cyberMonk
/
liberethos_paradigm
2
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

moved SQL into a separate file

This commit is contained in:
cyberMonk 2021-02-17 16:13:24 -05:00
parent dba893feec
commit 6e18cc6dea
5 changed files with 699 additions and 396 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

222
input_data/financial_institutions.sql Normal file
View File

@ -0,0 +1,222 @@
create table if not exists fiTbl (name text primary key not null,
url text,
parent text,
fi_kind text check(fi_kind in ('bank', 'brokerage', 'CU', 'payment processor', 'insurer')) not null default 'brokerage',
lst_kind text check(lst_kind in ('black', 'gray', 'white')) not null default 'white',
hrecaptcha text check(hrecaptcha in ('unavoidable', 'non-essential tasks', 'never')) not null default 'never',
cflogin boolean not null default 0,
antitor boolean not null default 0,
alec boolean not null default 0,
forced_nfsw boolean not null default 0,
foxnews boolean not null default 0,
aws boolean not null default 0,
cispa boolean not null default 0,
dt boolean not null default 0,
notes text);
/* meanings:
fiTbl <= table of financial institutions
parent <= name of parent company
fi_kind <= kind of financial institution
hrecaptcha <= If the FI pushes an hCAPTCHA or Google reCAPTCHA, we track whether it's forced on customers in all situations,
or if it's only used for things like submission of a non-essential form. We don't care about other kinds of CAPTCHAs.
cflogin <= If the transactional (login) host for a service uses CloudFlare (tor-hostile or not), this boolean is true.
If only non-transactional pages use CF then this boolean is false, but we note it in the notes.
antitor <= If a non-CF site blocks or impedes Tor users (often by 403 error) then this boolean is true.
This is still false for Tor-hostile CF blockades because we capture that with cflogin & hrecaptcha attributes.
alec <= True if the FI is a /current/ ALEC member. We're not vindictive toward former members.
forced_nfsw <= Forced use of non-free software. All FIs distribute non-free software, but we set this to true if there is no means of access with free software.
foxnews <= True if the FI sponsored Fox News, which promotes right-wing extremism.
aws <= True if the FI's transactional site is hosted by Amazon AWS, thus promoting an evil corp while exposing sensitive data to it.
cispa <= True if the FI lobbied in favor of the CISPA act.
dt <= True if the FI forces staff to take drug tests.
*/
/* BEGIN BROKERAGES */
/* insert into fiTbl (name,notes) values ("Evertrade","Where's the website? Sold to TIAA-CREF?");*/
insert into fiTbl (name,url,antitor,cispa,notes) values ('Ally','http://www.ally.com/',1,1,'whole site is Tor-hostile (403 error)');
insert into fiTbl (name,url,cflogin,aws,notes) values ('Axos Invest','https://www.axosinvest.com',1,1,
'Axos Bank is jailed in CloudFlare and Axos Invest will be soon. Investors who get blocked by that will have to pay $5/month for paper statements.');
insert into fiTbl (name,url,hrecaptcha,notes) values ('Betterment','https://www.betterment.com','unavoidable',
'Imposes hCAPTCHA just to read the landing page. They censor posts in their Reddit sub that complains about this instead of offering support.');
insert into fiTbl (name,url,cispa,notes) values ('E*Trade','https://us.etrade.com',1,
'covers: Canada, France, Germany, Hong Kong, Japan, United Kingdom, and United States; funding bonus ($5k=>$50; $10k=>$100; $20k=>$150)');
insert into fiTbl (name,url,cflogin,aws) values ('Ellevest','https://www.ellevest.com',1,1);
insert into fiTbl (name,url,cflogin) values ('Euro Pacific Capital','https://europacbank.com',1);
insert into fiTbl (name,url,forced_nfsw,notes) values ('FUTU','fututrade.com',1,
'support.fututrade.com is CloudFlared; no web app; mobile app is GPS-iOS-only; desktop is Mac/Windows only');
insert into fiTbl (name,url,alec,antitor,foxnews,cispa,dt,notes) values
('Fidelity','https://www.fidelity.com',1,1,1,1,1,
'akamai hosted; takes voiceprints of customers without express consent; Landing page is Tor-friendly but transactional site is Tor-hostile');
insert into fiTbl (name,url,notes) values ('Finhabits','https://www.finhabits.com',
'[B corp](https://bcorporation.net/directory/finhabits); Hosted on Google Cloud; outsources to Apex; uses Equifax for address verification; sends spam');
insert into fiTbl (name,url,antitor,notes) values ('Firstrade','https://firstrade.com',1,'whole site is Tor-hostile (468 error)');
insert into fiTbl (name,url,hrecaptcha,aws) values ('Fundrise','https://fundrise.com','unavoidable',1);
insert into fiTbl (name,url,forced_nfsw,notes) values ('Gatsby','trygatsby.com',1,'no web app; no desktop app; mobile app is GPS-iOS-only');
insert into fiTbl (name,url,notes) values ('Greenvest','https://greenvest.com','RIRA; min. investment to avoid fees: $100k; [B corp](https://bcorporation.net/directory/greenvest)');
insert into fiTbl (name,url,antitor,notes) values ('IEX','https://iextrading.com/trading',1,'an alternative to conventional stock markets; **Google-Cloud hosted**');
insert into fiTbl (name,url,notes) values ('InteractiveBrokers','https://interactivebrokers.com',
'min. investment to avoid fees: $100k per account; has an "impact" feature to analyze the portfolio''s ESG factors w.r.t. the user''s ethical views;'||
' covers Australia, Belgium, Canada, France, Germany, Hong Kong, Italy, Japan, Mexico, Netherlands, Singapore, South Korea, Spain, Sweden, Switzerland,'||
' United Kingdom, and United States; website is **partially Tor-hostile** but the site can be avoided for most operations after sign-up');
insert into fiTbl (name,url,aws,notes) values ('Janus Henderson','https://www.janushenderson.com',1,
'transactional web host (www.secureaccountview.com) is not AWS, but it is Tor-hostile; working offline and receiving gratis paper statements is possible.');
insert into fiTbl (name,url,cflogin) values ('Lightspeed','https://www.lightspeed.com',1);
insert into fiTbl (name,url,cflogin,notes) values ('M1 Finance','https://www.m1finance.com',1,
'They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare.');
insert into fiTbl (name,url,parent,dt,notes) values ('Merrill Edge','https://www.merrilledge.com/','Bank of America',1,
'Owned by one of the [most evil](us_banks.md) banks in the world (Bank of America)');
insert into fiTbl (name,url,aws,notes) values ('nvstr','https://www.nvstr.com',1,
'maintenance fee: $4/month; promos: $15-150 for funding, random bonus awards, referral bonuses');
insert into fiTbl (name,url,alec,aws,cispa,dt) values ('Prudential','https://www.prudential.com',1,1,1,1);
insert into fiTbl (name,url,notes) values ('Rich Uncles','https://richuncles.com',
'Real estate investing only; verification requires giving them a phone number that you answer (voicemail is not accepted)');
insert into fiTbl (name,url,aws,notes) values ('Robinhood','https://robinhood.com/us/en/',1,
'[Fined $65M](https://nypost.com/2020/12/17/sec-slaps-robinhood-app-with-65m-fine-for-misleading-users) for misleading users;'||
' They may have used CloudFlare in the past but apparently that changed');
insert into fiTbl (name,url,cflogin) values ('Siebert','https://www.siebert.com',1);
insert into fiTbl (name,url,cflogin,notes) values ('SoFi','https://sofi.com/',1,
'They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare;'||
' also [caught](https://www.ftc.gov/news-events/press-releases/2018/10/online-student-loan-refinance-company-sofi-settles-ftc-charges)'||
' in a deceptive advertizing scandal.');
insert into fiTbl (name,url,cflogin) values ('Sogotrade','https://sogotrade.com',1);
insert into fiTbl (name,url,aws,notes) values ('Stash','https://stash.com',1, 'no mutual funds; no options; no crypto; maintenance fee: $1/month');
insert into fiTbl (name,url,cflogin) values ('Stockpile','https://www.stockpile.com',1);
insert into fiTbl (name,url,aws,notes) values ('tastyworks','https://tastyworks.com',1,
'TIRA; RIRA; no forex; no crypto; no non-US stocks; open/close fee= $0/0; commission=$5/stock trade (closing trades gratis), $1/option trade;'||
' promo: funding (100 shares [$1-6ea, avg:$200-220]), referral=$75');
insert into fiTbl (name,url,lst_kind,notes) values ('TD Ameritrade','https://www.tdameritrade.com','black',
'Majority owned by Charles Schwab, a firm that [supports](us_banks.md) republicans, CISPA, drug tests their staff, and treats Tor users with hostility'||
' (but note that TDA functions over Tor). Schwab outsources banking operations to PNC bank, which is [quite evil](us_banks.md);'||
' [Uses MS Github to host s/w](https://github.com/TDAmeritrade/stumpy)');
insert into fiTbl (name,url,antitor,notes) values ('TIAA-CREF','https://tiaa-cref.org',1,'Whole site is Tor-hostile; uses Ally Bank for banking');
insert into fiTbl (name,url,aws,notes) values ('TradeStation','https://www.tradestation.com',1,
'crypto; min. invest=$500 ($2k for bonus); open/close fee= $0/0; commission=$0.50/option trade; commission=$0-5/stock trade');
insert into fiTbl (name,url,cflogin) values ('Tradingblock','https://tradingblock.com',1);
insert into fiTbl (name,url,dt) values ('Vanguard','https://investor.vanguard.com',1);
insert into fiTbl (name,url,hrecaptcha,notes) values ('Wealthfront','https://www.wealthfront.com','unavoidable',
'Registration imposes Google reCAPTCHA;'||
' [caught](https://www.jpost.com/Breaking-News/US-regulator-sanctions-robo-advisers-Wealthfront-Hedgeable-on-false-disclosures-575044)'||
' making false disclosures and [charged](https://www.eastbaytimes.com/2018/12/21/bay-area-robo-adviser-firm-wealthfront-charged-by-sec-with-false-advertising)'||
' for false advertising.');
insert into fiTbl (name,url,cflogin) values ('Wealthsimple','https://wealthsimple.com',1);
insert into fiTbl (name,url,aws,notes) values ('Webull','https://www.webull.com',1,'TIRA; RIRA; crypto; no forex');
insert into fiTbl (name,url,parent,cispa,dt,notes) values ('Wellstrade','https://wellstrade','Wells Fargo',1,1,'Owned by Wells Fargo, an [evil](us_banks.md) bank.');
insert into fiTbl (name,url,cflogin) values ('Zackstrade','https://zackstrade.com',1);
/* END BROKERAGES */
/* BEGIN INSURERS */
insert into fiTbl (fi_kind,name,url,parent) values ('insurer','21st Century','https://www.21st.com','Farmers');
insert into fiTbl (fi_kind,name,url,alec,foxnews,dt,notes) values ('insurer','Aflac','https://www.aflac.com',1,1,1,'transactional site is **Google Cloud-hosted**');
insert into fiTbl (fi_kind,name,url,cispa,dt,aws) values ('insurer','Allianz','https://allianz.com',1,1,1);
insert into fiTbl (fi_kind,name,url,parent,cispa,dt,aws,antitor) values ('insurer','Allied','https://www.alliedinsurance.com','Nationwide',1,1,1,1);
insert into fiTbl (fi_kind,name,url,cispa,dt,antitor,foxnews,notes) values ('insurer','Allstate','https://www.allstate.com',1,1,1,1,
'akamai hosted; [accused](https://www.consumerreports.org/car-insurance/allstate-car-insurance-pricing-michigan-regulators-raise-objections)'||
' by Michigan regulators of profiling customers unlikely to shop out insurance to charge them more, and accused in Texas of having a "suckers list";'||
' [uses "personalized pricing" in 10 states](https://www.consumerreports.org/car-insurance/why-you-may-be-paying-too-much-for-your-car-insurance).');
insert into fiTbl (fi_kind,name,url) values ('insurer','American Family Insurance','https://www.amfam.com');
insert into fiTbl (fi_kind,name,url,hrecaptcha,cflogin,notes) values ('insurer','American Modern','https://www.amig.com','unavoidable',1,
'**Google Cloud-hosted** landing page, which is CloudFlare-free but the transactional host my.doculivery.com is CFd');
insert into fiTbl (fi_kind,name,url,cispa,dt,notes) values ('insurer','Ameriprise Financial','https://www.ameriprise.com',1,1,'akamai hosted');
insert into fiTbl (fi_kind,name,url,antitor) values ('insurer','Amica','https://www.amica.com',1);
insert into fiTbl (fi_kind,name,parent,notes) values ('insurer','American Strategic Insurance (ASI)','Progressive',
'no website, only an access-restricted MS LinkedIn page');
insert into fiTbl (fi_kind,name,url,dt,notes) values ('insurer','Berkshire Hathaway','https://berkshirehathaway.com',1,
'Berkshire Hathaway is not directly an ALEC member, but BH wholly owns ALEC members (e.g. Geico and Fruit of the Loom)');
insert into fiTbl (fi_kind,name,url,hrecaptcha,cflogin,cispa) values ('insurer','Brown & Brown Insurance','https://bbinsurance.com','unavoidable',1,1);
insert into fiTbl (fi_kind,name,url,notes) values ('insurer','CUNA Mutual','https://www.cunamutual.com','Feeds LMG through TruStage.');
insert into fiTbl (fi_kind,name,url) values ('insurer','Erie','https://www.erieinsurance.com');
insert into fiTbl (fi_kind,name,url,parent,foxnews,notes) values ('insurer','Esurance','https://www.esurance.com','Allstate',1,'akamai hosted');
insert into fiTbl (fi_kind,name,url,alec,dt,notes) values ('insurer','Farmers','https://www.farmers.com',1,1,'akamai hosted');
insert into fiTbl (fi_kind,name,url,parent,dt) values ('insurer','First American Insurance Agency','https://www.faiagency.com','Liberty Mutual',1);
insert into fiTbl (fi_kind,name,url,parent,dt) values ('insurer','Foremost','http://www.foremost.com','Farmers',1);
insert into fiTbl (fi_kind,name,url,parent,alec,foxnews,dt,notes) values ('insurer','Geico','https://www.geico.com','Berkshire Hathaway',1,1,1,
'akamai hosted but transactional site ecams.geico.com is not.');
insert into fiTbl (fi_kind,name,url,parent,notes) values ('insurer','Gen Re','https://www.genre.com','Berkshire Hathaway',
'akamai hosted, but transactional site www.genre-connect.com is not. The documentation ("Knowledge" link) is CloudFlared.');
insert into fiTbl (fi_kind,name,url,dt,notes) values ('insurer','National General','https://www.nationalgeneral.com',1,'formerly GMAC');
insert into fiTbl (fi_kind,name,url,dt) values ('insurer','Grange Mutual','https://www.grangeinsurance.com',1);
insert into fiTbl (fi_kind,name,url,parent) values ('insurer','Harleysville Group','https://www.harleysvillegroup.com','Nationwide');
insert into fiTbl (fi_kind,name,url,antitor,cispa,dt,notes) values ('insurer','Hartford','https://www.thehartford.com',1,1,1,'akamai hosted');
insert into fiTbl (fi_kind,name,url,notes) values ('insurer','Homesite Insurance Group (aka Midvale Home & Auto)','https://go.midvaleinsurance.com',
'affiliated with American Family Insurance; landing page is Fastly-hosted; quoting page is AWS-hosted & Tor-hostile; login page has no issues');
insert into fiTbl (fi_kind,name,dt,notes) values ('insurer','Horace Mann',1,'no website, only an access-restricted Facebook page');
insert into fiTbl (fi_kind,name,url,antitor,dt) values ('insurer','Infinity','https://infinityauto.com',1,1);
insert into fiTbl (fi_kind,name,url,antitor,alec,notes) values ('insurer','Lexington','https://www.lexingtoninsurance.com',1,1,
'landing page allows Tor access but all links therein refuse Tor; AIG partner');
insert into fiTbl (fi_kind,name,url,antitor,alec,foxnews,cispa,notes) values ('insurer','Liberty Mutual','https://www.libertymutual.com',1,1,1,1,'akamai hosted');
insert into fiTbl (fi_kind,name,url,parent,antitor,notes) values ('insurer','Main Street America Insurance','https://msainsurance.com','American Family Insurance',1,
'Landing page allows Tor but the transactional host does not');
insert into fiTbl (fi_kind,name,url,antitor,dt) values ('insurer','Mercury','https://www.mercuryinsurance.com',1,1);
insert into fiTbl (fi_kind,name,url,cispa,dt,aws,notes) values ('insurer','MetLife','https://www.metlife.com',1,1,1,
'transactional site identity.metlife.com is not AWS');
insert into fiTbl (fi_kind,name,notes) values ('insurer','N&D Group','no website, only an access-restricted Facebook page');
insert into fiTbl (fi_kind,name,url,antitor,aws,alec,foxnews,cispa,dt) values ('insurer','Nationwide','https://nationwide.com',1,1,1,1,1,1);
insert into fiTbl (fi_kind,name,url,antitor,dt) values ('insurer','Pemco','https://pemco.com',1,1);
insert into fiTbl (fi_kind,name,url,antitor,foxnews,dt) values ('insurer','Progressive','https://progressive.com',1,1,1);
insert into fiTbl (fi_kind,name,url,antitor,notes) values ('insurer','Safe Auto','http://www.safeauto.com',1,
'**Tor-hostile** sign-in page despite Tor-friendly landing page.');
insert into fiTbl (fi_kind,name,url,parent,antitor,notes) values ('insurer','Safeco','https://safeco.com','Liberty Mutual',1,'akamai hosted');
insert into fiTbl (fi_kind,name,url,dt,notes) values ('insurer','Selective','https://www.selective.com',1,
'pushes CloudFlare javascript, but apparently execution is optional.');
insert into fiTbl (fi_kind,name,url,dt,notes) values ('insurer','Shelter Insurance','https://web.archive.org/web/shelterinsurance.com',1,
'CloudFlare name server is used, which means they can trivially flip a switch to become a CF site.');
insert into fiTbl (fi_kind,name,url,antitor,alec,foxnews,cispa,dt,notes) values ('insurer','State Farm','https://www.statefarm.com',1,1,1,1,1,'edgecast-hosted');
insert into fiTbl (fi_kind,name,url,aws,dt) values ('insurer','Stewart Information Services Corporation','https://www.stewart.com/en.html',1,1);
insert into fiTbl (fi_kind,name,url,parent,notes) values ('insurer','The General','https://thegeneral.com','American Family Insurance',
'only writes auto policies; certified as [Great Place to Work](https://www.greatplacetowork.com/certified-company/7003720)');
insert into fiTbl (fi_kind,name,url,parent) values ('insurer','Titan','https://titaninsured.com','Nationwide');
insert into fiTbl (fi_kind,name,url,hrecaptcha,cispa,dt,notes) values ('insurer','Travelers','https://www.travelers.com','unavoidable',1,1,'akamai hosted');
insert into fiTbl (fi_kind,name,url,parent,notes) values ('insurer','TruStage','https://www.trustage.com','CUNA Mutual',
'home and auto policies underwritten by Liberty Mutual (LMG)');
insert into fiTbl (fi_kind,name,url,antitor,foxnews,cispa,dt) values ('insurer','USAA','https://www.usaa.com',1,1,1,1);
insert into fiTbl (fi_kind,name,url,hrecaptcha,cflogin) values ('insurer','Western Mutual','https://www.westernmutual.com','unavoidable',1);
/* END INSURERS */
update fiTbl set lst_kind = 'gray'
where lst_kind = 'white' and (aws or cispa or dt or (notes is not null and (notes like '%tor_hostile%' or notes like '%equifax%' or notes like '%google_cloud_hosted%')));
update fiTbl set lst_kind = 'black'
where cflogin or alec or antitor or forced_nfsw or hrecaptcha = 'unavoidable' or parent in ('Bank of America','Wells Fargo') or notes like '%underwritten_by%LMG%';
update fiTbl set lst_kind = 'black'
where name like '%CUNA_Mutual%' or parent in ('Bank of America','Wells Fargo') or notes like '%underwritten_by%LMG%'; /* hacks */
update fiTbl set lst_kind = 'black' where parent in (select name from fiTbl where lst_kind = 'black');
update fiTbl set lst_kind = 'gray' where parent in (select name from fiTbl where lst_kind = 'gray') and lst_kind = 'white';
update fiTbl set notes = 'parent: '||parent||case when notes is null then '' else '; '||notes end
where parent is not null and (notes is null or notes not like '%'||parent||'%');
update fiTbl set notes = '**Amazon AWS-hosted**'||case when notes is null then '' else '; '||notes end where aws;
update fiTbl set notes = 'sponsors Fox News'||case when notes is null then '' else '; '||notes end where foxnews;
update fiTbl set notes = '**forced h/reCAPTCHA**'||case when notes is null then '' else '; '||notes end where hrecaptcha = 'unavoidable';
/* update fiTbl set notes = '**Tor-hostile** resources'||case when notes is null then '' else '; '||notes end where antitor and (notes is null or notes not like '%tor_hostile%');*/

160
input_docs/table_legend.md → input_data/table_legend.md
View File

@ -19,7 +19,7 @@ Companies that continue to renew their ALEC membership are right-wing die-hards
The OK hand sign (👌) indicates that the financial institution still today supports the above-mentioned right-wing agenda through ALEC membership.
# Why Tor-hostile FIs are blacklisted
## Why Tor-hostile FIs are blacklisted
Financial institutions that are aggressively Tor-hostile are automatically blacklisted.
@ -98,7 +98,16 @@ reduces your freedom of movement.
The eye (👁) indicates that account access is restricted and exclusive to non-Tor users,
who must expose their IP address to the FI and who must expose their FI to their ISP.
# Why FIs in CloudFlare's walled-garden are blacklisted
### Why IB is only graylisted despite Tor-hostility
InteractiveBrokers's trading platform supports proxies over Tor which makes it
possible to use Tor for trading. It's also possible to receive
statements and tax documents without using the website. So the
Tor-blocking website is not an obstical to routine operations.
