Re: security in firefox4
On Fri, May 20, 2011 at 07:19, Tim wrote: >> Is that for your entire network, or just one computer? If it's just >> for the one machine, you might find it easier to maintain a simple >> hosts file. > > You might want to read my first paragraph, again... > > Though, even for just one computer, it offers something that can't be > done with the hosts file: Wildcarding. > > If I wanted to blacklist an entire domain, and all of its subdomains, I > can't do that in the hosts file, I have to list each FQDN that I want to > block. > I see. Nice. > It also offers something else. With the hosts file, you can only > associate a different IP with the domain name (than the real IP). With > my solution you can offer a "no answer," essentially an "it does not > exist" response. Which is a faster kill, avoiding any waiting for > responses. And doesn't cause problems when you do have a webserver > running on the localhost. > Clever, especially as I do have a server on localhost. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
Tim: >> I do something similar with my DNS server. I have a dead zone file, >> which produces instant fails to any queries to any domain names I >> associate it with. It gives me neat, central, management of all >> computers on the LAN. Dotan Cohen: > Is that for your entire network, or just one computer? If it's just > for the one machine, you might find it easier to maintain a simple > hosts file. You might want to read my first paragraph, again... Though, even for just one computer, it offers something that can't be done with the hosts file: Wildcarding. If I wanted to blacklist an entire domain, and all of its subdomains, I can't do that in the hosts file, I have to list each FQDN that I want to block. It also offers something else. With the hosts file, you can only associate a different IP with the domain name (than the real IP). With my solution you can offer a "no answer," essentially an "it does not exist" response. Which is a faster kill, avoiding any waiting for responses. And doesn't cause problems when you do have a webserver running on the localhost. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Thu, May 19, 2011 at 17:05, Tim wrote: > I do something similar with my DNS server. I have a dead zone file, > which produces instant fails to any queries to any domain names I > associate it with. It gives me neat, central, management of all > computers on the LAN. My named.conf file also has these other > google-related domains: > > zone "googlesyndication.com" { type master; file "dead.zone"; }; > zone "googleservices.com" { type master; file "dead.zone"; }; > zone "googleadservices.com" { type master; file "dead.zone"; }; > zone "google-analytics.com" { type master; file "dead.zone"; }; > > And this is the dead.zone file: > > $TTL 86400 > @ IN SOA ns.localdomain. hostmaster.mail.localdomain. ( > 200 ; serial > 28800 ; refresh > 7200 ; retry > 604800 ; expire > 86400 ; ttl > ) > > > IN NS ns.localdomain. > > Essentially, it's a wildcard "no answer" for the domain, and any > subdomain. > > -- > [tim@localhost ~]$ uname -r > 2.6.27.25-78.2.56.fc9.i686 > > Don't send private replies to my address, the mailbox is ignored. I > read messages from the public lists. > Is that for your entire network, or just one computer? If it's just for the one machine, you might find it easier to maintain a simple hosts file. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Thu, May 19, 2011 at 16:38, Alan Cox wrote: >> Going back to my first example, simply blocking doubleclick.com cookies >> wouldn't be enough to stop them tracking you. The mere loading of their >> graphics has counted you, and put your IP into their database to track >> for the rest of your browsing session. You need to stop loading their >> graphics, in the first place. > > Likewise google's analysis stuff > > The internet works better in my experience when www.google-analytics.com > (and ssl.google-analytics.com) get blocked at firewall level or stuck > in /etc/hosts as 127.0.0.1 > Works better in what sense? Faster page load times? -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
Awesome solution. Thank you for helping to improve the world! - Original Message > From: Tim > To: Community support for Fedora users > Sent: Thu, May 19, 2011 10:05:27 AM > Subject: Re: security in firefox4 > > On Thu, 2011-05-19 at 14:38 +0100, Alan Cox wrote: > > The internet works better in my experience when > > www.google-analytics.com > > (and ssl.google-analytics.com) get blocked at firewall level or stuck > > in /etc/hosts as 127.0.0.1 > > I do something similar with my DNS server. I have a dead zone file, > which produces instant fails to any queries to any domain names I > associate it with. It gives me neat, central, management of all > computers on the LAN. My named.conf file also has these other > google-related domains: > > zone "googlesyndication.com"{ type master; file "dead.zone"; }; > zone "googleservices.com" { type master; file "dead.zone"; }; > zone "googleadservices.com" { type master; file "dead.zone"; }; > zone "google-analytics.com" { type master; file "dead.zone"; }; > > And this