Shadowbroker

CalvinBackup/Shadowbroker

Fork 0

mirror of https://github.com/BigBodyCobain/Shadowbroker.git synced 2026-05-28 18:11:31 +02:00

Commit Graph

Author	SHA1	Message	Date
Shadowbroker	76750caa92	Round 7a: per-operator outbound attribution + GDELT GCS-direct fix (#292 ) == Per-install operator handle for every third-party API call == Before this PR, every Shadowbroker install identified itself to Wikipedia, Wikidata, Nominatim, GDELT, OpenMHz, Broadcastify, weather.gov, NUFORC, Sentinel/Planetary Computer, TinyGS / CelesTrak, Shodan, Finnhub, and others with a single project-wide User-Agent ("Shadowbroker/1.0" or "ShadowBroker-OSINT/1.0"). From the upstream's perspective every install in the world looked like one giant scraper. If one install misbehaved, the upstream's only recourse was to block "Shadowbroker" as a whole. PR #284 inadvertently doubled down on this in the frontend by introducing a shared `WIKIMEDIA_API_USER_AGENT` constant. This PR retrofits both backends to per-operator attribution. New setting: OPERATOR_HANDLE (env var / settings UI / auto-gen) New helper: network_utils.outbound_user_agent("purpose") The handle is auto-generated as "operator-XXXXXX" on first call (the "shadow-" prefix from earlier drafts was deliberately dropped — too suspicious-looking for abuse-detection systems). Operators can override via OPERATOR_HANDLE; the value is sanitized to lowercase alphanumeric+dash+underscore and capped at 48 chars. Persisted to backend/data/operator_handle.json so it survives container restarts. Retrofitted call sites (every previously-MONSTER User-Agent): - services/region_dossier.py (Wikipedia + Wikidata + Nominatim) - services/geocode.py (Nominatim) - services/sentinel_search.py (Microsoft Planetary Computer) - services/feed_ingester.py (operator-curated RSS feeds) - services/fetchers/earth_observation.py (weather.gov, NUFORC) - services/fetchers/infrastructure.py - services/fetchers/aircraft_database.py - services/fetchers/route_database.py - services/fetchers/trains.py - services/fetchers/meshtastic_map.py - services/shodan_connector.py - services/unusual_whales_connector.py (Finnhub) - services/tinygs_fetcher.py (CelesTrak + TinyGS) - services/sar/sar_products_client.py - services/geopolitics.py (GDELT) - services/radio_intercept.py (Broadcastify + OpenMHz) - routers/cctv.py + main.py (CCTV proxy) - routers/ai_intel.py - scripts/convert_power_plants.py (release-time data refresh) Spoofed browser UAs removed (issues #289 / #290 / #291 — tg12 audit): - cloudscraper-based Chrome impersonation against api.openmhz.com -> replaced with honest requests + per-install UA - Mozilla/5.0 spoofed UA on Broadcastify scrape -> replaced with honest UA - Mozilla/5.0 + fake first-party Referer on OpenMHz audio relay -> replaced with honest UA - cloudscraper dependency dropped from pyproject.toml + uv.lock Frontend retrofit: - new GET /api/settings/operator-handle endpoint (local-operator gated) returns the install's handle - frontend/src/lib/wikimediaClient.ts fetches the handle once on first use, caches it for page lifetime, embeds it in the Api-User-Agent for every Wikipedia / Wikidata browser-direct call == GDELT GCS-direct fix == GDELT's data.gdeltproject.org is a CNAME to a Google Cloud Storage bucket. GCS responds with the wildcard *.storage.googleapis.com cert which legitimately does NOT cover the GDELT custom domain, so Python's TLS verification correctly refuses the connection. Some networks happen to route through a path where this works; many (notably Docker Desktop's outbound NAT on local installs) do not. Verified on the maintainer's local install: GDELT was unreachable; 1610 geopolitical events / 48 export files were dropping silently. Fix: services/geopolitics._gcs_direct_gdelt_url() rewrites any data.gdeltproject.org URL to its GCS-direct equivalent (storage.googleapis.com/data.gdeltproject.org/...) where the standard GCS cert is genuinely valid. api.gdeltproject.org and every other host are left untouched. Confirmed live: backend log goes from GDELT lastupdate failed: 500 to Downloading 48 GDELT export files... Downloaded 48/48 GDELT exports GDELT parsed: 1610 conflict locations from 48 files == Tests == backend/tests/test_per_operator_outbound_attribution.py (12 tests) backend/tests/test_gdelt_gcs_direct_rewrite.py (6 tests) backend/tests/test_region_dossier_wikimedia_ua.py (updated to pin the helper + per-operator handle, not the old constant) frontend/src/__tests__/utils/wikimediaClient.test.ts (rewritten to mock /api/settings/operator-handle and assert per-operator UA) Local: backend 114/114 security+audit+round7a suite green; frontend 718/718 vitest suite green. Credit: tg12 (external security audit, issues #289/#290/#291 relating to spoofed UAs); BigBodyCobain (operator-prefix call, GDELT cloud-vs-local diagnosis).	2026-05-21 15:11:28 -06:00
adust09	b40f9d1fd0	feat: add power plants layer with WRI Global Power Plant Database Map ~35,000 power generation facilities from 164 countries using the WRI Global Power Plant Database (CC BY 4.0). Follows the existing datacenter layer pattern with clustered icon symbols, amber color scheme, and click popups showing fuel type, capacity, and operator. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-03-18 16:56:24 +09:00

Author

SHA1

Message

Date

Shadowbroker

76750caa92

Round 7a: per-operator outbound attribution + GDELT GCS-direct fix (#292 )

== Per-install operator handle for every third-party API call ==

Before this PR, every Shadowbroker install identified itself to
Wikipedia, Wikidata, Nominatim, GDELT, OpenMHz, Broadcastify,
weather.gov, NUFORC, Sentinel/Planetary Computer, TinyGS / CelesTrak,
Shodan, Finnhub, and others with a single project-wide User-Agent
("Shadowbroker/1.0" or "ShadowBroker-OSINT/1.0"). From the upstream's
perspective every install in the world looked like one giant scraper.
If one install misbehaved, the upstream's only recourse was to block
"Shadowbroker" as a whole.