Nonetheless, it's a considerable problem that initial registration and
configuration can't be done over Tor.
## Why FIs in CloudFlare's walled-garden are blacklisted
Financial institutions that proxy their services through CloudFlare are
blacklisted automatically for taking a profoundly stupid risk with
@ -111,51 +120,124 @@ unacceptably high security risk of having a CloudFlare MitM, there are
countless [ethical problems](rap_sheets/cloudflare.md) with being an
enabler of CloudFlare.
The storm cloud (🌩) indicates that account access is restricted and exclusive per CloudFlare's will and customers who do get access are forced to share sensitive transaction data with CloudFlare, Inc. (a privacy abuser).
The storm cloud (🌩) indicates that account access is restricted and
exclusive per CloudFlare's will and customers who do get access are
forced to share sensitive transaction data with CloudFlare, Inc. (a
privacy abuser).
# Why CISPA supporters are graylisted
## Why some FIs that force CAPTCHAs are blacklisted
Banks and brokerages that force customers to solve an hCAPTCHA or a
Google reCAPTCHA are blacklisted automatically. Use of these two forms
of CAPTCHA have an excessive detrimental impact on privacy and human
rights, which is outlined in the
[CloudFlare rap sheet](rap_sheets/cloudflare.md).
Other forms of CAPTCHA aren't so invasive and aren't cause for
blacklisting.
## Why FIs that impose Google Playstore (GPS) or Apple are blacklisted
Banks and brokerages that force customers to obtain software from
Google Playstore or Apple are blacklisted automatically. Most brokers
have web access or a desktop app, in which case the mobile app can be
disregarded because customers have a viable means to avoid the privacy
abusing walled gardens.
FIs like FUTU and Gatsby are a problem. Gatsby has no means of access
apart from the mobile app, and no APK is available on their website or
in f-droid.org, so Android users have no choice but to buy mobile
phone service, trust Google with their phone number, then also trust
Google not to tell data brokers where you bank and invest. FUTU has a
desktop app but only for Mac or Windows, so linux users and those who
avoid non-free software are stuffed. (Caveat: the FUTU Windows app has
[not been tested on WINE](https://web.archive.org/web/20210206141122/https://www.winehq.org/search?q=futu)
or ReactOS)
## Why CISPA supporters are graylisted
The [Cyber Intelligence Sharing and Protection Act (CISPA)](https://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act)
was a bill to bypass the 4^(th) amendment to promote a system of unwarranted
mass surveillance through information sharing between the government and private sector.
Congress blocked the bill, but it was later reincarnated as CISA and it passed.
Unlike ALEC lobbying, CISPA was a one-off event far in the past, and over 800 companies supported it.
Since it does not necessarily reflect the company's recent stance or influence,
supporters are graylisted instead of blacklisted. They should still be avoided in
favor of a whitelisted competitor, but they are considerably less evil than those that are blacklisted.
was a bill to bypass the 4th amendment to promote a system of
unwarranted mass surveillance through information sharing between the
government and private sector. Congress blocked the bill, but it was
later reincarnated as CISA and it passed. Unlike ALEC lobbying, CISPA
was a one-off event far in the past, and over 800 companies supported
it. Since it does not necessarily reflect the company's recent stance
or influence, supporters are graylisted instead of blacklisted. They
should still be avoided in favor of a whitelisted competitor, but they
are considerably less evil than those that are blacklisted.
The spook (🕵) indicates that the financial institution lobbied for a police surveillance state in favor of CISPA.
The spook (🕵) indicates that the financial institution lobbied for a
police surveillance state in favor of CISPA.
# Why FIs that force their staff to take a drug test are graylisted
## Why FIs that force their staff to take a drug test are graylisted
Drug testing employees is an assault on the privacy and lifestyle of employees and staff outside the workplace.
In most cases involving medicinal marijuana states, the drug test also harms the healthcare of employees by
intervening in doctors' prescriptions. Normally drug testing would justify blacklisting, but the problem is so
widespread nationwide that the whitelist tends to be overly small. Drug testing also does not do significant
harm to consumers, so companies that drug test are graylisted.
Drug testing employees is an assault on the privacy and lifestyle of
employees and staff outside the workplace. In most cases involving
medicinal marijuana states, the drug test also harms the healthcare of
employees by intervening in doctors' prescriptions. Normally drug
testing would justify blacklisting, but the problem is so widespread
nationwide that the whitelist tends to be overly small. Drug testing
also does not do significant harm to consumers, so companies that drug
test are graylisted.
The test tube (🧪) indicates that the financial institution abuses their staff through forced drug testing.
The test tube (🧪) indicates that the financial institution abuses
their staff through forced drug testing.
# Why Amazon and Google-hosted FIs are graylisted
## Why Amazon and Google-hosted FIs are graylisted
Amazon is behind [countless evils](rap_sheets/amazon.md). It's paramount to boycott
Amazon for anyone who cares about human rights, privacy, or the
environment. Amazon also has had several data breaches-- Capital One,
Juspay, Swiggy, etc., so it's a bad idea to trust custodians who use
AWS with the security of your money. Google is also evil. Not the degree of evil
that Amazon has achieved, but Google is in the fossil fuel business among
other evils. Google is also a central tech giant which (like Amazon) serves
as a central point of surveillance and also carries the risks of having
a huge number of insiders who can abuse the data. The size of the Amazon and Google
datacenters also makes them a likely target for outside hackers due to the high
rewards of compromise.
Amazon is behind [countless evils](rap_sheets/amazon.md). It's
paramount to boycott Amazon for anyone who cares about human rights,
privacy, or the environment. Amazon also has had several data
breaches-- Capital One, Juspay, Swiggy, etc., so it's a bad idea to
trust custodians who use AWS with the security of your money. Google
is also evil. Not the degree of evil that Amazon has achieved, but
Google is in the fossil fuel business among other evils. Google is
also a central tech giant which (like Amazon) serves as a central
point of surveillance and also carries the risks of having a huge
number of insiders who can abuse the data. The size of the Amazon and
Google datacenters also makes them a likely target for outside hackers
due to the high rewards of compromise.
Akamai is not known to have a significant history of wrongdoing on the scale of Amazon or Google.
There is cause for concern in terms of security though because it's large enough to serve as a
central monitoring point where breaches and compromise is still considerable.
Akamai-hosted financial institutions are not graylisted for that reason alone.
In the end, you're the judge.
Akamai is not known to have a significant history of wrongdoing on the
scale of Amazon or Google. There is cause for concern in terms of
security though because it's large enough to serve as a central
monitoring point where breaches and compromise is still considerable.
Akamai-hosted financial institutions are not graylisted for that
reason alone. In the end, you're the judge.
Financial institutions hosted on GAFAM (Google Amazon Facebook Apple Microsoft) are graylisted.
The wrongdoing is indirect and in the end taking a security risk doesn't necessarily lead to a breach.
Of course it's still ethically favorable to choose a whitelisted financial institution if possible.
Financial institutions hosted on GAFAM (Google Amazon Facebook Apple
Microsoft) are graylisted. The wrongdoing is indirect and in the end
taking a security risk doesn't necessarily lead to a breach. Of
course it's still ethically favorable to choose a whitelisted
financial institution if possible.
## Why FIs that outsource to Equifax are graylisted
Equifax is the most reckless of all four credit bureaus with sensitive
credit data. A data breach of sensitive consumer records to the tune
of ~150 million Americans was leaked as a result of reckless security
procedures. The lawsuit yielded a disproportionately tiny settlement
by which most Americans were not compensated, even though they never
consented to Equifax collecting the data to begin with. Of those who
received compensation, most did not receive cash, but rather credit
protection service which ultimately feeds more money back into the
credit bureaus.
## An FI is only as good as its supply chain and ownership
Financial institutions like Merrill Edge, TD Ameritrade, and
Wellstrade have ethically controversial ownership. Merrill Edge and
Wellstrade are simply owned by extremely [evil banks](usa_banks.md).
A large majority of TD Ameritrade is owned by Charles Schwab. Schwab
is not directly involved in the highly controversial financing that
other large banks are, but Schwab outsources banking to PNC bank,
which is quite evil.
It's important for ethical consumption to consider the whole supply
chain to the extent of your awareness. When consuming a product or
service you're not just feeding the immediate customer-facing
business.
We track both the supply chain and ownership. We will not give a
subsidiary a higher rating than its parent.

223
tools/gen_fi_table.sh
View File

@ -25,203 +25,28 @@ typeset -A sym=([red_circle]=$'\xF0\x9F\x94\xB4'
#local okhand='👌'
#local eye='👁'
intro()
{
local lst=$1
local fi_kind=$2
case "$lst" in
white)
printf %s\\n 'The following '"${fi_kind}"'s have no significant ethical issues:'
;;
gray)
printf %s\\n 'These '"${fi_kind}"'s would normally be blacklisted, but due to the short whitelist they are set aside as a less evil compromise to those blacklisted. They should still be avoided if possible.'