is the dead.zone file: > > $TTL 86400 > @ IN SOA ns.localdomain. hostmaster.mail.localdomain. ( > 200 ; serial > 28800 ; refresh > 7200 ; retry > 604800 ; expire > 86400 ; ttl > ) > > > IN NS ns.localdomain. > > Essentially, it's a wildcard "no answer" for the domain, and any > subdomain. > > -- > [tim@localhost ~]$ uname -r > 2.6.27.25-78.2.56.fc9.i686 > > Don't send private replies to my address, the mailbox is ignored. I > read messages from the public lists. > > > > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Thu, 2011-05-19 at 14:38 +0100, Alan Cox wrote: > The internet works better in my experience when > www.google-analytics.com > (and ssl.google-analytics.com) get blocked at firewall level or stuck > in /etc/hosts as 127.0.0.1 I do something similar with my DNS server. I have a dead zone file, which produces instant fails to any queries to any domain names I associate it with. It gives me neat, central, management of all computers on the LAN. My named.conf file also has these other google-related domains: zone "googlesyndication.com"{ type master; file "dead.zone"; }; zone "googleservices.com" { type master; file "dead.zone"; }; zone "googleadservices.com" { type master; file "dead.zone"; }; zone "google-analytics.com" { type master; file "dead.zone"; }; And this is the dead.zone file: $TTL 86400 @ IN SOA ns.localdomain. hostmaster.mail.localdomain. ( 200 ; serial 28800 ; refresh 7200 ; retry 604800 ; expire 86400 ; ttl ) IN NS ns.localdomain. Essentially, it's a wildcard "no answer" for the domain, and any subdomain. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
> Going back to my first example, simply blocking doubleclick.com cookies > wouldn't be enough to stop them tracking you. The mere loading of their > graphics has counted you, and put your IP into their database to track > for the rest of your browsing session. You need to stop loading their > graphics, in the first place. Likewise google's analysis stuff The internet works better in my experience when www.google-analytics.com (and ssl.google-analytics.com) get blocked at firewall level or stuck in /etc/hosts as 127.0.0.1 -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Thu, 2011-05-19 at 17:50 +0900, Misha Shnurapet wrote: > * blocked third-party cookies while online (may prevent advertisement > networks from carrying information between sites) I don't think it quite does what people hope. Well, not any more. Third party cookies are cookies that don't belong to the content being loaded. Most tracking cookies are associated with graphics, rather than the page, but either can be used for tracking you. And as far as those graphics are concerned, ownership of their cookies is *NOT* the page you're looking at, but the content going into the page. e.g. As a theoretical example, you might load www.example.com, its page includes images from doubleclick.com, and these images have cookies. If those images include cookies for doubleclick.com, they're not third-party, so they're not blocked. But if those images included cookies to some other domain, such as google.com, then they would be third party (or vice versa - images from google, with cookies for doubleclick). So, if you want to block doubleclick.com cookies, for instance, you need to directly blacklist them. This has been my experience, at least. I think most people's ideas about third-party cookies, and apparently the browser authors, would be along these lines: You'd browse www.example.com, it'd include pages and graphics from itself, but the tracking cookies would be for someone like doubleclick.com (this *is* a third party). Going back to my first example, simply blocking doubleclick.com cookies wouldn't be enough to stop them tracking you. The mere loading of their graphics has counted you, and put your IP into their database to track for the rest of your browsing session. You need to stop loading their graphics, in the first place. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
Misha Shnurapet: >> * used Flash Block to only watch the clips I intend to watch (may >> prevent click-jacking) Dotan Cohen: > This is the single best performance enhancement that I've ever done to > a computer, it works better than a memory upgrade. Everyone for whom > I've installed Flashblock has thanked me. Flash really is the bane of > the internet. Note that the first thing that I do after installing > Flashblock is browse to Youtube and click "Allow Flash From This > Site". I used to always leave Flash uninstalled, until I regularly had to deal with sites relying on it, because it was that huge pain. And I agree, Flashblock has been about the best thing for dealing with it, and about the only plugin that I'll routinely install. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
