<Back to writings <Back to index

BE the privacy guide

About half a decade ago I was introduced to Spyware Watchdog, a neat website that, as the name implies, is a watchdog for spyware. Any program with unsolicited requests (typically requests the program makes behind your back that you didn't specifically ask for) would be reported and the writer would demonstrate their findings. As many probably know by now, this website is no longer maintained. Spyware Watchdog has served its purpose, and most updates at this point would probably boil down to "Oh look! Obvious spyware more obvious! 'O'". However, I've noticed that despite the long abscence, their codeberg (git) page actually has surprisingly recent issues submitted. There is still demand for the watchdog to return.

Hmm...is it just me, or are we forgetting something here? Oh yeah, lifting the veil! Digdeeper, one of the people who helped maintain spyware watchdog, actually made a writeup that basically just tells you how to be your own spyware watchdog. Sure it does take some getting used to since you actually have to know what you're doing and you can't just rely on trusting a guide on the internet, but that is percisely what's so great about lifting the veil. It's a win win situation, you become independent from guides, and people no longer have to fool with maintaining them for however long. Besides, many privacy guides on the internet are fake anyways, but even the ones that are not either die or live long enough to become the villain anyways, so why fool with them?

The way I see it, some people still haven't gotten the memo yet. It's the people who are probably too smart to fall for the meme that spyware in software is somehow a conspiracy theory (even though if they scanned network traffic for a second in their lives they'd be proven wrong rather quickly), but not smart enough to simply not rely on some rando on the internet to constantly maintain a laundry list of spyware findings in software (and even add on top of that, just adding more work than a small community can handle).

At least you could argue with spyware watchdog it's nice people want it back since it was an actually honest effort unlike most privacy guides out there. That being said, not even spyware watchdog is perfect. Some people were unhappy with it not having a greater scope at times (like not really covering systemd or making a 'FingerprintWatchdog' remark instead of going into further detail on why your fingerprint matters in Tor Browser). I think it was still a good resource, and is still a pretty decent one even now since a lot of software don't seem to change their ways. Well, that means the reports have aged well, but the same probably can't quite be said for the mitigation guides.

So...that's where you come in. Be your own mitigation guide. I would first recommend reading digdeeper's Lifting the Veil, but if you want something that's easier to use than mitmproxy or wireshark, you can also try opensnitch, which is a gui program that weeds out the glowies for you. That being said, you should still at least use mitmproxy since opensnitch won't find them all and isn't perfect since just werks software like that doesn't tend to have that fine level of control you get with something like mitmproxy and especially wireshark, although wireshark is quite verbose, would not recommend it for noobs.

Ofc you can use whatever you want to scan network traffic. I'd recommend sticking to FOSS tools since, well, you wouldn't want the very tool you use to scan spyware to also be spyware (lol). Typically it won't be, but it's always good to check just to be sure, whether it be checking the tool with another (leaner/more tested) tool or checking the source code and makefiles directly.

Now before I wrap up this writeup, I'm going to address a question I have a good feeling I'm going to get eventually. "But how can I trust digdeeper to know he's giving me the right tools? Lifting the Veil is still a guide on the internet after all." Typically when someone makes a guide that gives you the tools to be independent rather than make you be dependent on them, it's simply a better guide that is made to age better and not require constant maintainership. It releases most of the burden of having to trust the writer just like that. Also, the tools digdeeper covered are well known for doing what their actually set out to do and nothing more. Of course, some will still have doubt, and all I have to say to that is; see for yourself! Try the tools first before you critique them. Try your own tools if you happen to already be familiar with some network traffic analysis. It's okay to do things you're way, there's dozens of ways you can scan network traffic and check for spyware, so just use the tools that work best for you and can find what you're looking for. (just make sure the tools themselves are not spyware) (you can also try them in a virtual machine or seperate computer or something like that if you're that worried about it but don't want to go through the source code)