;;
black)
printf %s\\n 'These '"${fi_kind}"'s have severe ethical or trust issues and should be boycotted:'
;;
esac
};#intro
table_populate()
{
# fiTbl: "financial institution table"
sqlite3 "${db_file}" <<'EOF'
create table if not exists fiTbl (name text primary key not null,
url text,
fi_kind text check(fi_kind in ('bank', 'brokerage', 'CU', 'insurer')) not null default 'brokerage',
lst_kind text check(lst_kind in ('black', 'gray', 'white')) not null default 'white',
hrecaptcha text check(hrecaptcha in ('unavoidable', 'non-essential tasks', 'never')) not null default 'never',
parent text,
cflogin boolean default 0,
antitor boolean default 0,
alec boolean default 0,
forced_nfsw boolean default 0,
foxnews boolean default 0,
aws boolean default 0,
cispa boolean default 0,
dt boolean default 0,
notes text);
/* BEGIN BROKERAGES */
/* insert into fiTbl (name,notes) values ("Evertrade","Where's the website? Sold to TIAA-CREF?");*/
insert into fiTbl (name,url,aws,notes) values ("Janus Henderson","https://www.janushenderson.com",1,"transactional web host (www.secureaccountview.com) is not AWS, but it is Tor-hostile; it's possible to work offline and receive gratis paper statements.");
insert into fiTbl (name,url,dt,notes) values ("Vanguard","https://investor.vanguard.com",1,"");
insert into fiTbl (name,url,notes) values ("Rich Uncles","https://richuncles.com","Real estate investing only");
insert into fiTbl (name,url,aws,notes) values
("Stash","https://stash.com",1,
"no mutual funds; no options; no crypto; maintenance fee: $1/month");
insert into fiTbl (name,url,aws,notes) values
("nvstr","https://www.nvstr.com",1,
"maintenance fee: $4/month; promos: $15-150 for funding, random bonus awards, referral bonuses");
insert into fiTbl (name,url,aws,notes) values
("tastyworks","https://tastyworks.com",1,
"TIRA; RIRA; no forex; no crypto; no non-US stocks; open/close fee= $0/0; commission=$5/stock trade (closing trades gratis), $1/option trade; promo: funding (100 shares [$1-6ea, avg:$200-220]), referral=$75");
insert into fiTbl (name,url,aws,notes) values
("Webull","https://www.webull.com",1,"TIRA; RIRA; crypto; no forex");
insert into fiTbl (name,url,aws,notes) values
("TradeStation","https://www.tradestation.com",1,
"crypto; min. invest=$500 ($2k for bonus); open/close fee= $0/0; commission=$0.50/option trade; commission=$0-5/stock trade");
insert into fiTbl (name,url,cispa,notes) values
("E*Trade","https://us.etrade.com",1,
"covers: Canada, France, Germany, Hong Kong, Japan, United Kingdom, and United States; funding bonus ($5k=>$50; $10k=>$100; $20k=>$150)");
insert into fiTbl (name,url,notes) values
("Greenvest","https://greenvest.com",
"RIRA; min. investment to avoid fees: $100k; [B corp](https://bcorporation.net/directory/greenvest)");
insert into fiTbl (name,url,aws,notes) values
("Robinhood","https://robinhood.com/us/en/",1,"[Fined $65M](https://nypost.com/2020/12/17/sec-slaps-robinhood-app-with-65m-fine-for-misleading-users) for misleading users; They may have used CloudFlare in the past but apparently that changed");
insert into fiTbl (name,url,notes) values
("InteractiveBrokers","https://interactivebrokers.com",
"min. investment to avoid fees: $100k per account; has a ""impact"" feature to analyze the portfolio's ESG factors w.r.t. the user's ethical views; covers Australia, Belgium, Canada, France, Germany, Hong Kong, Italy, Japan, Mexico, Netherlands, Singapore, South Korea, Spain, Sweden, Switzerland, United Kingdom, and United States; website is **partially Tor-hostile** but the site can be avoided for most operations after sign-up");
insert into fiTbl (name,url,lst_kind,notes) values
("TD Ameritrade","https://www.tdameritrade.com","black",
"Majority owned by Charles Schwab, a firm that [supports](us_banks.md) republicans, CISPA, drug tests their staff, and treats Tor users with hostility (but note that TDA functions over Tor). Schwab outsources banking operations to PNC bank, which is [quite evil](us_banks.md); [Uses MS Github to host s/w](https://github.com/TDAmeritrade/stumpy)");
insert into fiTbl (name,url,hrecaptcha,aws) values ("Fundrise","https://fundrise.com","unavoidable",1);
insert into fiTbl (name,url,aws,cispa,alec,dt) values ("Prudential","https://www.prudential.com",1,1,1,1);
insert into fiTbl (name,url,cflogin,aws) values ("Ellevest","https://www.ellevest.com",1,1);
insert into fiTbl (name,url,cflogin) values ("Euro Pacific Capital","https://europacbank.com",1);
insert into fiTbl (name,url,cflogin) values ("Zackstrade","https://zackstrade.com",1);
insert into fiTbl (name,url,cflogin) values ("Stockpile","https://www.stockpile.com",1);
insert into fiTbl (name,url,cflogin) values ("Tradingblock","https://tradingblock.com",1);
insert into fiTbl (name,url,cflogin) values ("Wealthsimple","https://wealthsimple.com",1);
insert into fiTbl (name,url,notes) values
("Finhabits","https://www.finhabits.com",
"[B corp](https://bcorporation.net/directory/finhabits); Hosted on Google Cloud; outsources to Apex; uses Equifax for address verification; sends spam");
insert into fiTbl (name,url,hrecaptcha,notes) values
("Wealthfront","https://www.wealthfront.com","unavoidable","Registration imposes Google reCAPTCHA; [caught](https://www.jpost.com/Breaking-News/US-regulator-sanctions-robo-advisers-Wealthfront-Hedgeable-on-false-disclosures-575044) making false disclosures and [charged](https://www.eastbaytimes.com/2018/12/21/bay-area-robo-adviser-firm-wealthfront-charged-by-sec-with-false-advertising) for false advertising.");
insert into fiTbl (name,url,cflogin,aws,notes) values
("Axos Invest","https://www.axosinvest.com",1,1,
"Axos Bank is jailed in CloudFlare and Axos Invest will be soon. Investors who get blocked by that will have to pay $5/month for paper statements.");
insert into fiTbl (name,url,antitor,notes) values ("IEX","https://iextrading.com/trading",1,"an alternative to conventional stock markets; **Google-Cloud hosted**");
insert into fiTbl (name,url,antitor,notes) values
("Firstrade","https://firstrade.com",1,"whole site is Tor-hostile (468 error)");
insert into fiTbl (name,url,antitor,notes) values
("TIAA-CREF","https://tiaa-cref.org",1,"Whole site is Tor-hostile");
insert into fiTbl (name,url,antitor,cispa,notes) values
("Ally","http://www.ally.com/",1,1,"whole site is Tor-hostile (403 error)");
insert into fiTbl (name,url,cflogin,notes) values
("SoFi","https://sofi.com/",1,
"They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare; also [caught](https://www.ftc.gov/news-events/press-releases/2018/10/online-student-loan-refinance-company-sofi-settles-ftc-charges) in a deceptive advertizing scandal.");
insert into fiTbl (name,url,cflogin,notes) values
("M1 Finance","https://www.m1finance.com",1,
"They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare.");
insert into fiTbl (name,url,cflogin,notes) values ("Lightspeed","https://www.lightspeed.com",1,"");
insert into fiTbl (name,url,hrecaptcha,notes) values
("Betterment","https://www.betterment.com","unavoidable",
"Imposes hCAPTCHA just to read the landing page. They censor posts in their Reddit sub that complains about this instead of offering support.");
insert into fiTbl (name,url,cflogin,notes) values ("Siebert","https://www.siebert.com",1,"");
insert into fiTbl (name,url,parent,dt,notes) values
("Merrill Edge","https://www.merrilledge.com/","Bank of America",1,
"Owned by one of the [most evil](us_banks.md) banks in the world (Bank of America)");
insert into fiTbl (name,url,parent,cispa,dt,notes) values
("Wellstrade","https://wellstrade","Wells Fargo",1,1,"Owned by Wells Fargo, an [evil](us_banks.md) bank.");
insert into fiTbl (name,url,cflogin,notes) values
("Sogotrade","https://sogotrade.com",1,"");
insert into fiTbl (name,url,forced_nfsw,notes) values
("FUTU","fututrade.com",1,
"support.fututrade.com is CloudFlared; no web app; mobile app is GPS-iOS-only; desktop is Mac/Windows only");
insert into fiTbl (name,url,forced_nfsw,notes) values
("Gatsby","trygatsby.com",1,"no web app; no desktop app; mobile app is GPS-iOS-only");
/* END BROKERAGES */
/* BEGIN INSURERS */
insert into fiTbl (fi_kind,name,url,parent) values ("insurer","21st Century","https://www.21st.com","Farmers");
insert into fiTbl (fi_kind,name,url,alec,foxnews,dt,notes) values ("insurer","Aflac","https://www.aflac.com",1,1,1,"transactional site is **Google Cloud-hosted**");
insert into fiTbl (fi_kind,name,url,cispa,dt,aws) values ("insurer","Allianz","https://allianz.com",1,1,1);
insert into fiTbl (fi_kind,name,url,parent,cispa,dt,aws,antitor) values ("insurer","Allied","https://www.alliedinsurance.com","Nationwide",1,1,1,1);
insert into fiTbl (fi_kind,name,url,cispa,dt,antitor,foxnews,notes) values ("insurer","Allstate","https://www.allstate.com",1,1,1,1,"akamai hosted; [accused](https://www.consumerreports.org/car-insurance/allstate-car-insurance-pricing-michigan-regulators-raise-objections) by Michigan regulators of profiling customers unlikely to shop out insurance to charge them more, and accused in Texas of having a ""suckers list""; [uses ""personalized pricing"" in 10 states](https://www.consumerreports.org/car-insurance/why-you-may-be-paying-too-much-for-your-car-insurance).");
insert into fiTbl (fi_kind,name,url) values ("insurer","American Family Insurance","https://www.amfam.com");
insert into fiTbl (fi_kind,name,url,hrecaptcha,cflogin,notes) values ("insurer","American Modern","https://www.amig.com","unavoidable",1,"**Google Cloud-hosted** landing page, which is CloudFlare-free but the transactional host my.doculivery.com is CFd");
insert into fiTbl (fi_kind,name,url,cispa,dt,notes) values ("insurer","Ameriprise Financial","https://www.ameriprise.com",1,1,"akamai hosted");
insert into fiTbl (fi_kind,name,url,antitor) values ("insurer","Amica","https://www.amica.com",1);
insert into fiTbl (fi_kind,name,parent,notes) values ("insurer","American Strategic Insurance (ASI)","Progressive","no website, only an access-restricted MS LinkedIn page");
insert into fiTbl (fi_kind,name,url,dt,notes) values ("insurer","Berkshire Hathaway","https://berkshirehathaway.com",1,"Berkshire Hathaway is not directly an ALEC member, but BH wholly owns ALEC members (e.g. Geico and Fruit of the Loom)");
insert into fiTbl (fi_kind,name,url,hrecaptcha,cflogin,cispa) values ("insurer","Brown & Brown Insurance","https://bbinsurance.com",'unavoidable',1,1);
insert into fiTbl (fi_kind,name,url,notes) values ("insurer","CUNA Mutual","https://www.cunamutual.com","Feeds LMG through TruStage.");
insert into fiTbl (fi_kind,name,url) values ("insurer","Erie","https://www.erieinsurance.com");
insert into fiTbl (fi_kind,name,url,parent,foxnews,notes) values ("insurer","Esurance","https://www.esurance.com","Allstate",1,"akamai hosted");
insert into fiTbl (fi_kind,name,url,alec,dt,notes) values ("insurer","Farmers","https://www.farmers.com",1,1,"akamai hosted");
insert into fiTbl (fi_kind,name,url,parent,dt) values ("insurer","First American Insurance Agency","https://www.faiagency.com","Liberty Mutual",1);
insert into fiTbl (fi_kind,name,url,parent,dt) values ("insurer","Foremost","http://www.foremost.com","Farmers",1);
insert into fiTbl (fi_kind,name,url,parent,alec,foxnews,dt,notes) values ("insurer","Geico","https://www.geico.com","Berkshire Hathaway",1,1,1,"akamai hosted but transactional site ecams.geico.com is not.");
