Stealth Alternatives

stealth reviews and mentions

• There are no Internet Browsers that cannot be tracked, or are there?
  3 projects | reddit.com/r/hacking | 17 Sep 2022

  I'm trying to go a different route with Stealth, my programmable peer-to-peer web browser that can offload and relay traffic intelligently - and with RetroKit, my WebKit fork that aims to remove all JavaScript APIs that can be used for fingerprinting and/or tracking.

• No-JavaScript Fingerprinting
  4 projects | news.ycombinator.com | 6 Feb 2022

  Note that among a sea of tracked browsers, the untrackable browser shines like a bright star.

  Statistical analysis of these values over time (matched with client hints, ETags, If-Modified-Since, and IPs) will make most browsers uniquely identifiable.

  If the malicious vendor is good, they even correlate the size and order of requests. Because that's unique as well and can identify TOR browsers pretty easily.

  It's like saying "I can't be tracked, because I use Linux". Guess what, as long as nobody in your town uses Linux, you are the most trackable person.

  I decided to go with the "behave as the statistical norm expects you to behave" and created my browser/scraper [1] and forked WebKit into a webview [2] that doesn't support anything that can be used for tracking; with the idea that those tracking features can be shimmed and faked.

  I personally think this is the only way to be untrackable these days. Because let's be honest, nobody uses Firefox with ETP in my town anymore :(

  WebKit was a good start of this because at least some of the features were implemented behind compiler flags...whereas all other browsers and engines can't be built without say, WebRTC support, or say, without Audio Worklets which are for themselves enough to be uniquely identified.

  [1] https://github.com/tholian-network/stealth

  [2] https://github.com/tholian-network/retrokit

  (both WIP)

• We Have A Browser Monopoly Again and Firefox is The Only Alternative Out There
  6 projects | reddit.com/r/programming | 1 Jan 2022

  Currently my primary motivation factor is my own Browser Stealth that I'm building; and due to lack of alternatives.

• Pirate Party member: GDPR-compliant Whois will lead to 'doxxing and death lists'
  3 projects | news.ycombinator.com | 17 Oct 2021

  I'm building a peer to peer Browser network that relies on trust ratios/factor in order to find out the seed/leech ratio of sharing content, producing content etc.

  The problem I'm currently trying to solve is that I had the idea to have a vendor profile that contains the necessary information for IP ranges (ASN, organization, region, country, ISP/NAT etc) so that the discovery service for that doesn't have to do this.

  It's like the basic idea of an offline "map of the internet" that should be an approximation of who does what in which amount of data (e.g. data center IPs aren't trustworthy or same ISP-NATed IP could be censored the same when it comes to blocked websites etc).

  At this point it's a big experiment and I'm not sure whether I'm fundamentally wrong about this as I don't have any data to back it up.

  If you're curious, it's part of the Stealth Browser I'm building [1] and [2]

  [1] https://github.com/tholian-network/stealth

  [2] https://github.com/tholian-network/stealth-vendor

• A climate activist arrested after ProtonMail provided his IP address
  3 projects | news.ycombinator.com | 5 Sep 2021

  > Does anyone here have a feasible way to solve this?

  Current solutions like TOR, I2P, VPNs and/or mobile proxy services are just a matter of time and legality until they come obsolete.

  TOR and I2P are worth a shit if everybody knows it was a TOR exit node, and cloudflare shows you tracking captchas anyways.

  Same for VPNs and mobile proxies, most are known due to their static IP ranges. Note that most mobile proxy services actually use malware installed on smartphones, so technically you're helping the blackhats by using them, and technically if the federal agencies find out you are probably in some lawsuits filed as an anonymous party that helped them DDoS a victim party.

  I am convinced that the only way to solve this is by simply not downloading the website from its origin. The origin tracks you, so don't talk to them. Talk to your peers and receive a ledged copy of it instead.

  The only problem is that this contradicts all that came after Web 2.0, because every website _wants_ unique identities for every person visiting them; including ETag-based tracking mechanisms of CDNs.

  I think it's not possible with supporting Web Browser APIs the same way in JavaScript (as of now, due to fetch and XHR and how WebSockets are abused for HDCP/DRM to prevent caching), but I think that a static website delivering network with a trustless cryptography based peer-to-peer end-to-end encrypted statistically-correct cache is certainly feasible. I believe that because that's exactly what I'm building for the last two years [1].

  [1] https://github.com/tholian-network/stealth

• Google Removed ClearURLs Extension from Chrome Web Store
  15 projects | news.ycombinator.com | 24 Mar 2021

  I agree with you there. For my stealth browser I decided to go with a different JSON based format [1] that can rewrite the URL parameters via wildcards (for both * at the start and end of both key and val).

  It has the idea that you can audit a website and only list the allowed parameters there, so that a website search or sorting order or filters can still work.

  I built my browser on an allowlist based concept because it seemed too impossible to maintain all bad urls, domains, parameters on the web. Most websites have more tracking than content in them, so I decided on maintaining lists to select the content rather than the ads and trackers.

  [1] https://github.com/tholian-network/stealth/blob/X0/profile/p...

• AdGuard publishes a list of 6K+ trackers abusing the CNAME cloaking technique
  6 projects | news.ycombinator.com | 4 Mar 2021

  Maybe you want to take a look at stealth [1] as you've seem to understood the real strength of a browser with a decentralized (and delegateable) request system.

  Personally I don't think the strength of p2p is only trust, it's delegation. If you have peer to peer encryption running, the possibilities are endless.

  [1] https://github.com/tholian-network/stealth

• "ping" attribute on <a> tags, which will send a POST request to the given URLs when the anchor is clicked.
  2 projects | reddit.com/r/programming | 20 Feb 2021

  A lot of Web APIs are made for tracking, that's why I decided to build my own browser that filters not only HTTPS headers but also HTML and CSS because Blocking JS and setting the content security policies on the current document is not enough.

• Stealth: A Scriptable Peer-to-Peer Web Scraper
  2 projects | reddit.com/r/OSINT | 1 Feb 2021

  Regarding Usage Examples: Currently there's only the Developer Guide on GitHub which tries to explain the architecture.

  2 projects | reddit.com/r/OSINT | 1 Feb 2021
• A note from our sponsor - talent.io
  www.talent.io | 25 Sep 2022

  Median salaries, most in-demand technologies, state of the remote work... all you need to know your worth on the market by tech recruitment platform talent.io Learn more →