Privacy Policy
![[avatar]](/pictures/favicon.png)
Blender Dumbass👁 86
https://blenderdumbass.org/about : 👁 3
This is an overview of the privacy policy of blenderdumbass . org which is based on the BDServer software. The main maintainer of the software is @blenderdumbass , the admin of this website.
Website Structure
The website is hosted by @blenderdumbass on his personally controlled server hardware. From there it is accessible to the rest of the internet using the tor network. And is available on a tor-onion address:
ttauyzmy4kbm5yxpujpnahy7uxwnb32hh3dja7uda64vefpkomf3s4yd.onion
This is the most direct and the most secure way to connect to this website.
Alternatively @Madiator2011 is hosting an Nginx proxy, which is connected over tor to the server of @blenderdumbass. And exposes the connection from the tor-service to the regular internet on the address:
blenderdumbass.org
If you are connected to blenderdumbass.org instead of the tor-service directly, you are connecting through one additional point of failure. Which is, you have to trust not only @blenderdumbass but also @Madiator2011 . If you want to avoid this point of failure, you can connect to the tor-service directly using Tor Browser.
IP Address
Connecting to blenderdumbass.org on a normal internet will make @Madiator2011 be able to see your IP address. But this information is not received by @blenderdumbass and not stored on the server of the website.
Connecting to the tor-service directly will make it so nobody can see your IP Address.
User Agent
The server also stores the web-browser / operating system information called User-Agent visible in the header sent by your browser.
For simple logs normal User-Agents will be truncated into a shorter form. So instead of:
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0
It will only store:
[ Firefox | Windows ]
For strange browsers and or operating systems, or when a bot is accessing a website, it might store the full user agent.
If you don't want me to know your operating system and browser configuration you can use some sort of User-Agent spoofer.
Cookies
This website generates a temporary cookie for each user that loads any webpage on the site. This cookie is used for logins primarily. But also used to verify page counts ( so refreshing the page will not result in counting 2 views from the same person ) and to protect emails ( and other contact info ) from being scraped by bots.
Some features might not work if cookies are disabled, such as trying to comment will probably result in "Access Denied" message, since the cookie is used to guess whether you are a person or a bot.
Restarting the browser should make the browser forget about the cookie, giving you a fresh one. Which prevents me from knowing that you have visited the website twice.
This cookie is not shared with third-parties. But if you are connecting to blenderdumbass.org, the cookie could potentially be visible to @Madiator2011 .
Accounts
If you are logged in to your account, the server knows that it is you that is requesting pages.
The passwords for accounts are stored as SHA-512 hashes on the server.
Every account is publicly visible. Contact information is protected from bots by using server-side guessing into whether the connection is done by a bot or by a human. But any real human can see the contact information you add in your account settings. ( Example: @blenderdumbass )
All of your posts and comments are publicly visible too.
JavaScript
As of now, the website is using zero lines of JavaScript code. Some publications might have embeds from PeerTube or other websites, who might send JavaScript. But for the most part if you disable JavaScript everything should function properly.
In the Tor Browser, the NoScript feature might also block some media embeds, like videos and sounds. Which aren't JavaScript.
![[thumbnail]](https://upload.wikimedia.org/wikipedia/en/9/9f/Moulin_rouge_poster.jpg)
![[thumbnail]](/pictures/thumbs/danibox.png)