Slashdot Mirror

← Back to Stories (view on slashdot.org)

EFF Releases Privacy Badger, an Addon That Algorithmically Blocks Online Trackers

Posted by samzenpus on from the don't-track-me-bro dept.

New submitter zfc writes: Online tracking has become a pervasive invisible reality of the modern web. Most sites you load are likely to be full of ads, tracking pixels, social media share buttons, and other invisible trackers all harvesting data about your web browsing. These trackers use cookies and other methods to read unique IDs associated with your browser, the result being that they record all the sites you visit as you browse around the internet. This sort of tracking is invisible to most web users, meaning they never get the option to agree to or opt-out of it. Today the EFF has launched the 1.0 version of Privacy Badger, an extension designed to prevent these trackers from accessing unique info about you and your browsing.

56 of 136 comments (clear)

  1. How good is it? by Visarga · · Score: 1

    Should I replace Disconnect.me with it?

    1. Re:How good is it? by rvw · · Score: 1

      Should I replace Disconnect.me with it?

      Isn't Disconnect a tracker service itself?

    2. Re:How good is it? by joelpurra · · Score: 4, Interesting

      Disconnect.me uses a blacklist based on known tracker domains. Given that this blacklist based blocking only detects about 10% [1] of global top web sites' resources from third party domains (loosely defined as "not the same domain, nor a subdomain"), using heuristics like Privacy Badger is probably better. Either way, they can work together. Blacklists are convenient but easy to get around for tracker companies (for example by buying a new domain). Shared whitelists are convenient, but will invariably add too many or too broad exceptions too please more users, allowing tracker companies to sneak past (for example by using, by disconnnect.me, whitelisted cloudfront.net and other CDNs for easy forwarding/domain masking). Having a personal whitelist that you maintain yourself to your own needs is a good way to go. I personally use Matrix for resource whitelisting, with a stricter ruleset blocking all third-party domains by default. It's easy to whitelist specific resource types per domain (like css and images, but not javascript), I understand that most people don't care enough to bother though. https://github.com/gorhill/uMa... [1] I have researched third party resource usage and blocking specifically using disconnect.me's blacklist, so go ahead and check it out. [/shameless plug] http://joelpurra.com/projects/...

      --
      joelpurra.com
    3. Re:How good is it? by Anonymous Coward · · Score: 1

      While we are on the topic of blocking malware, DoNotSpy10 is an essential tool if you are using Windows 10 to decrapify it of spyware and ads.

    4. Re:How good is it? by Anonymous Coward · · Score: 1, Interesting

      It's so good that I've stopped using AdBlock and instead just have Privacy Badger and FlashBlock.

    5. Re:How good is it? by joelpurra · · Score: 5, Informative

      I'm not involved in the development of uMatrix nor Disconnect.me, I just used Disconnect.me's blocklist for scientific third-party/tracker research.

      • Ghostery uses a blacklist, so it's always running behind tracker companies. Plus, Ghostery itself is owned by an marketing company.
      • uBlock was created by the same guy who created uMatrix, Raymond Hill (gorhill), but Matrix is much more fine-grained for advanced users. (Block has been forked, and it looks a bit messy.)
      • ScriptSafe looks like a limited and messy version of uMatrix, and also seems to use some code written by Raymond Hill (gorhill). Haven't tried it though.

      Basically, I would replace these with uMatrix.

      --
      joelpurra.com
    6. Re:How good is it? by K.+S.+Kyosuke · · Score: 2

      using heuristics like Privacy Badger is probably better

      Now you are doomed. The hosts file army will obliterate you, all one of them.

      --
      Ezekiel 23:20
    7. Re: How good is it? by Threni · · Score: 1

      On android, ublock handily blocks ads too. Not sure about messy; codebase? Once installed you don't even see it, it just works in the background.

    8. Re: How good is it? by joelpurra · · Score: 1

      Not sure about messy; codebase?

