
|
|
|
- [Terms of Service; Didn't Read](#terms-of-service-didnt-read)
|
2024-02-07 09:38:15 +01:00
|
|
|
- [Fedora User Agent](#fedora-user-agent)
|
2024-04-21 08:58:30 +02:00
|
|
|
- [IPvFooBar](#ipvfoobar)
|
2024-03-13 07:46:10 +01:00
|
|
|
- [Chrome Remote Desktop](#chrome-remote-desktop)
|
2024-03-08 07:29:54 +01:00
|
|
|
- [Bias Finder](#bias-finder)
|
2024-02-07 16:07:54 +01:00
|
|
|
- [Snowflake](#snowflake)
|
2024-02-28 19:04:08 +01:00
|
|
|
- [AdNauseam](#adnauseam)
|
2024-04-10 10:03:19 +02:00
|
|
|
- [IPFS Companion](#ipfs-companion)
|
2024-02-07 09:38:15 +01:00
|
|
|
- [Bitwarden](#bitwarden)
|
2024-03-14 19:25:06 +01:00
|
|
|
- [UpdateSWH](#updateswh)
|
2024-02-07 09:38:15 +01:00
|
|
|
- [Privacy Badger](#privacy-badger)
|
2024-02-16 18:47:58 +01:00
|
|
|
- [TODO/Inconsistencies](#todoinconsistencies)
|
2024-04-16 06:15:30 +02:00
|
|
|
- [`brave-shields-disabled.json`](#brave-shields-disabledjson)
|
2024-04-16 06:11:55 +02:00
|
|
|
- [`disable-brave-rewards-wallet.json`](#disable-brave-rewards-walletjson)
|
|
|
|
- [`disable-brave-tor.json`](#disable-brave-torjson)
|
2024-04-10 09:53:37 +02:00
|
|
|
- [`disable-brave-vpn.json`](#disable-brave-vpnjson)
|
2024-02-07 09:46:57 +01:00
|
|
|
- [`disable-floc.json`](#disable-flocjson)
|
|
|
|
- [`disable-incognito.json`](#disable-incognitojson)
|
2024-04-19 07:24:29 +02:00
|
|
|
- [`doh-cloudflare-secure.json`](#doh-cloudflare-securejson)
|
2024-04-13 17:37:28 +02:00
|
|
|
- [`doh-allowed.json`](#doh-allowedjson)
|
2024-02-07 09:51:12 +01:00
|
|
|
- [`doh-dns0.json`](#doh-dns0json)
|
2024-04-13 17:37:28 +02:00
|
|
|
- [`doh-forced.json`](#doh-forcedjson)
|
2024-03-23 11:15:21 +01:00
|
|
|
- [`doh-mullvad-base.json`](#doh-mullvad-basejson)
|
2024-04-10 09:53:37 +02:00
|
|
|
- [`doh-quad9-ecs.json`](#doh-quad9-ecsjson)
|
2024-02-07 09:46:57 +01:00
|
|
|
- [`enable-ech-ocsp.json`](#enable-ech-ocspjson)
|
2024-04-16 06:15:30 +02:00
|
|
|
- [`enable-labs.json`](#enable-labsjson)
|
2024-03-28 17:57:29 +01:00
|
|
|
- [`fix-edge-search.json`](#fix-edge-searchjson)
|
2024-02-07 09:46:57 +01:00
|
|
|
- [`force-incognito.json`](#force-incognitojson)
|
2024-01-31 13:12:21 +01:00
|
|
|
- [`https-everywhere.json`](#https-everywherejson)
|
2024-03-23 11:15:21 +01:00
|
|
|
- [`README.md`](#readmemd)
|
2024-01-31 12:43:10 +01:00
|
|
|
|
|
|
|
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
|
|
|
|
|
|
|
|
<!-- prettier-ignore-end -->
|
|
|
|
<!-- editorconfig-checker-enable -->
|
|
|
|
|
|
|
|
## `aminda-extensions.json`
|
|
|
|
|
|
|
|
As I cannot separate the keys to multiple files I am forced to keep them in
|
|
|
|
one and separate by what the file does, `aminda-extensions.json` is unlikely
|
|
|
|
to overlap with someone else.
|
|
|
|
|
|
|
|
Changing `normal_installed` to `force_installed` would also prevent
|
|
|
|
uninstallation.
|
|
|
|
|
2024-04-21 08:58:30 +02:00
|
|
|
This does contain some bloat or something not necessary in all situations or
|
|
|
|
even overlapping extensions, but there is an important side goal of _teaching
|
|
|
|
users to disable extraneous extensions they don't need_ (unless I decide they
|
|
|
|
do need something and thus it's `force_installed`.
