Defender

Rating: 
4.95238
Your rating: None Average: 5 (21 votes)

Defender - a privacy guard for SailfishOS.

As an alternative/replacement to the Hosts Adblock, Defender uses the /etc/hosts approach  - a proven way of blocking ads, banners, 3rd party cookies, 3rd party page counters etc. by adding blocking rules to the /etc/hosts system file. Bundled with a simple cookie manager, it allows to choose from multiple sources, either from a safe GUI (which does not require root access), or by editing the configuration files.

 

Features

  • Blocker entry sanitization - all entries from remote sources are sanitized in a way that should minimize the risk of their compromisation (all entries point to 0.0.0.0).
  • Add more sources by editing the /etc/defender.conf file.
  • Whitelist capability - add favorite hosts to whitelist by editing the /etc/defender.conf Settings section (separate by commas)
  • Graphical interface to choose hosts sources
  • Option to update only if the device is connected to WLAN - to minimize data costs
  • Your own rules are preserved and you can still edit them and add new ones by editing /etc/hosts.editable file. Mind that for your changes to come to effect, you need to choose Update in the app itself.
  • Ability to easily disable the functionality without removing the app.
  • Simple Cookie Manager with ability to specify blacklist/whitelist of cookies to delete and to lock the cookies altogether.
  • Source code available here

Why the mixed .config + GUI approach?

This allows to easily enable and disable different sources, while still keeping your system in non-root environment.

TODO

  • Better documentation
  • More stats and logging
  • Easier command line interface
  • Cleaner code (the current one is atrocious)
  • Automated cookie removal and/or blocking
  • Split /etc/defender.conf and default sources, so the config doesn't get flushed on update

Attribution

This app uses a modified version of the python-hosts library.

Sources of ad/spyware blocking rules and their websites are to be found in the application itself. Do not forget to thank/donate to their creators.

Warning

Mind that the app is still in an early version, so use with caution, as damage may occur. You have been warned. Please let me know if you experience any problems.

Data costs may apply, so check the WLAN only option to be safe from the data cost from your provider. Updating may take a long time, depending on the size of the sources.

Also, it is unlikely that the third party sources available in the app may compromise your device, but it may happen (that is why none are enabled by default). Enable only sources you trust - I am not responsible for their contents.

 

If you like this app, please consider a small donation:

Donate in EUR

Donate in USD

Screenshots: 
Application versions: 
AttachmentSizeDate
File harbour-defender-0.1-2.armv7hl.rpm82.54 KB01/02/2017 - 01:38
File harbour-defender-0.1-2.i486.rpm82.56 KB01/02/2017 - 01:38
File harbour-defender-0.2-1.i486.rpm82.61 KB01/02/2017 - 01:49
File harbour-defender-0.2-1.armv7hl.rpm82.55 KB01/02/2017 - 01:49
File harbour-defender-0.3-1.armv7hl.rpm73.08 KB02/02/2017 - 01:23
File harbour-defender-0.3-1.i486.rpm73.06 KB02/02/2017 - 01:23
File harbour-defender-0.4.0-1.i486.rpm73.41 KB03/02/2017 - 01:45
File harbour-defender-0.4.0-1.armv7hl.rpm73.4 KB03/02/2017 - 01:45
Changelog: 

0.4

  • Fix for devices without AlienDalvik
  • The ability to have different .editable files for native hosts and AlienDalvik hosts is brought back
  • Different formats of source files now supported (the support for list of addresses to block in a text file was added

 

0.3

  • Important fixes to packacking. Update to get the app working.
  • Landscape mode improvements

 

0.2

  • Fixes

0.1

  • Initial version

Comments

peterleinchen's picture

This package (0.4.0) is now obsoleted, and blacklisted by Jolla.

For all devices without encryption (as well as the tablet) you might still use it but you would need to install as DrYak said.

For all Xperia devices (and of course Jolla 1/C) it is now easier to go to

https://openrepos.net/content/peterleinchen/defender-nodevel-updated-enc...

 

Xperia devices

pvcn's picture

Same on xperia x compact

DrDweeb's picture

Does not install on 3.4.0.22. Just says installing ...

DrYak's picture

Jolla have blacklisted it in patterns-sailfish-app-blacklist
 

trial's picture

How could I bypass that? Download a text edit with sudo rights and just find it and remove it?