2011/5/19 Misha Shnurapet : > Here's what I did for privacy in Firefox: > * used the BetterPrivacy plugin to delete Flash cookies on exit > * set the browser to delete *regular* cookies on exit You can use the CookieCuller extension to keep the cookies that you want, such as logins. > * blocked third-party cookies while online (may prevent advertisement > networks from carrying information between sites) This is wise. > * used Ghostery plugin to block scripts from the major known tracking websites Nice. I've used Ghostery in the past to let me know about scripts, but I never knew about it's blocking feature. > * used Flash Block to only watch the clips I intend to watch (may prevent > click-jacking) > This is the single best performance enhancement that I've ever done to a computer, it works better than a memory upgrade. Everyone for whom I've installed Flashblock has thanked me. Flash really is the bane of the internet. Note that the first thing that I do after installing Flashblock is browse to Youtube and click "Allow Flash From This Site". > * additionally, AdBlock Plus (along with the Element Hiding Helper) can be > used to block counters, ads designed to show up in your face and other crap > like pocker games, etc. > > The "Do Not Track Me" option is a gag. > 100% correct. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
19.05.2011, 17:07, "Dotan Cohen" : > On Wed, May 18, 2011 at 23:55, Aaron Konstam ; wrote: > >> Thanks that worked to stop tracking. But I am still confused by the >> official directions to use an option under tools? > > On Windows the Preferences menu item in under Tools, on Linux it is > under Edit. I have no idea why that is, probably historical. > > -- > Dotan Cohen Here's what I did for privacy in Firefox: * used the BetterPrivacy plugin to delete Flash cookies on exit * set the browser to delete *regular* cookies on exit * blocked third-party cookies while online (may prevent advertisement networks from carrying information between sites) * used Ghostery plugin to block scripts from the major known tracking websites * used Flash Block to only watch the clips I intend to watch (may prevent click-jacking) * additionally, AdBlock Plus (along with the Element Hiding Helper) can be used to block counters, ads designed to show up in your face and other crap like pocker games, etc. The "Do Not Track Me" option is a gag. -- Best regards, Misha Shnurapet, Fedora Project Contributor https://fedoraproject.org/wiki/Shnurapet shnurapet AT fedoraproject.org, GPG: 00217306 -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Wed, May 18, 2011 at 23:55, Aaron Konstam wrote: > Thanks that worked to stop tracking. But I am still confused by the > official directions to use an option under tools? > On Windows the Preferences menu item in under Tools, on Linux it is under Edit. I have no idea why that is, probably historical. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Wed, May 18, 2011 at 10:02:54PM -0400, Genes MailLists wrote: > Also delete your flash cookies and turn them off ... Yes. > flash P2P as well for good measure. Couldn't hurt. > Many of the 'bad guys' have switched primarily to flash cookies now > ... so deleting the regular cookies wont really help. Well, yeah, it'll help--just not as much as it used to. If you use Firefox, you can get the "BetterPrivacy" addon. It'll zap flash cookies and DOM objects when you exit. Cheers, -- Dave Ihnat -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On 05/18/2011 09:49 PM, bruce wrote: > > no guarantee that won't happen.. > > if you really don't want to be tracked. clean out your cookies > regularly, as well as change your dynamic ip address every couple of > hours... > > there you go! > Also delete your flash cookies and turn them off - and also turn off flash P2P as well for good measure. Many of the 'bad guys' have switched primarily to flash cookies now ... so deleting the regular cookies wont really help. Click here to start fixing your flash: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html There are 6 tabs to go thru to clean and turn thinks off. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
umm.. no. it doesn't stop tracking, unless the website you're looking at has agreed to not track you!! the tracking thing is purely voluntary and happens on the serverside/ad network side... all the tracking check does is kind of ask the site to now track you!! no guarantee that won't happen.. if you really don't want to be tracked. clean out your cookies regularly, as well as change your dynamic ip address every couple of hours... there you go! On Wed, May 18, 2011 at 1:55 PM, Aaron Konstam wrote: > On Wed, 2011-05-18 at 07:02 -0700, bruce wrote: >> check under the edit/preferences/advanced/general... in the 2nd batch >> of checkboxes >> > Thanks that worked to stop tracking. But I am still confused by the > official directions to use an option under tools? > > -- > === > Great American Axiom: Some is good, more is better, too much is just > right. > === > Aaron Konstam telephone: (210) 656-0355 e-mail: akons...@sbcglobal.net > > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Wed, 2011-05-18 at 07:02 -0700, bruce wrote: > check under the edit/preferences/advanced/general... in the 2nd batch > of checkboxes > Thanks that worked to stop tracking. But I am still confused by the official directions to use an option under tools? -- === Great American Axiom: Some is good, more is better, too much is just right. === Aaron Konstam telephone: (210) 656-0355 e-mail: akons...