Ghostery or Do not track on Abrowser

24 replies [Last post]
Mr. Boat
Offline
Joined: 01/13/2013

On Windows, I use to use (lol, sorry for my English) some Firefox plug-ins like Ghostery or Do not track. I supposed I would find this type of plug-in on Abrowser, but I didn't.

There is some kind of plug-in like these but 100% free?

lembas
Offline
Joined: 05/13/2010

The do not track header is built into Abrowser since version 9. You can toggle it in prefs > privacy or in about:config.

I use NoScript and Adblock Plus to get rid of the nasties.

Mr. Boat
Offline
Joined: 01/13/2013

Yeah, but I was talking about Avine's Do not track Firefox extension.

Thanks anyway!

lembas
Offline
Joined: 05/13/2010

Aha! :)

You don't need an extension to block cookies.

NoScript doesn't have as fancy graphics but it sure does the job.

Using Failbook is a horrible idea regardless of any extensions, just don't go there.

Horgeon
Offline
Joined: 03/29/2011

Ghostery is proprietary software:

/* 2. DESCRIPTION OF OTHER RIGHTS AND LIMITATIONS.
(a) You must not remove or alter any copyright notices on any and all copies of Ghostery.
(b) You may not distribute Ghostery to third parties, except by directing them to download from Ghostery.com or an officially licensed browser add-on or extension gallery.
(c) You may not disassemble or reverse engineer Ghostery for any purpose other than reviewing the code for personal edification.
(d) We don't charge for Ghostery, and neither can you. You may not rent, lease, or lend Ghostery.
(e) Ghostery may provide you with support services, and any supplemental software code provided to you as part of those services shall be considered part of Ghostery and subject to the terms and conditions of this EULA.
(f) You must comply with all applicable laws regarding use of Ghostery. */

Abine probably is too.

A good non-intrusive and free privacy solution is the Disconnect set ( disconnect.me )

csolisr
Offline
Joined: 08/12/2012

My personal favorite replacement to Ghostery is ShareMeNot (http://sharemenot.cs.washington.edu/). Free software, blocks many major social network trackers, and those can be unlocked on demand if you really need to.

Mr. Boat
Offline
Joined: 01/13/2013

Well, thank you guys, but I think that in this case there is no a real Free Software alternative. I mean, I don't know how far NoScript can go, but it's not for all users, and for me neither. It requires some previous knowledge. And Disconnect, as beef taco and so on, yeah, they are good, but they won't block all the trackers Ghostery blocks.

Google and Facebook are not the exclusive bad guys of the internet, tere are a lot more. Pretty sad I don't know anything about programming, would be cool a 100% free alternative to these anti-tracker extensions.

Christianity
Offline
Joined: 10/09/2012

I was looking for a ghostery alternative as well when I started using Trisquel a few months ago. I now follow the guide the EFF gives on how to stop tracking:

https://www.eff.org/deeplinks/2012/04/4-simple-changes-protect-your-privacy-online

except that I've been using the adblock edge fork over adblock plus.

https://addons.mozilla.org/en-US/firefox/addon/adblock-edge/

Hope this helps!

Mr. Boat
Offline
Joined: 01/13/2013

Thanks man, already done it.

I'll stay like this for some time, and let's see if collision gets something.

By the way, before Trisquel I also used "Better Privacy", that removes supercookies and flash cookies after closing the browser, any alternative to this?

lembas
Offline
Joined: 05/13/2010

One way would be to write a wrapper script to your browser which would clear /home/`whoami`/gnu/.gnash/SharedObjects/

The battle for privacy in a web browser is very hard. But very much worth fighting. Some of the threats include

https://en.wikipedia.org/wiki/Evercookie
https://en.wikipedia.org/wiki/Device_fingerprint

EDIT: Looks like here's something on Gnash handling of LSO/SOLs
http://wiki.gnashdev.org/Actionscript/SharedObject

GustavoCM

I am a member!

Offline
Joined: 11/20/2012

I always recommend RequestPolicy -- https://www.requestpolicy.com/ -- for controlling cross-site requisitions. I started using it after throwing the non-free Ghostery away, and I found out it is even better; it blocks those requisitions and is GPLv3. I don't remember if Ghostery did more stuff than that.

RP's future versions will have support for, let's say, "complex listing", so one (or many people) could make lists of "privacy offenders".

I choose to block every requisition by default (it comes with predefinitions for widely-used websites), accepting only the ones I really want. I mostly only read things, so without advertising and tracking I am mostly happy :-)

It could disturb financial transactions if improperly configured; be aware. It's wise it to disable requisitions blocking the first time you buy something with it, keeping an eye in the Requests List so you can add the needed requests to whitelist. But remember: if webmasters change things later, you can fall victim of unawareness.

(edit: removing accidental pasting of same text)

Christianity
Offline
Joined: 10/09/2012

I tried requestpolicy for a while, and I found often it took some experimenting to get things to work right here and there. It may be the safest option, but (at least for a naive user like me) it was too much work, and I would also accidentally let the wrong requests through sometimes when toying with it. If you have it working great though, then more power to you.

andrew
Offline
Joined: 04/19/2012

> On Windows, I use to use (lol, sorry for my English) some Firefox plug-ins like Ghostery or Do not track. I supposed I would find this type of plug-in on Abrowser, but I didn't.

I prefer to disable cookies on my default browser. Any sites that require identification to post (like Trisquel) I use a separate browser (or profile[1]). The cookie-enabled browser is set to private browsing, so after a short session all of the cookies are cleared.

You could also use a cookie whitelist (uncheck the cookies option, then individually allow sites in the FF options).

> Google and Facebook are not the exclusive bad guys of the internet, tere are a lot more. Pretty sad I don't know anything about programming, would be cool a 100% free alternative to these anti-tracker extensions.

Not sure that blacklists are the most effective approach in the long run; it is like a cat-and-mouse game. Extensions that block tracking cookies on any given site are a better approach.

PS. I think the GNU IceCat project is interested in developing extensions that give users more freedom and privacy. JS code monkeys should contact them if interested in helping. They already have a few extensions, although I don't know a lot about them.

1: http://kb.mozillazine.org/Profile_Manager#Profile_Manager_shortcut

andrew
Offline
Joined: 04/19/2012
lembas
Offline
Joined: 05/13/2010

>You could also use a cookie whitelist (uncheck the cookies option, then individually allow sites in the FF options).

This is what I do and I couldn't agree more about white and black lists.

GustavoCM

I am a member!

Offline
Joined: 11/20/2012

The extension Cookie Monster (MPL v1.1) provides a more accessible and sophisticated cookie control: https://addons.mozilla.org/firefox/addon/cookie-monster/

"Cookie Monster provides proactive cookie management on a site or domain level basis, including 3rd party cookies. Via the status bar, it provides easy access to enhanced cookie functionality, while doing so in a non-intrusive manner."

I disable all cookies by default and use Cookie Monster to control the ones I accept; 99% percent of these are session cookies, eliminated when I close the browser.

Additionally, NoScript allows automatic encryption of cookies (I think only in HTTPS connections): NoScript Options > Advanced > HTTPS > Cookies.

Horgeon
Offline
Joined: 03/29/2011

Bumping this today to promote Privoxy [ http://www.privoxy.org/ ] (it's in the repos)

This will replace most of your addons if you configure it right, and speed up page loading.

wolftune
Offline
Joined: 12/23/2012

Neat, but looks complex to set up. Also, without subscribable lists like Adblock Plus has, it won't be anywhere near as effective and accurate.

Finally, I'm not convinced that this is a full answer, mostly because I don't really understand it.

I've personally now taken to using Adblock and NoScript and Ghostery all at once. Ghostery is non-free, I know, but I'm not convinced that I get the same results any other way, and they seem to be an honorable organization otherwise. NoScript blocks most things, but sometimes I whitelist a page for scripting I want, and then I find that Ghostery still blocks some of the scripts, and the result is a better functioning page but I still keep my privacy. I'm into FLOSS enough to be interested in Trisquel, but I still believe that there is room for discretion in any particular case to figure out what is the best thing to do.

Horgeon
Offline
Joined: 03/29/2011

It is actually really simple. Take for instance this page from ubuntu help: https://help.ubuntu.com/community/Privoxy

This will give you the default configuration. You can see a complete list of rules with explanation at /etc/privoxy/default.action (do not edit that file), and you add your rules to match-all.action in the same folder (edit this one). You can also add websites to block at user.action. Look at this section of the ArchWiki page: https://wiki.archlinux.org/index.php/Privoxy#Ad_Blocking_with_Privoxy

EDIT: user.action not filter

lembas
Offline
Joined: 05/13/2010

Ghostery is redundant there. While NoScript will allow blocking by domain, you can use Adblock Plus to block single unwanted scripts.

freeme
Offline
Joined: 10/10/2012

"Also, without subscribable lists like Adblock Plus has, it won't be anywhere near as effective and accurate.