DrYak's picture

Currently, it seems that harbour-defender will break:

To ignore blacklisting (at your own risk):

rpm -i --nodeps https://openrepos.net/sites/default/files/packages/1033/harbour-defender-0.4.0-1.armv7hl.rpm

If that breaks your phone (cannot reboot anymore), you'll need to:

  • boot into recovery
  • chroot into the smartphone
  • rpm -e harbour-defender

do not install yet if you don't feel like doing the above steps in an emergency

trial's picture

I do confirm that on Xperia X.

olf's picture

@nodevel, the link to the source code (last bullet point under Features in Defender's description here at OpenRepos) is incorrect: https://gitlab.com/nodevel/harbour-defender instead of https://github.com/nodevel/harbour-defender/
You might want to rectify that.

rossholmes's picture

Is there any issue with this app on other devices expect the Xperia10+? I use Xiaomi Redmi 5+ with SOS 3.2.0.14

Pat's picture

Great application when I was using it on Xperia X.

However, on Xperia 10+, I had several boot issues that I ended up discovering related to Defender. As soon as I install it, the boot does not succeed! It does not go to the pin code that goes with encryption and it stays on a black screen with white led forever. As a noob, I cannot explain exactly why though!

dirksche's picture

Seems to break system on Xperia 10 with 3.2.0.14. See https://together.jolla.com/question/217403/defender-app-stops-xperia-10-...

csg1976's picture

The ZEuS tracker from abuse.ch is discontinued as of July 8th 2019.

timeral's picture

Always loading...

Historyscholar's picture

Can you update  your  application ?bulid  with 3.0 SDK?

objectifnul's picture

Hello,

I'm running Mouhinjoki 2.2.0.29 on an Xperia X. I noticed my hosts file was not updated for months, so I restored /etc/hosts and /system/etc/hosts to their defaults, not forgetting the final emtpy line.

The hosts update process in Defender is still endless, and my hosts files are still not updated.

Anything else I should do to fix this?

----

EDIT: things are back to normal after uninstall, delete all Defender configuration files and reinstall. However, this brute method does not allow me to know why it was broken. Also, Defender seems to not obey the hosts.allow directives.

olf's picture

Manually updating works.

Hence there is no need to un- & reinstall Defender.

Sthocs's picture

Great app! Makes /etc/hosts accessible to almost anybody :)
By the way, could you explain here or in the description how it can replace the /etc/hosts file without being root?
Thanks!

olf's picture

Hey nodevel,

your shell script Hosts Adblock made automatically updated hosts file based blocking on SFOS usable, as it was a great enhancement over noADShosts.
But Defender is just awesome. Wow, cool, fully GUI based for John Does and still with all the manually configurable functionality for expert users Hosts Adblock provides. That split is just right, both technically and in terms of usability, IMO.

Some minor flaws and enhancements, I thought of while configuring and using Defender 0.4.0 on SFOS 2.0.5.6:

a. Unconfigured (i.e. initially) and after deselecting all blocking lists (with a subsequent triggering of "Update") Defender states for "Adblock lists": "Blocked 2, Lists 0/25"
This is a bit irritating, as the two entries mentioned as "Blocked" are just the default (localhost) entries and not blocking entries. Maybe subtracting the number of lines of the /etc/hosts.editable file which do not end in 0.0.0.0 from the ones of /etc/hosts yields a better user experience (or my line of thought is too simplistic).

b. The (temporary) "Disable" pulley function in the "Adblock lists" submenu does display a remorse timer with "Preparing", but nothing is done (looking at the hosts files) except for displaying an empty list of hosts blocking lists thereafter. When returning to Defender's top menu, it still (correctly) states the number of blocking entries and blocking lists, going back into "Adblock lists" still (and incorrectly) an empty list is shown (one can go back and forth multiple times, the contradicting information presented persists). It takes a restart of Defender to make the "Adblock lists" submenu reflect reality, again. This was primarily tested with the "Unified basic" (i.e. a single) list.

c. It would be nice to have the blocking list(s) refresh interval configurable in n days (but not hours, as likely some people abuse that to pull blocking lists insanely often).

Getting carried away (daydreaming about a Defender 2.0) ...

d. The ability to provide an exclude list for an blocking list entry. When a blocking list entry is selected in the "Adblock lists" submenu, that would prevent the selection of the entries on its exclude list (maybe plus "graying them out" visually). So putting all the blocking lists integrated into a cumulative list (e.g. one of the various "Unified" lists) on its exclude list as well as other overlapping cumulative lists, would prevent one from selecting and downloading the same entries multiple times on each and every blocking lists update (e.g. by selecting them all, which is currently possible).
NB: In a shell script, I would immediately think of an unique and fixed number for each blocking list entry, but in Python unique (and clearly defined) names / identifiers plus various ways of possible programming magic come to my mind. But again (as I am not a Python programmer), that is likely easier imagined than implemented.

e. Retry failed downloads, if ...