@sbcglobal.net -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Wed, May 18, 2011 at 6:16 AM, Aaron Konstam wrote: > On Tue, 2011-05-17 at 20:25 -0430, Patrick O'Callaghan wrote: >> On Tue, 2011-05-17 at 23:38 +0100, Sam Sharpe wrote: >> > On 17 May 2011 21:35, Aaron Konstam wrote: >> > > I read somewhere that Firefox 4 contains a feature that prevents >> > > websites from grabbing your local information. If that is true could >> > > some on tell me how to activate this feature in Firefox 4 >> > >> > If you mean "Do Not Track", then that would be this: >> > >> > Tools -> Options -> Advanced -> General -> Tell web sites I do not >> > want to be tracked. >> > >> > http://support.mozilla.com/en-US/questions/767746 >> >> Note that it doesn't *prevent* anything. Its function is purely >> advisory. Compliance depends on the web site admin. >> >> poc >> > > That is what I wanted but neither the Tools tab on the menu bar not the > tools tab on the Community tool Bar have an option called options. > This is Firefox 4.0.1 It's in Preferences > Advanced > Browsing > Tell Websites I Do Not Want To Be Tracked -- Bryce Hardy -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
check under the edit/preferences/advanced/general... in the 2nd batch of checkboxes On Wed, May 18, 2011 at 6:16 AM, Aaron Konstam wrote: > On Tue, 2011-05-17 at 20:25 -0430, Patrick O'Callaghan wrote: >> On Tue, 2011-05-17 at 23:38 +0100, Sam Sharpe wrote: >> > On 17 May 2011 21:35, Aaron Konstam wrote: >> > > I read somewhere that Firefox 4 contains a feature that prevents >> > > websites from grabbing your local information. If that is true could >> > > some on tell me how to activate this feature in Firefox 4 >> > >> > If you mean "Do Not Track", then that would be this: >> > >> > Tools -> Options -> Advanced -> General -> Tell web sites I do not >> > want to be tracked. >> > >> > http://support.mozilla.com/en-US/questions/767746 >> >> Note that it doesn't *prevent* anything. Its function is purely >> advisory. Compliance depends on the web site admin. >> >> poc >> > > That is what I wanted but neither the Tools tab on the menu bar not the > tools tab on the Community tool Bar have an option called options. > This is Firefox 4.0.1 > -- > === > Unix is a Registered Bell of AT&T Trademark Laboratories. -- Donn Seeley > === > Aaron Konstam telephone: (210) 656-0355 e-mail: akons...@sbcglobal.net > > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Tue, 2011-05-17 at 20:25 -0430, Patrick O'Callaghan wrote: > On Tue, 2011-05-17 at 23:38 +0100, Sam Sharpe wrote: > > On 17 May 2011 21:35, Aaron Konstam wrote: > > > I read somewhere that Firefox 4 contains a feature that prevents > > > websites from grabbing your local information. If that is true could > > > some on tell me how to activate this feature in Firefox 4 > > > > If you mean "Do Not Track", then that would be this: > > > > Tools -> Options -> Advanced -> General -> Tell web sites I do not > > want to be tracked. > > > > http://support.mozilla.com/en-US/questions/767746 > > Note that it doesn't *prevent* anything. Its function is purely > advisory. Compliance depends on the web site admin. > > poc > That is what I wanted but neither the Tools tab on the menu bar not the tools tab on the Community tool Bar have an option called options. This is Firefox 4.0.1 -- === Unix is a Registered Bell of AT&T Trademark Laboratories. -- Donn Seeley === Aaron Konstam telephone: (210) 656-0355 e-mail: akons...@sbcglobal.net -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On Tue, 2011-05-17 at 23:38 +0100, Sam Sharpe wrote: > On 17 May 2011 21:35, Aaron Konstam wrote: > > I read somewhere that Firefox 4 contains a feature that prevents > > websites from grabbing your local information. If that is true could > > some on tell me how to activate this feature in Firefox 4 > > If you mean "Do Not Track", then that would be this: > > Tools -> Options -> Advanced -> General -> Tell web sites I do not > want to be tracked. > > http://support.mozilla.com/en-US/questions/767746 Note that it doesn't *prevent* anything. Its function is purely advisory. Compliance depends on the web site admin. poc -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: security in firefox4
On 17 May 2011 21:35, Aaron Konstam wrote: > I read somewhere that Firefox 4 contains a feature that prevents > websites from grabbing your local information. If that is true could > some on tell me how to activate this feature in Firefox 4 If you mean "Do Not Track", then that would be this: Tools -> Options -> Advanced -> General -> Tell web sites I do not want to be tracked. http://support.mozilla.com/en-US/questions/767746 -- Sam -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
security in firefox4
I read somewhere that Firefox 4 contains a feature that prevents websites from grabbing your local information. If that is true could some on tell me how to activate this feature in Firefox 4 -- === If we could sell our experiences for what they cost us, we would all be millionaires. -- Abigail Van Buren === Aaron Konstam telephone: (210) 656-0355 e-mail: akons...@sbcglobal.net -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines