Jump to content

Search the Community

Showing results for tags 'anti-tracking'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 6 results

  1. Firefox gets next-gen anti-tracking defense, stymies 'bounce' trackers Mozilla is rolling out a new defense against advanced tracking tactics in Firefox 79; users should get it during the next few weeks. HAKINMHAN / Getty Images Mozilla today announced a new defense against advanced tracking tactics that it will be switching on in Firefox 79 starting immediately and pushing out to the remaining user base during the next few weeks. Calling the improved technologies and techniques Enhanced Tracking Protection 2.0 – Mozilla said that ETP 2.0's primary job is to block redirect tracking, also known as bounce tracking. Trackers have been exploiting a loophole of sorts to continue following users browsing with Firefox, which enabled its first-generation ETP by default in June 2019. ETP takes a hands-off approach for first-party cookies – those tied to the site being browsed – because to do otherwise would break many of those websites or require users to, say, log in each time they returned. Trackers exploited that. "Redirect tracking takes advantage of this to circumvent third-party cookie blocking," Steven Englehardt, a Mozilla privacy engineer, said in an Aug. 4 post to a company blog. To do so, those practicing redirect or bounce tracking force users to "make an imperceptible and momentary stopover to their website" so that their trackers can be loaded as first-party and thus have their cookies stored by Firefox (for later reuse, as first-party cookies are). The redirect or bounce tracker than sends the user on to the latter's destination website, now burdened with identifiers following them and reporting back to the first-party cookies. Mozilla In redirect or bounce tracking, the first website – a review site – briefly sends the browser to the redirect tracker to score a first-party cookie. The redirect tracker then sends the browser on to the user's destination, in this case a retail site. Tracking accomplished. To short-circuit this trickery, Firefox's ETP 2.0 regularly scrubs the browser of cookies and other site-specific data stored by known trackers. "This prevents redirect trackers from being able to build a long-term profile of your activity," Englehardt wrote. ETP 2.0 doesn't completely stop bounce tracking, as the cookies survive between ETP 2.0's house cleanings. The interval between cleanings will be at least 24 hours, and if the browser is active throughout (as unlikely as that may be), up to and beyond 48 hours, because cookie and other site data storage will be cleared only when the browser is idle, according to a technical description of the new defense. ETP 2.0 is also supposed to steer clear of cookies tied to legitimate services, even if those cookies are served by trackers (another dodge by these web bloodhounds). Instead, Firefox will leave cookies be if the user has interacted with the site in the past 45 days, even if those cookies are used to conduct tracking. "This way you don't lose the benefits of the cookies that keep you logged in on sites you frequent, and you don't open yourself up to being tracked indefinitely based on a site you've visited once," said Selena Deckelmann, vice president of Firefox desktop, in a different blog post. Firefox 79, which Mozilla released a week ago, can be downloaded from here for Windows, macOS and Linux. Firefox gets next-gen anti-tracking defense, stymies 'bounce' trackers
  2. Safari to ape Firefox, go all-in on anti-tracking The WebKit team has unveiled a new Tracking Prevention Policy that could help bolster privacy for users of Apple's Safari browser. ValeryBrozhinsky / Getty The WebKit project - the open-source initiative that generates code for Apple's Safari browser - quietly announced last week that it would follow in Mozilla's footsteps and quash tracking technologies designed to follow users across the web. In a short message on Aug. 14, the WebKit team pointed to its new Tracking Prevention Policy, a document that spells out its plans in detail, including what types of tracking it will create and how it will deal with any side effects. "We have implemented or intend to implement technical protections in WebKit to prevent all tracking practices included in this policy," the document read. "If we discover additional tracking techniques, we may expand this policy to include the new techniques and we may implement technical measures to prevent those techniques." The policy document ticks off half a dozen types of tracking WebKit will bar or does now, including cross-site tracking and fingerprinting. Safari already blocks some cross-site tracking under its Intelligent Tracking Protection (ITP), which debuted in 2017 and was enhanced last year with the browser bundled with macOS Mojave and iOS 12; it's stingy with the information it offers sites - information that can be abused to identify a user by, for instance, recording the installed fonts and plug-ins. The WebKit team tipped its hat to Mozilla for motivating it to put its plans digital paper. "Our policy was inspired by and derived from Mozilla's anti-tracking policy," the group wrote, linking to the Firefox maker's own guidelines. Firefox has been on a privacy tear of late. And because of its rapid release cadence - Mozilla pushes out a new browser every six weeks or so, while Apple upgrades Safari only once during a year - its new features and functionality have received plenty of press. In June, for example, Mozilla switched on Firefox's Enhanced Tracking Protection (ETP) for new users and let current users enable it themselves. The technology, which had been in development for four years, stymied cookie-based and URL parameter-based cross-site trackers, and optionally also stopped fingerprinting. By mimicking Mozilla, WebKit - and by extension, Apple - may hope to steal some of the anti-tracking, pro-privacy spotlight. It may not be a coincidence that both browsers - Firefox and Safari - have lost user share in the last six months; their makers likely see privacy as an edge over the leader, Google's Chrome, and thus an opportunity to attract more users. How a browser protects users' privacy, in fact, has largely replaced older metrics, such as rendering speed, to define differences between brands. As an example of the trend, Microsoft too has pitched its reborn Edge, that browser relying on the Chromium open-source project's technologies, as a shield between the user and bad behavior on the part of sites and their advertisers. Of the top four browsers, only Chrome has not proclaimed its anti-tracking bonafides. But WebKit didn't simply repeat what Mozilla promised in its anti-tracking screed: The former took a much tougher line on trackers. "We treat circumvention of shipping anti-tracking measures with the same seriousness as exploitation of security vulnerabilities," WebKit wrote. "If a party attempts to circumvent our tracking prevention methods, we may add additional restrictions without prior notice. These restrictions may apply universally; to algorithmically classified targets; or to specific parties engaging in circumvention." In other words, WebKit will retaliate against scofflaws, maybe by holding everyone accountable for the actions of miscreants, perhaps by singling out the those who try to go around the tracking prevention. "Equating circumvention of anti-tracking with security exploitation is unprecedented," applauded Lukasz Olejnik, an independent security and privacy researcher and consultant, in one tweet. "Overt treatment of privacy as a first-class citizen (like security) is the only direction (your move Microsoft, Google, all the rest!)," he added in another. The policy document does not specify a timetable for adding new tracking protections or enhancing existing ones in WebKit, much less when they would migrate into Safari. Source: Safari to ape Firefox, go all-in on anti-tracking (Computerworld - Gregg Keizer)
  3. Following Mozilla's lead, Microsoft pushes Edge onto anti-tracking bandwagon By adding 'tracking prevention' to the Chromium-based version of Edge, Microsoft can show it's putting a little distance between its browser and Google Chrome. Thinkstock Microsoft is the latest browser also-ran to tackle Google's leader, Chrome, by introducing anti-tracking expertise to Edge. Calling the feature "tracking prevention," Microsoft described it in terms much like those used by rivals Mozilla and Apple, which have cookie blockers in place in their browsers, Firefox and Safari. "Tracking prevention is designed to protect you from being tracked by websites that you aren't accessing directly," wrote Brandon Maslen, senior software engineer, and Ryan Cropp, software engineer, in a June 27 post to a company blog. Because Microsoft's just started to show its anti-tracking talents to users, it's hidden them behind an option flag; in Edge, it's reached by typing edge://flags in the address bar. (Edge's Chromium roots show here; the chrome://flags command has been long known to hard-core Chrome users.) Once the user has selected "Enabled" as the setting for the "Microsoft Edge tracking prevention" option, then relaunched the browser, Edge will begin stymying trackers. Microsoft Microsoft has hidden the new tracking prevention 'on' switch on the edge://flags option page; users must change the setting to 'Enable' and relaunch the browser. Additional settings appear in Edge's Settings that let users dial up or dial down tracker blocking's aggressiveness. Only the Windows version of the "Canary" build - the roughest, least reliable of the eventual four channels Microsoft will maintain - currently contains tracking prevention. The macOS Canary build will have the feature shortly; next up, certainly the Windows 10 and macOS Dev builds. Because the "full-Chromium" Edge - the browser Microsoft is re-creating this year based on the Chromium open-source project - also runs on Windows 7, 8 and 8.1, the blocking will eventually come to those OSes, as well. Microsoft In the Settings pane, users can tell Edge how tough to get on trackers. Computerworld set it to 'Strict' and encountered few problems. It's unclear how long it will take Microsoft to flesh out Edge's tracking prevention. Microsoft's Maslen and Cropp made it sound as if the effort were just beginning. "We'll use your feedback on this experimental feature in the Canary and Dev channels to understand potential impact to web compatibility and iterate on the experience to be helpful and easy to use," they said. That makes sense. For example, Mozilla, whose Firefox arguably boasts the most comprehensive anti-tracking scheme, spent years working on the defensive technology, first restricting it to the browser's privacy mode then cautiously integrating it with the browser as a whole. The deliberate work was necessary, Mozilla said, because tracking blockers have a habit of "breaking" sites. It was only earlier this month, in fact, that Mozilla felt comfortable enough with the feature to turn it on by default. It may not have been a coincidence that Microsoft touted tracking prevention not long after Mozilla switched on its Enhanced Tracking Protection (ETP). The privacy feature has been one of Mozilla's biggest selling points for Firefox, and the message has made an impression: The Washington Post last week said Chrome "looks a lot like surveillance software" because it doesn't try to stem tracking, and recommended Firefox as the browser best able to block trackers. "Having the world's biggest advertising company make the most popular web browser was about as smart as letting kids run a candy shop," asserted Geoffrey Fowler, the newspaper's technology columnist. "It made me decide to ditch Chrome for a new version of nonprofit Mozilla's Firefox, which has default privacy protections." Microsoft would want to be on the anti-Chrome side of this fight, seeing as how its browsers' influence, like that of Firefox's, has been greatly undermined by Google. Edge isn't going to grow much by stealing share from Firefox - Mozilla's browser has under 10% by the last measurement - but has to convince Chrome users on Windows to return to a Redmond-made application. Speaking of Chrome, Edge's tracking prevention can also be seen as Microsoft's loudest-yet statement of independence. Although Microsoft is now beholden to the Chromium project for its underlying technologies (and Google essentially runs Chromium), the company has hinted that it would not mimic Chromium/Chrome in all respects. Staking out a position that Google is unlikely to wholeheartedly adopt is one way to demonstrate that Edge is not just Chrome with a different name. The Windows 10 Canary build of Edge can be downloaded from Microsoft's website. Source: Following Mozilla's lead, Microsoft pushes Edge onto anti-tracking bandwagon (Computerworld - Gregg Keizer)
  4. A team of Belgian researchers discovered privacy issues in how browsers, ad-blocking, and anti-tracking implementations handle third-party cookie requests. A team of Belgian researchers from KU Leuven analyzed third-party cookie policies of seven major web browsers, 31 ad-blockers and 14 anti-tracking extensions and discovered major and minor issues in all of them. Major issues include Microsoft Edge's unwillingness to honor its own "block only third-party cookies" setting, bypasses for Firefox's Tracking Protection feature, and use of the integrated PDF viewer in Chrome and other Chromium-based browsers for invisible tracking. Cookie requests can be sorted into two main groups: first-party requests that come from the address listed in the address bar of the browser and third-party requests that come from all other sites. Advertisement displayed by websites makes use of cookies usually and some of these cookies are used for tracking purposes. Internet users can configure their browsers to block any third-party cookie requests to limit cookie-based tracking. Some browsers, for instance Opera or Firefox, include ad-blockers or anti-tracking functionality that is used in addition to that. Anti-tracking mechanisms have flaws The research paper, "Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies", detailed information about each web browser, tests to find out if a browser is vulnerable to exploits, and bug reports are linked on the research project's website. The researchers created a test framework that they used to verify whether "all imposed cookie- and request-policies are correctly applied". They discovered that "most mechanisms could be circumvented"; all ad-blocking and anti-tracking browser extensions had at least one bypass flaw. In this paper, we show that in the current state, built-in anti-tracking protection mechanisms as well as virtually every popular browser extension that relies on blocking third-party requests to either prevent user tracking or disable intrusive advertisements, can be bypassed by at least one technique The researchers evaluated tracking protection functionality and a new cookie feature called same-site cookies that was introduced recently to defend against cross-site attacks. Results for all tested browsers are shown in the table below. The researchers tested the default configuration of Chrome, Opera, Firefox, Safari, Edge, Cliqz, and Tor Browser, and configurations with third-party cookie blocking disabled, and if available, tracking protection functionality enabled. Tor Browser is the only browser on the list that blocks third-party cookies by default. All browsers did not block cookies for certain redirects regardless of whether third-party cookies were blocked or tracking protection was enabled. Chrome, Opera and other Chromium-based browsers that use the built-in PDF viewer have a major issue in regards to cookies. Furthermore, a design flaw in Chromium-based browsers enabled a bypass for both the built-in third party cookie blocking option and tracking protection provided by extensions. Through JavaScript embedded in PDFs, which are rendered by a browser extension, cookie-bearing POST requests can be sent to other domains, regardless of the imposed policies. Browser extensions for ad-blocking or anti-tracking had weaknesses as well according to the researchers. The list of extensions reads like the who is who of the privacy and content blocking world. It includes uMatrix and uBlock Origin, Adblock Plus, Ghostery, Privacy Badger, Disconnect, or AdBlock for Chrome. The researchers discovered ways to circumvent the protections and reported several bugs to the developers. Some, Raymond Hill who is the lead developer of uBlock Origin and uMatrix, fixed the issues quickly. At least one issue reported to browser makers has been fixed already. "Requests to fetch the favicon are not interceptable by Firefox extensions" has been fixed by Mozilla. Other reported issues are still in the process of being fixed, and a third kind won't be fixed at all. You can run individual tests designed for tested web browsers with the exception of Microsoft Edge on the project website to find out if your browser is having the same issues. Closing Words With more and more technologies being added to browsers, it is clear that the complexity has increased significantly. The research should be an eye opener for web browser makers and things will hopefully get better in the near future. One has to ask whether some browser makers test certain features at all; Microsoft Edge not honoring the built-in setting to block third-party cookies is especially embarrassing in this regard. (via Deskmodder) Now You: Do you use extensions or settings to protect your privacy better? Source
  5. steven36