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [Silk - Privacy Pass Client for the browser](https://chrome.google.com/webstore/detail/ajhmfdgkijocedmfjonnpjfojldioehi)
|
2024-02-07 16:07:54 +01:00
|
|
|
|
|
|
|
- `ajhmfdgkijocedmfjonnpjfojldioehi`
|
|
|
|
|
|
|
|
Silk or Privacy Pass has a chance of decreasing the amount of captchas
|
|
|
|
especially from Cloudflare when "suspicious" traffic is detected.
|
|
|
|
|
2024-02-11 12:13:13 +01:00
|
|
|
To intentionally trigger it and what should be allowed in NoScript:
|
|
|
|
|
|
|
|
- https://captcha.website
|
|
|
|
- https://issuance.privacypass.cloudflare.com
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [NoScript](https://chrome.google.com/webstore/detail/doojmbjmlfjjnbmnoijecmcbfeoakpjm)
|
2024-02-11 12:11:37 +01:00
|
|
|
|
|
|
|
- `doojmbjmlfjjnbmnoijecmcbfeoakpjm`
|
|
|
|
|
2024-02-27 08:44:28 +01:00
|
|
|
**_Not actually installed by `aminda-extensions.json` anymore due to
|
|
|
|
self-reflection and deciding it's a bit much to push on unsuspecting family
|
|
|
|
members._**
|
|
|
|
|
2024-02-11 12:11:37 +01:00
|
|
|
Appears to make the internet much more pleasant and less distracting in 2024
|
|
|
|
eliminating the cookie banners and all, while not trusting lists generated by
|
|
|
|
other people.
|
|
|
|
|
2024-04-04 13:27:43 +02:00
|
|
|
### [OpenDyslexic](https://chrome.google.com/webstore/detail/cdnapgfjopgaggbmfgbiinmmbdcglnam)
|
|
|
|
|
|
|
|
- `cdnapgfjopgaggbmfgbiinmmbdcglnam`
|
|
|
|
|
|
|
|
OpenDyslexic font + highlighting for currently pointed paragraph. Improves my
|
|
|
|
reading especially with more busy articles, even without dyslexia.
|
|
|
|
|
2024-04-21 08:58:30 +02:00
|
|
|
### [IPvFoo](https://chromewebstore.google.com/detail/ipvfoo/ecanpcehffngcegjmadlcijfolapggal)
|
|
|
|
|
|
|
|
- `ecanpcehffngcegjmadlcijfolapggal`
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [Dark Reader](https://chrome.google.com/webstore/detail/eimadpbcbfnmbkopoojfekhnkhdbieeh)
|
2024-01-31 13:28:14 +01:00
|
|
|
|
|
|
|
- `eimadpbcbfnmbkopoojfekhnkhdbieeh`
|
|
|
|
|
|
|
|
As playing around with these policies and constantly removing the profile directory doesn't help my migraine.
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [Indiewiki Buddy](https://chrome.google.com/webstore/detail/fkagelmloambgokoeokbpihmgpkbgbfm)
|
2024-02-16 16:13:33 +01:00
|
|
|
|
|
|
|
- `fkagelmloambgokoeokbpihmgpkbgbfm`
|
|
|
|
|
|
|
|
I am spoilt by how nice Breezewiki is to use and wikis existing outside of
|
|
|
|
Fandom is good to be reminded about occassionally. And I just happened to stay
|
|
|
|
in not so hardened Chromium for a bit due to hardened Firefox being too much
|
|
|
|
for my task and there is no reason occassionally needed Chromium shouldn't be
|
|
|
|
tolerable for a few minutes.
|
|
|
|
|
2024-04-14 13:10:39 +02:00
|
|
|
### [Floccus bookmarks sync](https://chromewebstore.google.com/detail/floccus-bookmarks-sync/fnaicdffflnofjppbagibeoednhnbjhg)
|
|
|
|
|
|
|
|
- `fnaicdffflnofjppbagibeoednhnbjhg`
|
|
|
|
|
|
|
|
Bookmarks sync either through selfhosted webdav or Google Drive working even
|
|
|
|
across different web browsers.
|
|
|
|
|
2024-03-08 07:35:50 +01:00
|
|
|
### [Wayback Machine](https://chrome.google.com/webstore/detail/fpnmgdkabkmnadcjpehmlllkndpkmiak)
|
|
|
|
|
|
|
|
- `fpnmgdkabkmnadcjpehmlllkndpkmiak`
|
|
|
|
|
|
|
|
[web.archive.org](https://web.archive.org) saving and discovering.
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [Privacy Manager](https://chrome.google.com/webstore/detail/giccehglhacakcfemddmfhdkahamfcmd)
|
2024-01-31 13:28:14 +01:00
|
|
|
|
2024-02-07 09:38:15 +01:00
|
|
|
- `giccehglhacakcfemddmfhdkahamfcmd`
|
2024-01-31 13:28:14 +01:00
|
|
|
|
2024-02-07 09:38:15 +01:00
|
|
|
Quick browser options and data removal on _startup_. Maybe beneficial if
|
|
|
|
incognito is disabled (which again is not great idea for quick guest access?)
|
2024-01-31 13:28:14 +01:00
|
|
|
|
2024-02-26 11:20:47 +01:00
|
|
|
### [Terms of Service; Didn't Read](https://chrome.google.com/webstore/detail/hjdoplcnndgiblooccencgcggcoihigg)
|
|
|
|
|
|
|
|
- `hjdoplcnndgiblooccencgcggcoihigg`
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [Fedora User Agent](https://chrome.google.com/webstore/detail/hojggiaghnldpcknpbciehjcaoafceil)
|
2024-01-31 12:43:10 +01:00
|
|
|
|
2024-02-07 09:46:57 +01:00
|
|
|
- `hojggiaghnldpcknpbciehjcaoafceil`
|
|
|
|
|
2024-01-31 12:43:10 +01:00
|
|
|
Communicates websites that Ubuntu isn't the only Linux distribution and makes
|
|
|
|
some offer rpm packages directly.
|
|
|
|
|
2024-04-21 08:58:30 +02:00
|
|
|
### [IPvFooBar](https://chromewebstore.google.com/detail/ipvfoobar/iimpkhokkfekbpmoamlmcndclohnehhk)
|
|
|
|
|
|
|
|
- `iimpkhokkfekbpmoamlmcndclohnehhk`
|
|
|
|
|
2024-03-13 07:46:10 +01:00
|
|
|
### [Chrome Remote Desktop](https://chrome.google.com/webstore/detail/inomeogfingihgjfjlpeplalcfajhgai)
|
|
|
|
|
|
|
|
- `inomeogfingihgjfjlpeplalcfajhgai`
|
|
|
|
|
|
|
|
Remote support integrated to Chrome.
|
|
|
|
|
|
|
|
The additional component is:
|
|
|
|
|
|
|
|
- Debian: `https://dl.google.com/linux/direct/chrome-remote-desktop_current_amd64.deb`
|
|
|
|
- Others: _unsupported_
|
|
|
|
|
2024-03-08 07:29:54 +01:00
|
|
|
### [Bias Finder](https://chromewebstore.google.com/detail/jojjlkfeofgcjeanbpghcapjcccbakop)
|
|
|
|
|
|
|
|
Political bias of English language media sites powered by allsides.com
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [Snowflake](https://chrome.google.com/webstore/detail/mafpmfcccpbjnhfhjnllmmalhifmlcie)
|
2024-02-07 16:07:54 +01:00
|
|
|
|
|
|
|
- `mafpmfcccpbjnhfhjnllmmalhifmlcie`
|
|
|
|
|
|
|
|
Helps bridge traffic to Tor by looking like WebRTC call.
|
|
|
|
|
2024-02-28 19:04:08 +01:00
|
|
|
### [AdNauseam](https://microsoftedge.microsoft.com/addons/detail/adnauseam/mlojlfildnehdpnlmpkeiiglhhkofhpb)
|
|
|
|
|
|
|
|
- `mlojlfildnehdpnlmpkeiiglhhkofhpb`
|
|
|
|
|
|
|
|
Complementing PrivacyBadger with an adblocker so first profile runs have at
|
|
|
|
least something to block Malvertising now that I no longer enable NoScript out
|
|
|
|
of the box.
|
|
|
|
|
2024-04-10 10:03:19 +02:00
|
|
|
### [IPFS Companion](https://chromewebstore.google.com/detail/nibjojkomfdiaoajekhjakgkdhaomnch?pli=1)
|
|
|
|
|
|
|
|
- `nibjojkomfdiaoajekhjakgkdhaomnch`
|
|
|
|
|
|
|
|
IPFS integration for web browsers.
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [Bitwarden](https://chrome.google.com/webstore/detail/nngceckbapebfimnlniiiahkandclblb)
|
2024-02-07 09:34:43 +01:00
|
|
|
|
2024-02-07 09:38:15 +01:00
|
|
|
- `nngceckbapebfimnlniiiahkandclblb`
|
2024-02-07 09:34:43 +01:00
|
|
|
|
2024-02-07 09:38:15 +01:00
|
|
|
The password manager of my choice.
|
|
|
|
|
2024-03-14 19:25:06 +01:00
|
|
|
### [UpdateSWH](palihjnakafgffnompkdfgbgdbcagbko)
|
|
|
|
|
|
|
|
- `palihjnakafgffnompkdfgbgdbcagbko`
|
|
|
|
|
|
|
|
Adds a floating coloured button to source code forges reflecting the status
|
|
|
|
of it being in Software Heritage Archive and allows quick archiving requests
|
|
|
|
to be made.
|
|
|
|
|
2024-02-17 17:25:37 +01:00
|
|
|
### [Privacy Badger](https://chrome.google.com/webstore/detail/pkehgijcmpdhfbdbbnkijodmdjhbjlgp)
|
2024-02-07 09:38:15 +01:00
|
|
|
|
|
|
|
- `pkehgijcmpdhfbdbbnkijodmdjhbjlgp`
|
|
|
|
|
|
|
|
Configured to learn locally and also in incognito as opposed to only relying
|
|
|
|
on vendor list. Also not display the "Welcome to Privacy Badger screen".
|
|
|
|
|
|
|
|
See also:
|
|
|
|
|
|
|
|
- https://github.com/EFForg/privacybadger/blob/master/doc/admin-deployment.md
|
|
|
|
- https://github.com/EFForg/privacybadger/blob/master/src/data/schema.json
|
2024-02-07 09:34:43 +01:00
|
|
|
|
2024-02-16 18:47:58 +01:00
|
|
|
### TODO/Inconsistencies
|
|
|
|
|
|
|
|
- I am not aware of any _New Tab Suspender_ equivalents, but it might be an
|
|
|
|
integrated feature on some Chromiums.
|
|
|
|
- [Peertubeify doesn't support Chromium yet.](https://codeberg.org/Booteille/peertube-companion/issues/15)
|
|
|
|
|
2024-04-16 06:15:30 +02:00
|
|
|
## `brave-shields-disabled.json`
|
|
|
|
|
|
|
|
Allowlist for sites where I think Brave Shields may be breaking things. Similar is also in
|
|
|
|
`aminda-extensions.json` for Privacy Badger.
|
|
|
|
|
2024-04-16 06:11:55 +02:00
|
|
|
## `disable-brave-rewards-wallet.json`
|
|
|
|
|
2024-04-16 06:15:30 +02:00
|
|
|
Disables Brave rewards and wallet.
|
2024-04-16 06:11:55 +02:00
|
|
|
|
|
|
|
## `disable-brave-tor.json`
|
|
|
|
|
2024-04-16 06:15:30 +02:00
|
|
|
Disables Tor in Brave as I recommend using Tor Browser instead.
|
2024-04-16 06:11:55 +02:00
|
|
|
|
2024-04-10 09:53:37 +02:00
|
|
|
## `disable-brave-vpn.json`
|
|
|
|
|
|
|
|
Disables Brave VPN, which is the most annoying feature that has group policy
|
|
|
|
that I can see.
|
|
|
|
|
2024-02-07 09:46:57 +01:00
|
|
|
## `disable-floc.json`
|
|
|
|
|
|
|
|
Disables floc or ad topics that are against privacy.