insert into fiTbl (fi_kind,name,url,parent,notes) values ("insurer","Gen Re","https://www.genre.com","Berkshire Hathaway","akamai hosted, but transactional site www.genre-connect.com is not. The documentation (""Knowledge"" link) is CloudFlared.");
insert into fiTbl (fi_kind,name,url,dt,notes) values ("insurer","National General","https://www.nationalgeneral.com",1,"formerly GMAC");
insert into fiTbl (fi_kind,name,url,dt) values ("insurer","Grange Mutual","https://www.grangeinsurance.com",1);
insert into fiTbl (fi_kind,name,url,parent) values ("insurer","Harleysville Group","https://www.harleysvillegroup.com","Nationwide");
insert into fiTbl (fi_kind,name,url,antitor,cispa,dt,notes) values ("insurer","Hartford","https://www.thehartford.com",1,1,1,"akamai hosted");
insert into fiTbl (fi_kind,name,url,notes) values ("insurer","Homesite Insurance Group (aka Midvale Home & Auto)","https://go.midvaleinsurance.com","affiliated with American Family Insurance; landing page is Fastly-hosted; quoting page is AWS-hosted & Tor-hostile; login page has no issues");
insert into fiTbl (fi_kind,name,dt,notes) values ("insurer","Horace Mann",1,"no website, only an access-restricted Facebook page");
insert into fiTbl (fi_kind,name,url,antitor,dt) values ("insurer","Infinity","https://infinityauto.com",1,1);
insert into fiTbl (fi_kind,name,url,antitor,alec,notes) values ("insurer","Lexington","https://www.lexingtoninsurance.com",1,1,"landing page allows Tor access but all links therein refuse Tor; AIG partner");
insert into fiTbl (fi_kind,name,url,antitor,alec,foxnews,cispa,notes) values ("insurer","Liberty Mutual","https://www.libertymutual.com",1,1,1,1,"akamai hosted");
insert into fiTbl (fi_kind,name,url,parent,antitor,notes) values ("insurer","Main Street America Insurance","https://msainsurance.com","American Family Insurance",1,"Landing page allows Tor but the transactional host does not");
insert into fiTbl (fi_kind,name,url,antitor,dt) values ("insurer","Mercury","https://www.mercuryinsurance.com",1,1);
insert into fiTbl (fi_kind,name,url,cispa,dt,aws,notes) values ("insurer","MetLife","https://www.metlife.com",1,1,1,"transactional site identity.metlife.com is not AWS");
insert into fiTbl (fi_kind,name,notes) values ("insurer","N&D Group","no website, only an access-restricted Facebook page");
insert into fiTbl (fi_kind,name,url,antitor,aws,alec,foxnews,cispa,dt) values ("insurer","Nationwide","https://nationwide.com",1,1,1,1,1,1);
insert into fiTbl (fi_kind,name,url,antitor,dt) values ("insurer","Pemco","https://pemco.com",1,1);
insert into fiTbl (fi_kind,name,url,antitor,foxnews,dt) values ("insurer","Progressive","https://progressive.com",1,1,1);
insert into fiTbl (fi_kind,name,url,antitor,notes) values ("insurer","Safe Auto","http://www.safeauto.com",1,"**Tor-hostile** sign-in page despite Tor-friendly landing page.");
insert into fiTbl (fi_kind,name,url,parent,antitor,notes) values ("insurer","Safeco","https://safeco.com","Liberty Mutual",1,"akamai hosted");
insert into fiTbl (fi_kind,name,url,dt,notes) values ("insurer","Selective","https://www.selective.com",1,"pushes CloudFlare javascript, but apparently execution is optional.");
insert into fiTbl (fi_kind,name,url,dt,notes) values ("insurer","Shelter Insurance","https://web.archive.org/web/shelterinsurance.com",1,"CloudFlare name server is used, which means they can trivially flip a switch to become a CF site.");
insert into fiTbl (fi_kind,name,url,antitor,alec,foxnews,cispa,dt,notes) values ("insurer","State Farm","https://www.statefarm.com",1,1,1,1,1,"edgecast-hosted");
insert into fiTbl (fi_kind,name,url,aws,dt) values ("insurer","Stewart Information Services Corporation","https://www.stewart.com/en.html",1,1);
insert into fiTbl (fi_kind,name,url,parent,notes) values ("insurer","The General","https://thegeneral.com","American Family Insurance","only writes auto policies; certified as [Great Place to Work](https://www.greatplacetowork.com/certified-company/7003720)");
insert into fiTbl (fi_kind,name,url,parent) values ("insurer","Titan","https://titaninsured.com","Nationwide");
insert into fiTbl (fi_kind,name,url,hrecaptcha,cispa,dt,notes) values ("insurer","Travelers","https://www.travelers.com","unavoidable",1,1,"akamai hosted");
insert into fiTbl (fi_kind,name,url,parent,notes) values ("insurer","TruStage","https://www.trustage.com","CUNA Mutual","home and auto policies underwritten by Liberty Mutual (LMG)");
insert into fiTbl (fi_kind,name,url,antitor,foxnews,cispa,dt) values ("insurer","USAA","https://www.usaa.com",1,1,1,1);
insert into fiTbl (fi_kind,name,url,hrecaptcha,cflogin) values ("insurer","Western Mutual","https://www.westernmutual.com",'unavoidable',1);
/* END INSURERS */
update fiTbl set lst_kind = 'gray' where lst_kind = 'white' and (aws or cispa or dt or (notes is not null and (notes like '%tor_hostile%' or notes like '%equifax%' or notes like '%google_cloud_hosted%')));
update fiTbl set lst_kind = 'black' where cflogin or alec or antitor or forced_nfsw or hrecaptcha = 'unavoidable' or parent in ('Bank of America','Wells Fargo') or notes like '%underwritten_by%LMG%';
update fiTbl set lst_kind = 'black' where name like '%CUNA_Mutual%' or parent in ('Bank of America','Wells Fargo')
or notes like '%underwritten_by%LMG%'; /* hacks */
update fiTbl set lst_kind = 'black' where parent in (select name from fiTbl where lst_kind = 'black');
update fiTbl set lst_kind = 'gray' where parent in (select name from fiTbl where lst_kind = 'gray') and lst_kind = 'white';
update fiTbl set notes = 'parent: '||parent||case when notes is null then '' else '; '||notes end
where parent is not null and (notes is null or notes not like '%'||parent||'%');
update fiTbl set notes = '**Amazon AWS-hosted**'||case when notes is null then '' else '; '||notes end where aws;
update fiTbl set notes = 'sponsors Fox News'||case when notes is null then '' else '; '||notes end where foxnews;
update fiTbl set notes = '**forced h/reCAPTCHA**'||case when notes is null then '' else '; '||notes end where hrecaptcha = 'unavoidable';
/* update fiTbl set notes = '**Tor-hostile** resources'||case when notes is null then '' else '; '||notes end where antitor and (notes is null or notes not like '%tor_hostile%');*/
EOF
sqlite3 "${db_file}" < input_data/financial_institutions.sql
};#table_populate
table_text()
@ -243,6 +68,7 @@ table_text()
fi
printf %s "# ${lst^}"'list
```
.TS
box tab(|);
c|c|c|c|c|c|c.
@ -270,6 +96,7 @@ T}' end||
printf %s '.TE
```
'
done
@ -279,6 +106,8 @@ table_md()
{
local fi_kind=$1
printf %s\\n "# Directory of US-based ${fi_kind}s"
for lst in white gray black
do
if [[ "$lst" == black ]]
@ -287,7 +116,9 @@ table_md()
else
name_clause="case when url like '_%' then '|['||name||']('||url||')' else '|'||name end"
fi
printf %s "# ${lst^}"'list
printf %s "## ${lst^}list
$(intro $lst $fi_kind)"'
| *'"$fi_kind"'* | *ALEC member* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|---|
@ -316,4 +147,4 @@ case "$2" in
;;
esac
cat input_docs/table_legend.md
cat input_data/table_legend.md

317
usa_brokerages.md
View File

@ -1,110 +1,91 @@
# Directory of US brokerage firms
# Directory of US-based brokerages
## Whitelist
The following brokerages have no significant ethical issues:
| *brokerage* | *ALEC member* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|
|[Greenvest](https://greenvest.com)|n|n|n|n|RIRA; min. investment to avoid fees: $100k; [B corp](https://bcorporation.net/directory/greenvest)|
|[Rich Uncles](https://richuncles.com)|n|n|n|n|Real estate investing only|
| *brokerage* | *ALEC member* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|---|
|[Greenvest](https://greenvest.com)|n|n|n|n|n|RIRA; min. investment to avoid fees: $100k; [B corp](https://bcorporation.net/directory/greenvest)|
|[Rich Uncles](https://richuncles.com)|n|n|n|n|n|Real estate investing only; verification requires giving them a phone number that you answer (voicemail is not accepted)|
## Graylist
These brokerages would normally be blacklisted, but due to the short
whitelist they are set aside as a less evil compromise to those
blacklisted. They should still be avoided if possible.
These brokerages would normally be blacklisted, but due to the short whitelist they are set aside as a less evil compromise to those blacklisted. They should still be avoided if possible.
| *brokerage* | *ALEC member* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|
|[E*Trade](https://us.etrade.com)|n|n|🕵|n|covers: Canada, France, Germany, Hong Kong, Japan, United Kingdom, and United States; funding bonus ($5k=>$50; $10k=>$100; $20k=>$150)|
|[Finhabits](https://www.finhabits.com)|n|n|n|n|[B corp](https://bcorporation.net/directory/finhabits); Hosted on Google Cloud; outsources to Apex; uses Equifax for address verification|
|[InteractiveBrokers](https://interactivebrokers.com)|n|n|n|n|min. investment to avoid fees: $100k per account; has a "impact" feature to analyze the portfolio's ESG factors w.r.t. the user's ethical views; covers Australia, Belgium, Canada, France, Germany, Hong Kong, Italy, Japan, Mexico, Netherlands, Singapore, South Korea, Spain, Sweden, Switzerland, United Kingdom, and United States; website is **partially Tor-hostile** but the site can be avoided for most operations after sign-up|
|[Janus Henderson](https://www.janushenderson.com)|n|n|n|n|**Amazon AWS-hosted**; transactional web host (www.secureaccountview.com) is not AWS, but it is Tor-hostile; it's possible to work offline and receive gratis paper statements.|
|[nvstr](https://www.nvstr.com)|n|n|n|n|**Amazon AWS-hosted**; maintenance fee: $4/month; promos: $15-150 for funding, random bonus awards, referral bonuses|
|[Robinhood](https://robinhood.com/us/en/)|n|n|n|n|**Amazon AWS-hosted**; [Fined $65M](https://nypost.com/2020/12/17/sec-slaps-robinhood-app-with-65m-fine-for-misleading-users) for misleading users; They may have used CloudFlare in the past but apparently that changed|
|[Stash](https://stash.com)|n|n|n|n|**Amazon AWS-hosted**; no mutual funds; no options; no crypto; maintenance fee: $1/month|
|[tastyworks](https://tastyworks.com)|n|n|n|n|**Amazon AWS-hosted**; TIRA; RIRA; no forex; no crypto; no non-US stocks; open/close fee= $0/0; commission=$5/stock trade (closing trades gratis), $1/option trade; promo: funding (100 shares [$1-6ea, avg:$200-220]), referral=$75|
|[TradeStation](https://www.tradestation.com)|n|n|n|n|**Amazon AWS-hosted**; crypto; min. invest=$500 ($2k for bonus); open/close fee= $0/0; commission=$0.50/option trade; commission=$0-5/stock trade|
|[Vanguard](https://investor.vanguard.com)|n|n|n|🧪||
|[Webull](https://www.webull.com)|n|n|n|n|**Amazon AWS-hosted**; TIRA; RIRA; crypto; no forex|
### Rationale for graylist inclusion
Brokerage firms are graylisted here if their sole ethical problem is
hosting on Amazon AWS. Amazon is behind
[countless evils](rap_sheets/amazon.md). It's paramount to boycott
Amazon for anyone who cares about human rights, privacy, or the
environment. Amazon also has had several data breaches-- Capital One,
Juspay, Swiggy, etc., so it's a bad idea to trust custodians who use
AWS with the security of your money.
Exceptionally, E-Trade, Finhabits, InteractiveBrokers, and Vanguard do
not use AWS but they are still graylisted. E-Trade supported CISPA, a
bill to bypass the 4th amendment to promote unwarranted information
sharing with the government. Finhabits outsources address verification
to Equifax.
<details>
<summary>The problem with Equifax</summary>
Equifax is the most reckless of all four credit bureaus with sensitive
credit data. A data breach of sensitive consumer records to the tune
of ~150 million Americans was leaked as a result of reckless security
procedures. The lawsuit yielded a disproportionately tiny settlement
by which most Americans were not compensated, even though they never
consented to Equifax collecting the data to begin with. Of those who
received compensation, most did not receive cash, but rather credit
protection service which ultimately feeds more money back into the
credit bureaus.
</details>
InteractiveBrokers is graylisted due to blocking Tor users from
accessing some of the web features.
Vanguard is graylisted due to forcing employees to take a drug test,
which is an assault on their privacy outside the workplace as well as
a hinderance to healthcare.
| *brokerage* | *ALEC member* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|---|
|[E*Trade](https://us.etrade.com)|n|n|n|🕵|n|covers: Canada, France, Germany, Hong Kong, Japan, United Kingdom, and United States; funding bonus ($5k=>$50; $10k=>$100; $20k=>$150)|
|[Finhabits](https://www.finhabits.com)|n|n|n|n|n|[B corp](https://bcorporation.net/directory/finhabits); Hosted on Google Cloud; outsources to Apex; uses Equifax for address verification; sends spam|
|[InteractiveBrokers](https://interactivebrokers.com)|n|n|n|n|n|min. investment to avoid fees: $100k per account; has an "impact" feature to analyze the portfolio's ESG factors w.r.t. the user's ethical views; covers Australia, Belgium, Canada, France, Germany, Hong Kong, Italy, Japan, Mexico, Netherlands, Singapore, South Korea, Spain, Sweden, Switzerland, United Kingdom, and United States; website is **partially Tor-hostile** but the site can be avoided for most operations after sign-up|
|[Janus Henderson](https://www.janushenderson.com)|n|n|n|n|n|**Amazon AWS-hosted**; transactional web host (www.secureaccountview.com) is not AWS, but it is Tor-hostile; working offline and receiving gratis paper statements is possible.|
|[nvstr](https://www.nvstr.com)|n|n|n|n|n|**Amazon AWS-hosted**; maintenance fee: $4/month; promos: $15-150 for funding, random bonus awards, referral bonuses|
|[Robinhood](https://robinhood.com/us/en/)|n|n|n|n|n|**Amazon AWS-hosted**; [Fined $65M](https://nypost.com/2020/12/17/sec-slaps-robinhood-app-with-65m-fine-for-misleading-users) for misleading users; They may have used CloudFlare in the past but apparently that changed|
|[Stash](https://stash.com)|n|n|n|n|n|**Amazon AWS-hosted**; no mutual funds; no options; no crypto; maintenance fee: $1/month|
|[tastyworks](https://tastyworks.com)|n|n|n|n|n|**Amazon AWS-hosted**; TIRA; RIRA; no forex; no crypto; no non-US stocks; open/close fee= $0/0; commission=$5/stock trade (closing trades gratis), $1/option trade; promo: funding (100 shares [$1-6ea, avg:$200-220]), referral=$75|
|[TradeStation](https://www.tradestation.com)|n|n|n|n|n|**Amazon AWS-hosted**; crypto; min. invest=$500 ($2k for bonus); open/close fee= $0/0; commission=$0.50/option trade; commission=$0-5/stock trade|
|[Vanguard](https://investor.vanguard.com)|n|n|n|n|🧪||
|[Webull](https://www.webull.com)|n|n|n|n|n|**Amazon AWS-hosted**; TIRA; RIRA; crypto; no forex|
## Blacklist
These brokerages have severe ethical or trust issues and should be boycotted.
These brokerages have severe ethical or trust issues and should be boycotted:
| *brokerage* | *ALEC member* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|
|Ally|n|n|🕵|n|whole site is Tor-hostile (403 error)|
|Axos Invest|n|🌩|n|n|Amazon AWS-hosted; Axos Bank is jailed in CloudFlare and Axos Invest will be soon. Investors who get blocked by that will have to pay $5/month for paper statements.|
|Betterment|n|n|n|n|Imposes hCAPTCHA just to read the landing page. They censor posts in their Reddit sub that complains about this instead of offering support.|
|Ellevest|n|🌩|n|n|
|Euro Pacific Capital|n|🌩|n|n|
|FUTU|n|n|n|n|support.fututrade.com is CloudFlared; no web app; mobile app is GPS-iOS-only; desktop is Mac/Windows only|
|Firstrade|n|n|n|n|whole site is Tor-hostile (468 error)|
|Fundrise|n|n|n|n|Amazon AWS-hosted; Unavoidable CAPTCHAs|
|Gatsby|n|n|n|n|no web app; no desktop app; mobile app is GPS-iOS-only|
|Lightspeed|n|🌩|n|n||
|M1 Finance|n|🌩|n|n|They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare.|
|Merrill Edge|n|n|n|🧪|Owned by one of the [most evil](usa_banks.md) banks in the world (Bank of America)|
|Prudential|👌|n|🕵|🧪|
|Siebert|n|🌩|n|n||
|SoFi|n|🌩|n|n|They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare; also [caught](https://www.ftc.gov/news-events/press-releases/2018/10/online-student-loan-refinance-company-sofi-settles-ftc-charges) in a deceptive advertizing scandal.|
|Sogotrade|n|🌩|n|n||
|Stockpile|n|🌩|n|n|
|TD Ameritrade|n|n|n|n|Majority owned by Charles Schwab, a firm that [supports](usa_banks.md) republicans, CISPA, drug tests their staff, and treats Tor users with hostility (but note that TDA functions over Tor). Schwab outsources banking operations to PNC bank, which is [quite evil](usa_banks.md); [Uses MS Github to host s/w](https://github.com/TDAmeritrade/stumpy)|
|TIAA-CREF|n|n|n|n|Whole site is Tor-hostile|
|Tradingblock|n|🌩|n|n|
|Wealthfront|n|n|n|n|Registration imposes Google reCAPTCHA; [caught](https://web.archive.org/web/20190223185210/https://www.jpost.com/Breaking-News/US-regulator-sanctions-robo-advisers-Wealthfront-Hedgeable-on-false-disclosures-575044) making false disclosures and [charged](https://www.eastbaytimes.com/2018/12/21/bay-area-robo-adviser-firm-wealthfront-charged-by-sec-with-false-advertising) for false advertising.|
|Wealthsimple|n|🌩|n|n|
|Wellstrade|n|n|🕵|🧪|Owned by Wells Fargo, an [evil](usa_banks.md) bank.|
|Zackstrade|n|🌩|n|n|
| *brokerage* | *ALEC member* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|---|
|Ally|n|👁|n|🕵|n|whole site is Tor-hostile (403 error)|
|Axos Invest|n|n|🌩|n|n|**Amazon AWS-hosted**; Axos Bank is jailed in CloudFlare and Axos Invest will be soon. Investors who get blocked by that will have to pay $5/month for paper statements.|
|Betterment|n|n|n|n|n|**forced h/reCAPTCHA**; Imposes hCAPTCHA just to read the landing page. They censor posts in their Reddit sub that complains about this instead of offering support.|
|Ellevest|n|n|🌩|n|n|**Amazon AWS-hosted**|
|Euro Pacific Capital|n|n|🌩|n|n||
|Fidelity|👌|👁|n|🕵|🧪|sponsors Fox News; akamai hosted; takes voiceprints of customers without express consent; Landing page is Tor-friendly but transactional site is Tor-hostile|
|Firstrade|n|👁|n|n|n|whole site is Tor-hostile (468 error)|
|Fundrise|n|n|n|n|n|**forced h/reCAPTCHA**; **Amazon AWS-hosted**|
|FUTU|n|n|n|n|n|support.fututrade.com is CloudFlared; no web app; mobile app is GPS-iOS-only; desktop is Mac/Windows only|
|Gatsby|n|n|n|n|n|no web app; no desktop app; mobile app is GPS-iOS-only|
|IEX|n|👁|n|n|n|an alternative to conventional stock markets; **Google-Cloud hosted**|
|Lightspeed|n|n|🌩|n|n||
|M1 Finance|n|n|🌩|n|n|They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare.|
|Merrill Edge|n|n|n|n|🧪|Owned by one of the [most evil](us_banks.md) banks in the world (Bank of America)|
|Prudential|👌|n|n|🕵|🧪|**Amazon AWS-hosted**|
|Siebert|n|n|🌩|n|n||
|SoFi|n|n|🌩|n|n|They censor posts in their Reddit sub that expose the risks of passing sensitive financial data through CloudFlare; also [caught](https://www.ftc.gov/news-events/press-releases/2018/10/online-student-loan-refinance-company-sofi-settles-ftc-charges) in a deceptive advertizing scandal.|
|Sogotrade|n|n|🌩|n|n||
|Stockpile|n|n|🌩|n|n||
|TD Ameritrade|n|n|n|n|n|Majority owned by Charles Schwab, a firm that [supports](us_banks.md) republicans, CISPA, drug tests their staff, and treats Tor users with hostility (but note that TDA functions over Tor). Schwab outsources banking operations to PNC bank, which is [quite evil](us_banks.md); [Uses MS Github to host s/w](https://github.com/TDAmeritrade/stumpy)|
|TIAA-CREF|n|👁|n|n|n|Whole site is Tor-hostile; uses Ally Bank for banking|
|Tradingblock|n|n|🌩|n|n||
|Wealthfront|n|n|n|n|n|**forced h/reCAPTCHA**; Registration imposes Google reCAPTCHA; [caught](https://www.jpost.com/Breaking-News/US-regulator-sanctions-robo-advisers-Wealthfront-Hedgeable-on-false-disclosures-575044) making false disclosures and [charged](https://www.eastbaytimes.com/2018/12/21/bay-area-robo-adviser-firm-wealthfront-charged-by-sec-with-false-advertising) for false advertising.|
|Wealthsimple|n|n|🌩|n|n||
|Wellstrade|n|n|n|🕵|🧪|Owned by Wells Fargo, an [evil](us_banks.md) bank.|
|Zackstrade|n|n|🌩|n|n||
### Rationale for blacklist inclusion
# Why ALEC members are blacklisted
#### Tor hostility (Ally, Firsttrade, and TIAA-CREF)
American Legislative Exchange Council ("ALEC") is a right-wing super PAC and bill mill that puts corporate interests above the interest of human beings. ALEC:
Banks and brokerages that are aggressively Tor-hostile are
automatically blacklisted.