    FreeTube 0.2.1 Beta

    FreeTube is an open source desktop YouTube player built with privacy in mind. Use YouTube without advertisements and Google tracking you using cookies and JavaScript. Available for Windows, Mac & Linux thanks to Electron. Please note that FreeTube is currently in Beta. While it should work well for most users, there are still bugs and missing features that need to be addressed. How does it work? FreeTube uses the proprietary YouTube HTTP API with a set of hard coded API keys. Videos are resolved using youtube-dl and played using the stock HTML5 video player. While YouTube can still see your API and video requests it can no longer track you using cookies or JavaScript. Your subscriptions, history, and saved videos are stored locally on your computer and never sent out. Features Watch videos without ads Use YouTube without Google tracking you using cookies and JavaScript Subscribe to channels without an account Local subscriptions, history, and saved videos Export & import subscriptions Mini Player Light / dark theme Changelog: You can now double click to exit a full screen video You can now open up YouTube/HookTube links while viewing a video FreeTube should now grab subtitles from other languages if they are available Subscriptions should now load properly when you have a low amount of subscriptions. Home Page: https://github.com/FreeTubeApp/FreeTube Ubuntu /Linux Mint x64 https://github.com/FreeTubeApp/FreeTube/releases/download/v0.2.1-beta/FreeTube_0.2.1_amd64.deb Windows x86 /x64 https://github.com/FreeTubeApp/FreeTube/releases/download/v0.2.1-beta/FreeTube-0.2.1.Setup.exe Other Binaries https://github.com/FreeTubeApp/FreeTube/releases
  6. steven36

    FreeTube 0.2.0 Beta

    FreeTube is an open source desktop YouTube player built with privacy in mind. Use YouTube without advertisements and Google tracking you using cookies and JavaScript. Available for Windows, Mac & Linux thanks to Electron. Please note that FreeTube is currently in Beta. While it should work well for most users, there are still bugs and missing features that need to be addressed. How does it work? FreeTube uses the proprietary YouTube HTTP API with a set of hard coded API keys. Videos are resolved using youtube-dl and played using the stock HTML5 video player. While YouTube can still see your API and video requests it can no longer track you using cookies or JavaScript. Your subscriptions, history, and saved videos are stored locally on your computer and never sent out. Features Watch videos without ads Use YouTube without Google tracking you using cookies and JavaScript Subscribe to channels without an account Local subscriptions, history, and saved videos Export & import subscriptions Mini Player Light / dark theme Changes It definitely feels like it's been a while since the last release hasn't it? I hope to slow down on the frequency of the releases that way each release it a little bit more meaningful with features or bug fixes. This is the release of Version 0.2.0 Beta, which includes the following: Features Keyboard shortcuts! This includes the majority of shortcuts found on YouTube. Examples like spacebar to pause and arrow keys for volume/navigation. Please let me know if you think I forgot any Videos should now show subtitles if they support them. Videos with subtitles made using Google Translate are not supported All videos now display their duration There is a new menu in the video list which allows you to save the video without opening it, as well as opening the video into YouTube/HookTube You can now double click on a video to full screen it Fixes During testing, showing the video duration caused the subscription load times to double. That made me sad so now subcriptions load much faster The proprietary JavaScript from the YouTube API has been removed. API calls now use the HTTP API Going to the next page in a search should work properly again Importing OPML files should now work regardless of language You can delete saved videos again from the saved videos menu Fixed some wording for changing the dark theme. The last thing that I'd like to mention is about youtube-dl. During testing, I was able to get youtube-dl to run locally, however I was unable to get it to work on Windows. This release will still use a youtube-dl-api-server in order to make the calls. I am still working on getting this to work and I hope to have this working soon. How am I doing? There are quite a few people that follow this project now. I am very grateful for the support and I'd like to make sure that I'm doing the right thing. I plan on opening up a discussion here shortly and I'd like to get some general feedback on what the public thinks on the progress of FreeTube. I welcome your feedback and hope to use it moving forward. Thanks again for everyone's support. Come join me at #61 and let's get a discussion going. Home Page: https://github.com/FreeTubeApp/FreeTube Ubuntu /Linux Mint x64 https://github.com/FreeTubeApp/FreeTube/releases/download/v0.2.0-beta/FreeTube_0.2.0_amd64.deb Windows x86 /x64 https://github.com/FreeTubeApp/FreeTube/releases/download/v0.2.0-beta/FreeTube-0.2.0.Setup.exe Other Binaries https://github.com/FreeTubeApp/FreeTube/releases
×
×
  • Create New...