Hello Debian, I am an occasional user of this operating system. I used to rely on https://packages.debian.org for quickly checking the details of certain packages. I consider these pages especially useful when one must check something while on a different distro.
I became extremely concerned when I noticed that https://packages.debian.org now includes a bot blocker from Fastly. This email is (1) a complaint, (2) a request to the community to come up with something that treats users better, and (3) a justification for (1) and (2). Sure, bot blockers have become a necessity. Almost every website needs them to remain functional. I have a kind of bot blocker on my private one as well. The problem lies with how a bot blocker operates. Fastly's one on Debian's website does unfair things that other popular bot blockers don't. It reports - browser window size, - document viewport size, and - and a lot of other values that can be used for browser fingerprinting to the server. It is a well known fact that bad websites out there track visitors. But a free software OS community "should know better". I therefore request replacing Fastly with a different bot prevention tool that does not fingerprint users (nor needlessly collects data that *could* be used for fingerprinting). It's worth mentioning that other commonly used anti-scrapers are able to do their job without the need to collect such browser details. The best-known of them is Anubis (used, e.g., on kernel.org, elixir.bootlin.com, and koji.fedoraproject.org). But there's no need to recommend this particular one: others are just as good or even better. Not to mention that one could think a recognizable free software OS distro with history would allow fellow hackers to browse its website with JS disabled :/ If there's a better place for this topic than this mailing list, I'll be grateful to someone who tells me where it is. Best Wojtek PS. I am not subscribed to debian-user@, please Cc [email protected] in your reply. -- W. Kosior website: https://koszko.org/koszko.html fediverse: https://friendica.me/profile/koszko/profile PGP fingerprint: E972 7060 E3C5 637C 8A4F 4B42 4BC5 221C 5A79 FD1A
pgp7QDcg7Gi_4.pgp
Description: OpenPGP digital signature

