Karlston Posted April 20, 2019 Share Posted April 20, 2019 A new Bleeping Computer report by Lawrence Abrams suggests that Mozilla plans to enable Hyperlink Ping Tracking by default in the Firefox browser. Firefox is one of the few browsers that has the feature disabled by default, another is Brave. Most Chromium-based browsers, Google Chrome and Opera, as well as Microsoft Edge and Safari have the feature turned on by default. The browsers that have the feature enabled already won't allow users to disable the feature anymore in coming versions. Chrome users, for example, can disable Hyperlink auditing in the browser currently on chrome://flags if they run the Stable version. Chrome users who run Beta or other development versions won't find the feature listed anymore as Google removed it from the list of available flags. Chrome 73.0 Stable Chrome 75.0 Canary What is Ping Hyperlink Auditing? Links, or hyperlinks, are a fundamental HTML feature that loads another resource when a user activates it. Ping is a new attribute that can be added to links to send information to another resource. Here is an example: <a href="https://www.ghacks.net/ ping="https://www.example.com/">This</a> When a user clicks on the Ghacks Link, Example.com is notified that the click happened. It is possible to notify one or multiple resources about the link click. What is bad about it? Ping is used to track link clicks. The nature of how that is done is not transparent to users who click on links, as the ping attribute is not shown and links with pings are not highlighted when a user hovers over the link in the browser. While it is possible to check the source, it is not comfortable and unlikely that many users will do so. Apart from privacy, at least one case has been recorded where pings were used for denial of service attacks. And Firefox? Mozilla told Bleeping Computer that the Ping has not been enabled by default in Firefox already is because the feature is still being implemented. Asked about the privacy implications, Mozilla told Bleeping Computer that it agreed with Apple's stance on the issue. Apple stated that turning off Ping would not "solve the privacy implications of link click analytics" and that disabling it would result in companies using techniques that would "hurt the user experience". Sites would often check for supported tracking features and would simply switch to another if Ping was not available. Firefox supports a preference currently that determines whether pings are enabled or not. The preference is set to False currently which means that it is not used. Firefox users can check browser.send_pings on about:config to configure it. Whether that preference will remain in Firefox once Mozilla enables Ping functionality remains to be seen. Solutions Chrome users may install Ping Blocker to block pings in the browser. The popular content blocker uBlock Origin blocks pings by default as well, and it is available for Firefox, Chrome, and other browsers. Brave is one of the few browsers that has the Ping attribute disabled. Source: Mozilla plans to enable Hyperlink Ping Tracking by Default in Firefox (gHacks - Martin Brinkmann) Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted April 22, 2019 Administrator Share Posted April 22, 2019 Concerning this, the whole thing. Link to comment Share on other sites More sharing options...
mp68terr Posted April 22, 2019 Share Posted April 22, 2019 On 4/20/2019 at 9:21 PM, Karlston said: Brave is one of the few browsers that has the Ping attribute disabled. 'browser.send_pings' is set to false by default in Palemoon too. Link to comment Share on other sites More sharing options...
v3n0m Posted April 23, 2019 Share Posted April 23, 2019 On 4/22/2019 at 4:38 AM, DKT27 said: Concerning this, the whole thing. very disconcerting Link to comment Share on other sites More sharing options...
steven36 Posted April 23, 2019 Share Posted April 23, 2019 On 4/22/2019 at 11:48 AM, mp68terr said: 'browser.send_pings' is set to false by default in Palemoon too. Waterfox too and doubt they would ever allow it once the Waterfox v68 comes out final witch it will once again it will be based on the latest version of Firefox ESR and work with all the new addons that is what Waterfox is about removing and turning the spys off that Firefox adds to get paid . It's going to get too the point were i'm not going to install a mainstream browser anymore let the masses who use Facebook and Google products and services who already are being spied on with user-tracking and accepted it as being normal deal with it. Old saying is you've made your bed, now lie on it it means Quote If someone says you've made your bed, now lie on it or you have made your bed and will have to lie on it, they are telling you in an unsympathetic way that you have to accept the unpleasant consequences of your actions or decisions. Link to comment Share on other sites More sharing options...
steven36 Posted April 23, 2019 Share Posted April 23, 2019 From our friend at uBlockOrigin ___________________________________________________________________________________________________________________________________________________________________________________________________________ gorhill4 10 points 3 days ago* The actual issue with hyperlink auditing is that it still occurs even after disabling JavaScript -- which is not the case with the "less user friendly" ones. In any case, uBO disables hyperlink auditing (by default) using the browser.privacy.network privacy.websites.hyperlinkAuditingEnabled API, so as long as the API is still available and working as expected, there will be a way to disable hyperlink through extensions. _________________________________________________________________________________________________________________________________________________________________________________________________ So unless they change the whole api on how they send these pings it can blocked in all browsers . You can see here Firefox and Chrome have been planing on doing this since 2014 after all they the ones who implemented it into there's browsers over 4 years ago. https://www.wilderssecurity.com/threads/hyperlink-auditing-aka-a-ping-and-beacon-aka-navigator-sendbeacon.364904/ Just like other tracking someone will make something to block it always , just like when Chrome removed the flags to block Canvas Fingerprint and Prevent WebRTC from leaking local IP address Link to comment Share on other sites More sharing options...
mp68terr Posted April 23, 2019 Share Posted April 23, 2019 Glad to have efficient addons like uBlock. Glad to have alternative browsers too. Blocking all these spying things is a big work. Wondering about Vivaldi (under linux) though; to reveal its entire configuration is a pain in the a... No such detailed config as the one displayed with about:config. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.