What is the default blacklist? Is it documented anywhere? What is the intended approach to having a good default blacklist?
Per the source, https://github.com/WorldBrain/Memex/blob/master/src/blacklist/background/constants.js, it seems that only 'https?://localhost', 'google.\\w+/maps' are in the default list which is also confirmed when I check the extension settings.
Shouldn't bank sites and other financially sensitive sites be on the default as well?