|
|
|
|
|
|
|
|
- https://start.duckduckgo.com/?q=google+floc+privacy+topics
|
|
|
|
|
|
|
|
## `disable-incognito.json`
|
|
|
|
|
|
|
|
Disables incognito mode. I don't recommend this.
|
|
|
|
|
2024-04-19 07:24:29 +02:00
|
|
|
## `doh-cloudflare-secure.json`
|
|
|
|
|
|
|
|
Sets Cloudflare with malware protection as the DNS-over-HTTPS server.
|
|
|
|
|
2024-04-13 17:37:28 +02:00
|
|
|
## `doh-allowed.json`
|
2024-02-07 09:51:12 +01:00
|
|
|
|
2024-04-13 17:37:28 +02:00
|
|
|
If no DNS over HTTPS policy is used, this unlocks the setting while still allowing downgrade to system DNS
|
|
|
|
(think of DoT opportunistic mode, kind of?). Enabling managed policies disable it by default.
|
2024-02-07 09:51:12 +01:00
|
|
|
|
2024-04-13 17:37:28 +02:00
|
|
|
Incompatible with `doh-forced.json`. This must be used together with any other `doh-*.json` file, but only one of them.
|
2024-02-07 09:51:12 +01:00
|
|
|
|
2024-04-19 07:24:29 +02:00
|
|
|
**_No ECH._**
|
|
|
|
|
2024-02-07 09:51:12 +01:00
|
|
|
## `doh-dns0.json`
|
2024-01-31 12:43:10 +01:00
|
|
|
|
2024-04-13 17:37:28 +02:00
|
|
|
Simply enables DNS-over-HTTPS with DNS0.eu.
|
|
|
|
|
|
|
|
## `doh-forced.json`
|
|
|
|
|
|
|
|
Enforces use of DNS-over-HTTPS disabling the downgrade.
|
|
|
|
|
|
|
|
Incompatible with `doh-allowed.json`. Use this together with any other `doh-*.json` file, but only one of them.
|
2024-01-31 13:12:21 +01:00
|
|
|
|
2024-04-19 07:24:29 +02:00
|
|
|
**_Required for ECH._**
|
|
|
|
|
2024-03-23 11:15:21 +01:00
|
|
|
## `doh-mullvad-base.json`
|
|
|
|
|
|
|
|
Enables DNS-over-HTTPS with Mullvad Base, which features ad, malware & tracker blocking.
|
|
|
|
|
|
|
|
- https://mullvad.net/en/help/dns-over-https-and-dns-over-tls#specifications
|
|
|
|
|
2024-04-10 09:53:37 +02:00
|
|
|
## `doh-quad9-ecs.json`
|
|
|
|
|
|
|
|
Enables DNS over HTTPS with Quad9 ECS enabled server.
|
|
|
|
|
2024-02-07 09:46:57 +01:00
|
|
|
## `enable-ech-ocsp.json`
|
|
|
|
|
|
|
|
Enables encrypted client hello and OCSP (or CRL?) checks.
|
|
|
|
|
2024-04-16 06:15:30 +02:00
|
|
|
## `enable-labs.json`
|
|
|
|
|
|
|
|
Enables the beaker button "Experiments" for easier management than `about:flags`.
|
|
|
|
|
2024-03-28 17:57:29 +01:00
|
|
|
## `fix-edge-search.json`
|
|
|
|
|
|
|
|
Tells Microsoft Edge to redirect queries from new tab search box to URL bar
|
|
|
|
effectively forcing it to respect user configured search engine instead of
|
|
|
|
stealthily sending those queries to Bing.
|
|
|
|
|
2024-02-07 09:46:57 +01:00
|
|
|
## `force-incognito.json`
|
|
|
|
|
|
|
|
Forces incognito mode. I don't recommend this.
|
|
|
|
|
2024-01-31 13:12:21 +01:00
|
|
|
## `https-everywhere.json`
|
|
|
|
|
|
|
|
Enforces https and attempts to upgrade http to https.
|
2024-03-23 11:15:21 +01:00
|
|
|
|
|
|
|
## `README.md`
|
|
|
|
|
|
|
|
You are reading this file, are you not?
|