Privacy stuff
Pages 112
- Home
- 2014 07 22: µBlock and others: Blocking ads, trackers, malwares
- About "This other extension reports more stuff blocked!"
- About that CSS selector with "www.faceporn.net" in it...
- About the required permissions
- About this "your software" mindset
- Advanced settings
- Advanced user features
- Badware risks
- Behind the scene network requests
- Block more, way more
- Blocking mode
- Blocking mode: easy mode
- Blocking mode: hard mode
- Blocking mode: medium mode
- Blocking mode: nightmare mode
- Blocking mode: very easy mode
- Can you trust uBlock?
- Change log
- Cloud storage
- Compare: Memory footprint: what happens inside µBlock after installation
- Contributed memory usage: benchmarks over time
- Cosmetic filtering in µBlock: version 0.4.0.0 update
- Counterarguments
- Dashboard
- Dashboard: 3rd party filters
- Dashboard: Settings
- Dashboard: Whitelist
- Deploying uBlock Origin
- Disable hyperlink auditing beacon
- Does uBlock block ads or just hide them?
- Does µBlock block ads or just hide them?
- Does µBlock blocks ads or just hide them?
- Doesn't uBlock Origin add overhead to page load?
- DOM inspector
- Dynamic filtering
- Dynamic filtering examples
- Dynamic filtering (obsolete, need revision)
- Dynamic filtering: Benefits of blocking 3rd party iframe tags
- Dynamic filtering: Benefits of blocking 3rd party script and iframe tags
- Dynamic filtering: default deny
- Dynamic filtering: default deny: useful rulesets
- Dynamic filtering: disabling cosmetic filtering for the current site
- Dynamic filtering: Examples of usefulness of blocking 3rd party iframe tags
- Dynamic filtering: precedence
- Dynamic filtering: quick guide
- Dynamic filtering: rule syntax
- Dynamic filtering: to easily reduce privacy exposure
- Dynamic filtering: turn off uBlock everywhere
- Dynamic filtering: turn off uBlock everywhere except
- Dynamic filtering: turn off µBlock everywhere
- Dynamic filtering: Usefulness of blocking 1st party script tags
- Dynamic filtering: Usefulness of blocking inline script tags
- Dynamic URL filtering
- Element picker
- Experimental features
- Experimental filters
- FAQ
- Filter list licenses
- Filter lists from around the web
- Filter lists: gorhill
- Filter syntax extensions
- Firefox version: benchmarking memory footprint
- Firefox version: benchmarking memory footprint (2015 03 07)
- How to ...
- How to whitelist a web site
- Inline script tag filtering
- Launch and filter lists load performance
- Maintainership transfer of uBlock: post mortem
- Manually editing per site switches
- Memory footprint: what happens inside uBlock after installation
- Memory footprint: what happens inside µBlock after installation
- My answers to web store reviews where appropriate
- Myth: uBlock consumes over 80MB
- Myth: uBlock is just slightly less resource intensive than Adblock Plus
- Myth: µBlock consumes over 80MB
- Myth: µBlock is just slightly less resource intensive than Adblock Plus
- Notes on media coverage of uBlock Origin
- Notes on memory benchmarks, selfies
- Overview of uBlock's network filtering engine
- Overview of uBlock's network filtering engine: details
- Own memory usage: benchmarks over time
- Per site switches
- Prevent WebRTC from leaking local IP address
- Privacy policy
- Privacy stuff
- Procedural cosmetic filters
- Quick guide: popup user interface
- Reference benchmark
- Regular expression based filters
- Software known to have uninstalled uBlock Origin
- Static filter syntax
- Strict blocking
- Technical inaccuracies from around the web
- The logger
- The network request logger
- Tips and tricks waterfall
- Tools
- Tricks and tips
- Troubleshooting
- Tutorial: how to unbreak a site using the dynamic filtering pane
- uBlock and others: Blocking ads, trackers, malwares
- uBlock vs. ABP: efficiency compared
- Various videos showing side by side comparison of the load speed of complex sites
- What uBlock can and can not (currently) do
- What µBlock can and can not (currently) do
- Who care about efficiency, I have 8 GB and|or a quad core CPU
- Who cares about efficiency, I have 8 GB and|or a quad core CPU
- Why don't you accept donations?
- µBlock and others: Blocking ads, trackers, malwares
- µBlock version 0.8.5: many changes
- µBlock vs. ABP: efficiency compared
- Show 97 more pages…
Intro
If you really care very much about your privacy (not being tracked, data mined, etc.), uBlock is a crutch (a good one though), even with EasyPrivacy enabled (this is true for any "ad blocker"). If you want more than a good crutch, HTTP Switchboard is the way to go: it gives you full disclosure and full control of what web pages do.
Settings
Unlike HTTP Switchboard, uBlock can't foil cookie headers. For privacy-minded users it is strongly suggested to...
- Enable "Block third-party cookies and site data" in "Content settings" / "Cookies".
- It works very well: see "Outbound cookies" in this benchmark results.
- But this may break some sites. For instance, you won't be able to enter comments on Youtube.
- Useful to know: the block also applies to local storages, not just cookies.
- Enable "Click to play" in "Content settings" / "Plug-ins".
- Disable "Predict network actions to improve page load performance", as this causes DNS queries to be made even for blocked network requests (see issue #232).
Command line switches
These command line switches might be of interest to privacy-minded users:
-
--disable-component-extensions-with-background-pages- "Disable default component extensions with background pages" (ref)
- This seems to prevent Hangout Services to be launched by the browser as a background process. Even in Chromium there is such a process launched even if you do not use Google's Hangout.
- With other Chromium-based browsers, maybe more stuff would be disabled, you decide whether this is good or bad.
-
--disable-background-networking- "Disable several subsystems which run network requests in the background" (ref)
- [add more switch of interests whenever new ones are found]
Another powerful command line switch is:
-
--host-rules="MAP *.google-analytics.com 0.0.0.0","MAP *.googleadservices.com 0.0.0.0","MAP *.doubleclick.net 0.0.0.0","MAP *.googletagservices.com 0.0.0.0"- This switch maps those hostnames (or any other ones) to the IP address 0.0.0.0 (ref) and hence blocks them effectively (even on the Chrome webstore where extensions like uBlock are disabled).
- However, note that blocking those hostnames with that switch might break some websites. That's why blocking them with HTTP Switchboard is preferable since you can whitelist them as exceptions for those websites which won't work without them. Alternatively, you could use the
importantfilter option mentioned below.
Regarding EasyPrivacy
In case you were not aware, using EasyPrivacy doesn't protect completely against Google Analytics. So if you were using Adblock Plus with EasyPrivacy (as recommended by the EFF), you might have thought you were protected against Google Analytics. This is not necessarily the case.
If you are using uBlock, it protects you more against Google Analytics out of the box -- via "Peter Lowe's Ad server" list. Yet, given that an exception filter may exist somewhere in one of the many lists, blocking Google Analytics (or similarly ubiquitous hostnames) is not possible with preset filter lists.
Overriding exception filters
However, in uBlock 0.5.5.0 a new filter option important was introduced with the consequence that corresponding exception rules are ignored. Example: Adding
||google-analytics.com^$important
to "Your filters" blocks Google Analytics regardless of existing exception rules. You can restrict this rule to specific domains like
||google-analytics.com^$important,domain=example1.com|example2.com
Or to all third-parties:
||facebook.com^$important,third-party
||linkedin.com^$important,third-party
Twitter widget
It's unclear why this one is not blocked by Fanboy Annoyance, as the list already blocks many other twitter widget-related stuff. So if you use above list, you may want to add the following to your filters:
||platform.twitter.com/widgets.js$third-party
Gravatar (et al)
Each time you visit a site which pull cute little avatar images aside (typically) a commenter's name, there is a corresponding request to Gravatar's web site, and the HTTP referer header contains the site you are visiting. The tracking potential is too much for me, so I block all these requests:
||gravatar.com^$third-party
It's unclear if, and how much this breaks things. But will prevent your browsing habits to be disclosed to gravatar.com. We can live without these cute thumbnails, can't we?
But this applies to any domain which is ubiquitous enough, gravatar.com is just one example among so many.
To deal with this easily, HTTP Switchboard is the best tool, as to blacklist a ubiquitous domain with 100% certainty is simply a matter of point and click.