* [fights environmental protections](https://www.alecexposed.org/wiki/Environment,_Energy,_and_Agriculture)
* [fights gun control](https://www.alecexposed.org/wiki/Guns,_Prisons,_Crime,_and_Immigration)
* [fights healthcare](https://www.alecexposed.org/wiki/Health,_Pharmaceuticals,_and_Safety_Net_Programs)
* [fights immigration](https://www.alecexposed.org/wiki/Guns,_Prisons,_Crime,_and_Immigration)
* [fights worker's rights](https://www.alecexposed.org/wiki/Worker_Rights_and_Consumer_Rights)
* [fights consumer protections](https://www.alecexposed.org/wiki/Worker_Rights_and_Consumer_Rights)
* [fights public education](https://www.alecexposed.org/wiki/Privatizing_Public_Education,_Higher_Ed_Policy,_and_Teachers)
* fights women's rights
* fights voter rights ([supports voter suppression policy](https://www.alecexposed.org/wiki/Democracy,_Voter_Rights,_and_Federal_Power))
* [finances republicans](https://www.sourcewatch.org/index.php?title=ALEC_Civil_Justice_Task_Force#Politicians)
* supports the NRA
Countless companies were ALEC members historically, but most of them discontinued membership and renounced it likely to avoid boycott.
Companies that continue to renew their ALEC membership are right-wing die-hards unlikely to join team humanity. So they are blacklisted.
The OK hand sign (👌) indicates that the financial institution still today supports the above-mentioned right-wing agenda through ALEC membership.
## Why Tor-hostile FIs are blacklisted
Financial institutions that are aggressively Tor-hostile are automatically blacklisted.
<details>
<summary>Why brokerage access over Tor matters</summary>
<summary>Why access to banks, brokerages, and insurance companies over Tor matters</summary>
If Tor were used exclusively for anonymity, it would be useless in the
context of consumers accessing and controlling their financial
accounts. But that's not the case. Tor prevents your ISP from
@ -116,15 +97,15 @@ of consumers who will agree to anything without reading it, Trump
<a href="https://www.nbcnews.com/news/us-news/trump-signs-measure-let-isps-sell-your-data-without-consent-n742316">reversed</a>
Obama's policy in 2017 to render consumers completely powerless. Tor
is a free tool to protect from excessive disclosure of where your
assets are. Thus when a bank or brokerage blocks Tor, it prevents you
assets are. Thus when a financial institution blocks Tor, it prevents you
from taking basic self-defense measures. This trend undermines the
supplier-client relationship whereby we expect the supplier to serve
the customer's interest. It's not just anti-privacy, it's
anti-consumer.
anti-consumer.
Non-Tor users generally reveal their physical location to their bank
every time they login. If all banks didn't care where you reside,
this wouldn't be a problem. But some banks care more than others and
Non-Tor users generally reveal their physical location to their bank or insurance company
every time they login. If all banks and insurance companies didn't care where you reside,
this wouldn't be a problem. But some financial institutions care more than others and
beyond reason. Banks typically
[collect your IP address](https://web.archive.org/web/20201024203113/www.decorahbank.com/legal-information/privacy-policy)
and one bank even outright admits in their
@ -133,6 +114,9 @@ that they collect geolocation data from customers' IP addresses. For
nomads/world travelers banks can make their lives hell if their
profile doesn't seem to match up with their lifestyle. Some banks
will close an account if a customer moves out of their service area.
Insurance companies will question whether you're still eligible for
the policy you have, as they may want to raise your premiums or cancel
your policy if they suspect you're not where your policy is written.
If you want to take a job away from home for a year or two, Tor gives
you the necessary privacy to do that free of hassle and nannying.
</details>
@ -172,9 +156,21 @@ observation. In the context of banking and finance, this in turn
reduces your freedom of movement.
</details>
#### CloudFlare
The eye (👁) indicates that account access is restricted and exclusive to non-Tor users,
who must expose their IP address to the FI and who must expose their FI to their ISP.
Banks and brokerages that proxy their services through CloudFlare are
### Why IB is only graylisted despite Tor-hostility
InteractiveBrokers's trading platform supports proxies over Tor which makes it
possible to use Tor for trading. It's also possible to receive
statements and tax documents without using the website. So the
Tor-blocking website is not an obstical to routine operations.
Nonetheless, it's a considerable problem that initial registration and
configuration can't be done over Tor.
## Why FIs in CloudFlare's walled-garden are blacklisted
Financial institutions that proxy their services through CloudFlare are
blacklisted automatically for taking a profoundly stupid risk with
consumer's sensitive financial data. CloudFlare holds the SSL keys
for every connection and sees all the traffic including username and
@ -185,41 +181,124 @@ unacceptably high security risk of having a CloudFlare MitM, there are
countless [ethical problems](rap_sheets/cloudflare.md) with being an
enabler of CloudFlare.
#### Forced CAPTCHA (Betterment, Fundrise, and Wealthfront)
The storm cloud (🌩) indicates that account access is restricted and
exclusive per CloudFlare's will and customers who do get access are
forced to share sensitive transaction data with CloudFlare, Inc. (a
privacy abuser).
## Why some FIs that force CAPTCHAs are blacklisted
Banks and brokerages that force customers to solve an hCAPTCHA or a
Google reCAPTCHA are blacklisted automatically. Use of these two
forms of CAPTCHA have an excessive detrimental consequence on privacy
and human rights, which is outlined in the
Google reCAPTCHA are blacklisted automatically. Use of these two forms
of CAPTCHA have an excessive detrimental impact on privacy and human
rights, which is outlined in the
[CloudFlare rap sheet](rap_sheets/cloudflare.md).
#### Google Playstore (GPS) / Apple exclusivity (FUTU and Gatsby)
Other forms of CAPTCHA aren't so invasive and aren't cause for
blacklisting.
## Why FIs that impose Google Playstore (GPS) or Apple are blacklisted
Banks and brokerages that force customers to obtain software from
Google Playstore or Apple are blacklisted automatically. Most brokers
Google Playstore or Apple are blacklisted automatically. Most brokers
have web access or a desktop app, in which case the mobile app can be
disregarded because customers have a viable means to avoid the privacy
abusing walled gardens. But FUTU and Gatsby are a problem. Gatsby
has no means of access apart from the mobile app, and no APK is
available on their website or in f-droid.org, so Android users have no
choice but to buy mobile phone service, trust Google withe their phone
number, then also trust Google not to tell data brokers where you bank
and invest. FUTU has a desktop app but only for Mac or Windows, so
linux users and those who avoid non-free software are stuffed.
(Caveat: the FUTU Windows app has
abusing walled gardens.
FIs like FUTU and Gatsby are a problem. Gatsby has no means of access
apart from the mobile app, and no APK is available on their website or
in f-droid.org, so Android users have no choice but to buy mobile
phone service, trust Google with their phone number, then also trust
Google not to tell data brokers where you bank and invest. FUTU has a
desktop app but only for Mac or Windows, so linux users and those who
avoid non-free software are stuffed. (Caveat: the FUTU Windows app has
[not been tested on WINE](https://web.archive.org/web/20210206141122/https://www.winehq.org/search?q=futu)
or ReactOS)
#### Bad supply chains (Merrill Edge, TD Ameritrade, and Wellstrade)
## Why CISPA supporters are graylisted
Merrill Edge, TD Ameritrade, and Wellstrade all have ethically
controversial ownership. Merrill Edge and Wellstrade are simply owned
by extremely [evil banks](usa_banks.md). A large majority of TD
Ameritrade is owned by Charles Schwab. Schwab is not directly
involved in the highly controversial financing that other large banks
are, but Schwab outsources banking to PNC bank, which is quite evil.
The [Cyber Intelligence Sharing and Protection Act (CISPA)](https://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act)
was a bill to bypass the 4th amendment to promote a system of
unwarranted mass surveillance through information sharing between the
government and private sector. Congress blocked the bill, but it was
later reincarnated as CISA and it passed. Unlike ALEC lobbying, CISPA
was a one-off event far in the past, and over 800 companies supported
it. Since it does not necessarily reflect the company's recent stance
or influence, supporters are graylisted instead of blacklisted. They
should still be avoided in favor of a whitelisted competitor, but they
are considerably less evil than those that are blacklisted.
The spook (🕵) indicates that the financial institution lobbied for a
police surveillance state in favor of CISPA.
## Why FIs that force their staff to take a drug test are graylisted
Drug testing employees is an assault on the privacy and lifestyle of
employees and staff outside the workplace. In most cases involving
medicinal marijuana states, the drug test also harms the healthcare of
employees by intervening in doctors' prescriptions. Normally drug
testing would justify blacklisting, but the problem is so widespread
nationwide that the whitelist tends to be overly small. Drug testing
also does not do significant harm to consumers, so companies that drug
test are graylisted.
The test tube (🧪) indicates that the financial institution abuses
their staff through forced drug testing.
## Why Amazon and Google-hosted FIs are graylisted
Amazon is behind [countless evils](rap_sheets/amazon.md). It's
paramount to boycott Amazon for anyone who cares about human rights,
privacy, or the environment. Amazon also has had several data
breaches-- Capital One, Juspay, Swiggy, etc., so it's a bad idea to
trust custodians who use AWS with the security of your money. Google
is also evil. Not the degree of evil that Amazon has achieved, but
Google is in the fossil fuel business among other evils. Google is
also a central tech giant which (like Amazon) serves as a central
point of surveillance and also carries the risks of having a huge
number of insiders who can abuse the data. The size of the Amazon and
Google datacenters also makes them a likely target for outside hackers
due to the high rewards of compromise.
Akamai is not known to have a significant history of wrongdoing on the
scale of Amazon or Google. There is cause for concern in terms of
security though because it's large enough to serve as a central
monitoring point where breaches and compromise is still considerable.
Akamai-hosted financial institutions are not graylisted for that
reason alone. In the end, you're the judge.
Financial institutions hosted on GAFAM (Google Amazon Facebook Apple
Microsoft) are graylisted. The wrongdoing is indirect and in the end
taking a security risk doesn't necessarily lead to a breach. Of
course it's still ethically favorable to choose a whitelisted
financial institution if possible.
## Why FIs that outsource to Equifax are graylisted
Equifax is the most reckless of all four credit bureaus with sensitive
credit data. A data breach of sensitive consumer records to the tune
of ~150 million Americans was leaked as a result of reckless security
procedures. The lawsuit yielded a disproportionately tiny settlement
by which most Americans were not compensated, even though they never
consented to Equifax collecting the data to begin with. Of those who
received compensation, most did not receive cash, but rather credit
protection service which ultimately feeds more money back into the
credit bureaus.
## An FI is only as good as its supply chain and ownership
Financial institutions like Merrill Edge, TD Ameritrade, and
Wellstrade have ethically controversial ownership. Merrill Edge and
Wellstrade are simply owned by extremely [evil banks](usa_banks.md).