PR #284 inadvertently doubled down on this in the frontend by
introducing a shared `WIKIMEDIA_API_USER_AGENT` constant. This PR
retrofits both backends to per-operator attribution.

  New setting: OPERATOR_HANDLE (env var / settings UI / auto-gen)
  New helper:  network_utils.outbound_user_agent("purpose")

The handle is auto-generated as "operator-XXXXXX" on first call (the
"shadow-" prefix from earlier drafts was deliberately dropped — too
suspicious-looking for abuse-detection systems). Operators can
override via OPERATOR_HANDLE; the value is sanitized to lowercase
alphanumeric+dash+underscore and capped at 48 chars. Persisted to
backend/data/operator_handle.json so it survives container restarts.

Retrofitted call sites (every previously-MONSTER User-Agent):
  - services/region_dossier.py (Wikipedia + Wikidata + Nominatim)
  - services/geocode.py         (Nominatim)
  - services/sentinel_search.py (Microsoft Planetary Computer)
  - services/feed_ingester.py   (operator-curated RSS feeds)
  - services/fetchers/earth_observation.py (weather.gov, NUFORC)
  - services/fetchers/infrastructure.py
  - services/fetchers/aircraft_database.py
  - services/fetchers/route_database.py
  - services/fetchers/trains.py
  - services/fetchers/meshtastic_map.py
  - services/shodan_connector.py
  - services/unusual_whales_connector.py (Finnhub)
  - services/tinygs_fetcher.py            (CelesTrak + TinyGS)
  - services/sar/sar_products_client.py
  - services/geopolitics.py               (GDELT)
  - services/radio_intercept.py           (Broadcastify + OpenMHz)
  - routers/cctv.py + main.py             (CCTV proxy)
  - routers/ai_intel.py
  - scripts/convert_power_plants.py       (release-time data refresh)

Spoofed browser UAs removed (issues #289 / #290 / #291 — tg12 audit):
  - cloudscraper-based Chrome impersonation against api.openmhz.com
    -> replaced with honest requests + per-install UA
  - Mozilla/5.0 spoofed UA on Broadcastify scrape
    -> replaced with honest UA
  - Mozilla/5.0 + fake first-party Referer on OpenMHz audio relay
    -> replaced with honest UA
  - cloudscraper dependency dropped from pyproject.toml + uv.lock

Frontend retrofit:
  - new GET /api/settings/operator-handle endpoint (local-operator
    gated) returns the install's handle
  - frontend/src/lib/wikimediaClient.ts fetches the handle once on
    first use, caches it for page lifetime, embeds it in the
    Api-User-Agent for every Wikipedia / Wikidata browser-direct call

== GDELT GCS-direct fix ==

GDELT's data.gdeltproject.org is a CNAME to a Google Cloud Storage
bucket. GCS responds with the wildcard *.storage.googleapis.com cert
which legitimately does NOT cover the GDELT custom domain, so Python's
TLS verification correctly refuses the connection. Some networks
happen to route through a path where this works; many (notably Docker
Desktop's outbound NAT on local installs) do not. Verified on the
maintainer's local install: GDELT was unreachable; 1610 geopolitical
events / 48 export files were dropping silently.

Fix: services/geopolitics._gcs_direct_gdelt_url() rewrites any
data.gdeltproject.org URL to its GCS-direct equivalent
(storage.googleapis.com/data.gdeltproject.org/...) where the standard
GCS cert is genuinely valid. api.gdeltproject.org and every other host
are left untouched.

Confirmed live: backend log goes from
  GDELT lastupdate failed: 500
to
  Downloading 48 GDELT export files...
  Downloaded 48/48 GDELT exports
  GDELT parsed: 1610 conflict locations from 48 files

== Tests ==

  backend/tests/test_per_operator_outbound_attribution.py (12 tests)
  backend/tests/test_gdelt_gcs_direct_rewrite.py          (6 tests)
  backend/tests/test_region_dossier_wikimedia_ua.py       (updated to
    pin the helper + per-operator handle, not the old constant)
  frontend/src/__tests__/utils/wikimediaClient.test.ts    (rewritten
    to mock /api/settings/operator-handle and assert per-operator UA)

Local: backend 114/114 security+audit+round7a suite green;
       frontend 718/718 vitest suite green.

Credit: tg12 (external security audit, issues #289/#290/#291
relating to spoofed UAs); BigBodyCobain (operator-prefix call,
GDELT cloud-vs-local diagnosis).

2026-05-21 15:11:28 -06:00

adust09

b40f9d1fd0

feat: add power plants layer with WRI Global Power Plant Database

Map ~35,000 power generation facilities from 164 countries using the
WRI Global Power Plant Database (CC BY 4.0). Follows the existing
datacenter layer pattern with clustered icon symbols, amber color
scheme, and click popups showing fuel type, capacity, and operator.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-03-18 16:56:24 +09:00

2 Commits