Finally, I'm not convinced that this is a full answer, mostly because I don't really understand it."

Privoxy has a very long history. It was originally known as the JunkBuster proxy. Instead of using lists which must be updated, it uses pattern matching to block ads based on patterns, known click trackers and advertisers, etc. In other words, all of these newfangled methods you wish to use, were done, finished and complete in Privoxy, long before AdBlock Plus was created. This is why there is no need to update block lists with Privoxy, the patterns used to block ads have been developed and expanded for years at this point. This is why I haven't seen ads on the internet for over a decade.

With Privoxy, Ghostery isn't necessary either, since Privoxy also blocks web bugs & click trackers. If you are looking for adblocking, as well as increased privacy, your best bet is to chain Privoxy to Tor. This will block ads, while also hiding your IP address while on the internet. The speed of surfing via Tor has increased dramatically since the EFF's campaign to expand relays.

G4JC
Offline
Joined: 03/11/2012

There are multiple reasons not to use ghostery, besides the fact it is non-free, they too began tracking users.
I blogged about this a few years back...
http://proxy.opennicproject.org/proxy.php?q=http%3A%2F%2Fwww.g4jc.geek%2Fwordpress%2F2010%2F09%2Fthe-epic-failure-of-ghostery%2F

Here's some extensions which make your computer much more powerful than just using Ghostery by far -
* NoScript
* RequestPolicy
* Adblock Edge
* Cookie Controller
* HTTPSEverywhere
Cookie Controller is basically cookie buttons for your browser, they allow you to do things like disable DOM (evercookies) and block all cookies so you can allow session cookies on per-site basis.

Other addons to consider, even though they break a few sites:
* LibreJS
* FireGloves or MaskingAgent
* CleanLinks or gprivacy
* RefControl
* HTTPSFinder
* OverbiteFF (not for the normal WWW, but gopher protocol doesn't have cookies and is spam free) :D

And lastly don't forget the obvious. Networks track you too.

* OpenNIC DNS - (where my blog domain is now) gives a lot more freedom. Try it out! http://useopennic.org/

* TOR or FoxyProxy for casual browsing, you can't actually post anything since it gets you blocked on most sites. :P

oysterboy

I am a member!

I am a translator!

Offline
Joined: 02/01/2011

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 2013-02-23 12:12, name at domain a écrit :
> There are multiple reasons not to use ghostery,

Thanks for the very helpful list! I always install NoScript+Adblock
Plus+HTTPS Everywhere. Will take a look at the other ones.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJRKSFzAAoJEIPOvYLpp5MJH+8IAIIcsewxKpmt/XYtDLXtQXWx
M7hIg/r3Fj3zFl0ufkeD9taDfyeOQIiQLJ1Q/nMKfSKSp6WvZ/2DoEGh+l9wyzXx
P1XUvnZImi3GPPpNkTFkGs6ANvz9N4j6w15UEOXC4UDnyeNowaP0JBd1vpH9CDC/
C3FIb6qI544h0wsHeD43GaNCym2ivYNbR4Z42tW7MI2AId9IpVLX9hrJprsa9I1E
Cg7wDmY6rQr4tWDelq/Xsh2PJVGX3FGo0OLLE1kX+zjx9CuhJwExL1B4zuFHgQlG
NcPfSVQmCPioDMPmy7hn6YCtyG5PL/k4eIn9BG3b1S3LFeqevRQg+EVVBYC5lS4=
=6aIH
-----END PGP SIGNATURE-----

GustavoCM

I am a member!

Offline
Joined: 11/20/2012

Thanks, G4JC! I used Cookie Monster, which is somewhat old, and changed to Cookie Controller, which is better and newer.

I couldn't follow that link through OpenNic; the following worked, though: http://proxy.opennicproject.org/proxy.php?q=www.g4jc.geek%2Fwordpress%2F2010%2F09%2Fthe-epic-failure-of-ghostery%2F&hl=3e5 (without the "hl" parameter it doesn't work here -- I have no idea why; I never used OpenNic before).

By "gprivacy" you meant "Google Privacy", right? https://addons.mozilla.org/firefox/addon/google-privacy/

FireGloves was discontinued, unfortunately (see "About this add-on").

Thanks for the Clean Links tip! I will use that.

G4JC
Offline
Joined: 03/11/2012

Right, when I found the extension on google code it was called GPrivacy - https://code.google.com/p/gprivacy/

I noticed that about FireGloves too, very sad. It's the only protection against Panopticlick-style finger printing attacks. Anyways the addon still works (for now).