A large majority of TD Ameritrade is owned by Charles Schwab. Schwab
is not directly involved in the highly controversial financing that
other large banks are, but Schwab outsources banking to PNC bank,
which is quite evil.
It's important for ethical consumption to consider the whole supply
chain to the extent of your awareness. When consuming a product or
service you're not just feeding the immediate customer-facing
business.
We track both the supply chain and ownership. We will not give a
subsidiary a higher rating than its parent.

173
usa_insurance_companies.md
View File

@ -1,4 +1,7 @@
# Whitelist
# Directory of US-based insurers
## Whitelist
The following insurers have no significant ethical issues:
| *insurer* | *ALEC member* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|---|
@ -7,7 +10,9 @@
|N&D Group|n|n|n|n|n|no website, only an access-restricted Facebook page|
|[The General](https://thegeneral.com)|n|n|n|n|n|parent: American Family Insurance; only writes auto policies; certified as [Great Place to Work](https://www.greatplacetowork.com/certified-company/7003720)|
# Graylist
## Graylist
These insurers would normally be blacklisted, but due to the short whitelist they are set aside as a less evil compromise to those blacklisted. They should still be avoided if possible.
| *insurer* | *ALEC member* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|---|
@ -24,7 +29,9 @@
|[Shelter Insurance](https://web.archive.org/web/shelterinsurance.com)|n|n|n|n|🧪|CloudFlare name server is used, which means they can trivially flip a switch to become a CF site.|
|[Stewart Information Services Corporation](https://www.stewart.com/en.html)|n|n|n|n|🧪|**Amazon AWS-hosted**|
# Blacklist
## Blacklist
These insurers have severe ethical or trust issues and should be boycotted:
| *insurer* | *ALEC member* | *Tor-hostile* | *sensitive info exposed to CloudFlare* | *supported CISPA* | *forced drug testing of staff* | *notes* |
|---|---|---|---|---|---|---|
@ -82,7 +89,7 @@ Companies that continue to renew their ALEC membership are right-wing die-hards
The OK hand sign (👌) indicates that the financial institution still today supports the above-mentioned right-wing agenda through ALEC membership.
# Why Tor-hostile FIs are blacklisted
## Why Tor-hostile FIs are blacklisted
Financial institutions that are aggressively Tor-hostile are automatically blacklisted.
@ -161,7 +168,16 @@ reduces your freedom of movement.
The eye (👁) indicates that account access is restricted and exclusive to non-Tor users,
who must expose their IP address to the FI and who must expose their FI to their ISP.
# Why FIs in CloudFlare's walled-garden are blacklisted
### Why IB is only graylisted despite Tor-hostility
InteractiveBrokers's trading platform supports proxies over Tor which makes it
possible to use Tor for trading. It's also possible to receive
statements and tax documents without using the website. So the
Tor-blocking website is not an obstical to routine operations.
Nonetheless, it's a considerable problem that initial registration and
configuration can't be done over Tor.
## Why FIs in CloudFlare's walled-garden are blacklisted
Financial institutions that proxy their services through CloudFlare are
blacklisted automatically for taking a profoundly stupid risk with
@ -174,51 +190,124 @@ unacceptably high security risk of having a CloudFlare MitM, there are
countless [ethical problems](rap_sheets/cloudflare.md) with being an
enabler of CloudFlare.
The storm cloud (🌩) indicates that account access is restricted and exclusive per CloudFlare's will and customers who do get access are forced to share sensitive transaction data with CloudFlare, Inc. (a privacy abuser).
The storm cloud (🌩) indicates that account access is restricted and
exclusive per CloudFlare's will and customers who do get access are
forced to share sensitive transaction data with CloudFlare, Inc. (a
privacy abuser).
# Why CISPA supporters are graylisted
## Why some FIs that force CAPTCHAs are blacklisted
Banks and brokerages that force customers to solve an hCAPTCHA or a
Google reCAPTCHA are blacklisted automatically. Use of these two forms
of CAPTCHA have an excessive detrimental impact on privacy and human
rights, which is outlined in the
[CloudFlare rap sheet](rap_sheets/cloudflare.md).
Other forms of CAPTCHA aren't so invasive and aren't cause for
blacklisting.
## Why FIs that impose Google Playstore (GPS) or Apple are blacklisted
Banks and brokerages that force customers to obtain software from
Google Playstore or Apple are blacklisted automatically. Most brokers
have web access or a desktop app, in which case the mobile app can be
disregarded because customers have a viable means to avoid the privacy
abusing walled gardens.
FIs like FUTU and Gatsby are a problem. Gatsby has no means of access
apart from the mobile app, and no APK is available on their website or
in f-droid.org, so Android users have no choice but to buy mobile
phone service, trust Google with their phone number, then also trust
Google not to tell data brokers where you bank and invest. FUTU has a
desktop app but only for Mac or Windows, so linux users and those who
avoid non-free software are stuffed. (Caveat: the FUTU Windows app has
[not been tested on WINE](https://web.archive.org/web/20210206141122/https://www.winehq.org/search?q=futu)
or ReactOS)
## Why CISPA supporters are graylisted
The [Cyber Intelligence Sharing and Protection Act (CISPA)](https://en.wikipedia.org/wiki/Cyber_Intelligence_Sharing_and_Protection_Act)
was a bill to bypass the 4^(th) amendment to promote a system of unwarranted
mass surveillance through information sharing between the government and private sector.
Congress blocked the bill, but it was later reincarnated as CISA and it passed.
Unlike ALEC lobbying, CISPA was a one-off event far in the past, and over 800 companies supported it.
Since it does not necessarily reflect the company's recent stance or influence,
supporters are graylisted instead of blacklisted. They should still be avoided in
favor of a whitelisted competitor, but they are considerably less evil than those that are blacklisted.
was a bill to bypass the 4th amendment to promote a system of
unwarranted mass surveillance through information sharing between the
government and private sector. Congress blocked the bill, but it was
later reincarnated as CISA and it passed. Unlike ALEC lobbying, CISPA
was a one-off event far in the past, and over 800 companies supported
it. Since it does not necessarily reflect the company's recent stance
or influence, supporters are graylisted instead of blacklisted. They
should still be avoided in favor of a whitelisted competitor, but they
are considerably less evil than those that are blacklisted.
The spook (🕵) indicates that the financial institution lobbied for a police surveillance state in favor of CISPA.
The spook (🕵) indicates that the financial institution lobbied for a
police surveillance state in favor of CISPA.
# Why FIs that force their staff to take a drug test are graylisted
## Why FIs that force their staff to take a drug test are graylisted
Drug testing employees is an assault on the privacy and lifestyle of employees and staff outside the workplace.
In most cases involving medicinal marijuana states, the drug test also harms the healthcare of employees by
intervening in doctors' prescriptions. Normally drug testing would justify blacklisting, but the problem is so
widespread nationwide that the whitelist tends to be overly small. Drug testing also does not do significant
harm to consumers, so companies that drug test are graylisted.
Drug testing employees is an assault on the privacy and lifestyle of
employees and staff outside the workplace. In most cases involving
medicinal marijuana states, the drug test also harms the healthcare of
employees by intervening in doctors' prescriptions. Normally drug
testing would justify blacklisting, but the problem is so widespread
nationwide that the whitelist tends to be overly small. Drug testing
also does not do significant harm to consumers, so companies that drug
test are graylisted.
The test tube (🧪) indicates that the financial institution abuses their staff through forced drug testing.
The test tube (🧪) indicates that the financial institution abuses
their staff through forced drug testing.
# Why Amazon and Google-hosted FIs are graylisted
## Why Amazon and Google-hosted FIs are graylisted
Amazon is behind [countless evils](rap_sheets/amazon.md). It's paramount to boycott
Amazon for anyone who cares about human rights, privacy, or the
environment. Amazon also has had several data breaches-- Capital One,
Juspay, Swiggy, etc., so it's a bad idea to trust custodians who use
AWS with the security of your money. Google is also evil. Not the degree of evil
that Amazon has achieved, but Google is in the fossil fuel business among
other evils. Google is also a central tech giant which (like Amazon) serves
as a central point of surveillance and also carries the risks of having
a huge number of insiders who can abuse the data. The size of the Amazon and Google
datacenters also makes them a likely target for outside hackers due to the high
rewards of compromise.
Amazon is behind [countless evils](rap_sheets/amazon.md). It's
paramount to boycott Amazon for anyone who cares about human rights,
privacy, or the environment. Amazon also has had several data
breaches-- Capital One, Juspay, Swiggy, etc., so it's a bad idea to
trust custodians who use AWS with the security of your money. Google
is also evil. Not the degree of evil that Amazon has achieved, but
Google is in the fossil fuel business among other evils. Google is
also a central tech giant which (like Amazon) serves as a central
point of surveillance and also carries the risks of having a huge
number of insiders who can abuse the data. The size of the Amazon and
Google datacenters also makes them a likely target for outside hackers
due to the high rewards of compromise.
Akamai is not known to have a significant history of wrongdoing on the scale of Amazon or Google.
There is cause for concern in terms of security though because it's large enough to serve as a
central monitoring point where breaches and compromise is still considerable.
Akamai-hosted financial institutions are not graylisted for that reason alone.
In the end, you're the judge.
Akamai is not known to have a significant history of wrongdoing on the
scale of Amazon or Google. There is cause for concern in terms of
security though because it's large enough to serve as a central
monitoring point where breaches and compromise is still considerable.
Akamai-hosted financial institutions are not graylisted for that
reason alone. In the end, you're the judge.
Financial institutions hosted on GAFAM (Google Amazon Facebook Apple Microsoft) are graylisted.
The wrongdoing is indirect and in the end taking a security risk doesn't necessarily lead to a breach.
Of course it's still ethically favorable to choose a whitelisted financial institution if possible.
Financial institutions hosted on GAFAM (Google Amazon Facebook Apple
Microsoft) are graylisted. The wrongdoing is indirect and in the end
taking a security risk doesn't necessarily lead to a breach. Of
course it's still ethically favorable to choose a whitelisted
financial institution if possible.
## Why FIs that outsource to Equifax are graylisted
Equifax is the most reckless of all four credit bureaus with sensitive
credit data. A data breach of sensitive consumer records to the tune
of ~150 million Americans was leaked as a result of reckless security
procedures. The lawsuit yielded a disproportionately tiny settlement
by which most Americans were not compensated, even though they never
consented to Equifax collecting the data to begin with. Of those who
received compensation, most did not receive cash, but rather credit
protection service which ultimately feeds more money back into the
credit bureaus.
## An FI is only as good as its supply chain and ownership
Financial institutions like Merrill Edge, TD Ameritrade, and
Wellstrade have ethically controversial ownership. Merrill Edge and
Wellstrade are simply owned by extremely [evil banks](usa_banks.md).
A large majority of TD Ameritrade is owned by Charles Schwab. Schwab
is not directly involved in the highly controversial financing that
other large banks are, but Schwab outsources banking to PNC bank,
which is quite evil.
It's important for ethical consumption to consider the whole supply
chain to the extent of your awareness. When consuming a product or
service you're not just feeding the immediate customer-facing
business.
We track both the supply chain and ownership. We will not give a
subsidiary a higher rating than its parent.