  • ... the device was off, when the download was scheduled.
  • ... the device was on, when the download was scheduled, but no (or deselected, i.e. 2/3/4G when "WLAN only" is set) network was available.
  • ... a download started, but failed.
  • NB: To implement the last point per downloaded file may be overkill, per scheduled download should suit most people well.

    Spontaneous thoughts on implementing:

  • When started (both, by cron or interactively) and e.g. /var/tmp/defender-dwnld.next (or in /var/cache/ , dunno what is more appropriate) does not exist (and at least one blocking list is enabled) write a timestamp of the current time plus 50 Minutes into that file.
  • When the timestamp file does exist and its content (i.e. the timestamp) is in the past, start downloading. If it is not in the past, do nothing.
  • After a successful download of all subscribed blocking lists, add the refresh interval to the current time and write it into the timestamp file.
  • Get woken up by cron every hour in order to check the timestamp file (as depicted in the preceding bullet points).
  • No matter how much of this daydreaming ever becomes true, you are doing a great job: Thanks a lot!

    olf's picture

    Ah, WRT e.: defender-refresh.next looks and sounds better.

    DarkTuring's picture

    Cookie locking improvement idea: when locking the cookie list i cannot delete all blacklisted cookies;

    Allow deletion of blacklisted cookies even with cookie list locked, prevent deletion of whitelisted cookies with locked cookie list.

    abis866p's picture

    Hi, I still cannot use this application. I am on 2.0.5.6 with the Defender version 0.4. The application is stuck in updating phase. In my case, I have previously and manually compiled a host file from the one provided by Hostman on window. I have uploaded that file on my phone and then replaced the /etc/host one. I also replaced the one for android, but I forgot the path for it. Maybe it is a permission issue although I have allowed write permissions to both group and others on /etc/hosts file. I have aliendalvik installed. Any suggestions?

    olf's picture

    Defender 0.4.0 runs nicely on my Jolla 1 under SFOS 2.0.5.6
    Sounds as if you screwed up your hosts files by *replacing* them with ones from Microsoft Windows.
    Suggestion: Overwrite the two hosts files from Windows with the original ones, which you surley backed up before replacing them.
    Just in case you did not:
    - /etc/hosts
    127.0.0.1 localhost.localdomain localhost
    ::1 localhost6.localdomain6 localhost6

    - /system/etc/hosts
    127.0.0.1 localhost

    Mind the empty line at the end of both hosts files.
    Access rights and ownerships for both are: -rw-r--r-- root root
    The /opt/alien/etc/hosts reflects the /etc/hosts file, IIRC.

    abis866p's picture

    Thanks, I have done what you have suggested. I can see now that /etc/hosts was updated by Defender which is cool. But /system/etc/hosts did not change, it still has the single line that you suggested to have. Is this working as it is supposed to?

    abis866p's picture

    The other file that Ihave replaced is /opt/alien/etc/hosts

    DarkTuring's picture

    Bug: the cookie list get overwritten after a while, say i whitelisted domain www.ello.co then after a couple days and regardless of wetger having accesses www.ello.co again i check on the cookie list and its red instead of green assuming that means its been added to the blocked list in the background.

     

     

    I believe there might be a bug that causes cookie settings to be overwritten (my cookie list is not locked).

    nodevel's picture

    Thanks for the feedback. Yes, I will have to rethink the cookie manager part... It looks like it is indeed overwritten. I have a couple of ideas how to solve it and hope to get to it this weekend.

    DarkTuring's picture

    great i look forward to the update, right now i lock it as soon as i can to prevent overwriting or changes to cookie assignments.

    bomo's picture

    I experienced something similar: just installed defender and checked the cookies ans saw that a site (random?) was added.to the whitelist.

    giskard's picture

    How about adding an enable/disable toggle on the cover? It could be useful if you want to check if a particular website doesn't load correctly because of the filters, without opening the full application.

    DarkTuring's picture

    @nodevel For the cookie manager a nice UI touch and improvement would be to index domains by say first letter so facebook would be in the F index and allow expanding and collapsing of cookie content within each domain, that simply will reduce length of scroll list for long cookie lists.

    Within cookie list screen allow ability to sort, non categorized cookies first, new cookies first, Whitelisted or Blocked cookies first (these alphabetical)

    Pages