      Sorry for using the same words in different ways that close to each other; in this case I meant that the forking seems messy. uBlock origin was created and is maintained by the original author, but the fork marketed as simply uBlock on ublock.org is not (at least not anymore).

      --
      joelpurra.com
    9. Re:How good is it? by JMJimmy · · Score: 2

      It's so good that I've stopped using AdBlock and instead just have Privacy Badger and FlashBlock.

      Sure if you want 3rd party ad services to install malware/spyware/etc on your system.

    10. Re:How good is it? by hairyfeet · · Score: 2

      Works great, been running it for about a year now and it shuts down the tracks hard. What I like is it gives YOU control over each tracker so that if there is a site you need it on just for a minute to say load the comments? you can do that. great tool.

      --
      ACs don't waste your time replying, your posts are never seen by me.
    11. Re:How good is it? by dszd0g · · Score: 1

      And of course, some people are saying that DoNotSpy10 itself contains spyware in its installer (OpenCandy):
      http://www.wilderssecurity.com...

      It is not open source, and does not appear to be trustworthy.

      I think it is probably much safer to just follow instructions for oneself, like these:
      https://fix10.isleaked.com/#12

      --
      This message is encrypted with Quad ROT-13 to protect the author's copyright under the DMCA.
    12. Re:How good is it? by lsatenstein · · Score: 1

      I've been using it for about 2 months. Now that version 1 is out, I will upgrade. I do prefer it to adbloc. It will require some manual settings that you must make to benefit from it. For example, when you visit a page, or a site, it will tell you about the trackers and provide you the option to disable the ones that you deem harmful to your system or to your privacy. By the way, once setup, for a site, it remains that way, until the trackers arrive with new names. That has not happened to me yet.

      --
      Leslie Satenstein Montreal Quebec Canada
  2. 1.0? Current version is 2015.8.5.1 by UnknownSoldier · · Score: 3, Insightful

    I've been running this for a while now. It is a little strange they say version 1.0 has been released when the current version is numbered 2015.8.5.1 ?

    The fine article mentioned:

    Privacy Badger 1.0 works in tandem with the new Do Not Track (DNT) policy, announced earlier this week by EFF, Disconnect, Medium, Mixpanel, Adblock, and DuckDuckGo.

    Honestly, it is not always obvious that is actually working. I mean, sure, there is a red number shown how many sites it has blocked, but the actual useful stat is the options which lists ALL the sites you have visited that are tracking you: chrome-extension://pkehgijcmpdhfbdbbnkijodmdjhbjlgp/skin/options.html

    Maybe I guess that's the point though -- it just works in the background so there is one less thing to worry about.

    1. Re:1.0? Current version is 2015.8.5.1 by Dins · · Score: 1

      It is a little strange they say version 1.0 has been released when the current version is numbered 2015.8.5.1 ?

      "2015.August.5th.Version 1", perhaps? Just a guess.

  3. Re:eff? I will try it by chewy_fruit_loop · · Score: 3, Insightful

    ghostery blocks 6 from this page alone

  4. Re:eff? I will try it by davester666 · · Score: 1

    No, as they are doing a global 'man-in-the-middle' attack on the internet.

    --
    Sleep your way to a whiter smile...date a dentist!
  5. Re:eff? I will try it by JSG · · Score: 4, Informative

    Privacy badger sees 7, no sorry, 8 trackers on this site (an extra one appears when you hit Reply)

    Been using it since it came out - very light on resources and does one job well.

  6. Re:You way want to rethink the logo by fph+il+quozientatore · · Score: 1

    Yeah, this! Who could imagine, for instance, a leading commercial search engine replacing their logo with playful images and games every few days, to celebrate past events?

    --
    My first program:

    Hell Segmentation fault

  7. Not bug free by ebcdic · · Score: 1

    Privacy Badger claims there are 67 trackers on this page, including ones from NASA and British Telecom.

  8. Poison the well by superid · · Score: 5, Interesting

    I'd rather disrupt the whole tracking network by injecting false information on a mass scale to ruin the economic value of tracking.
    Are there any add-ins that do that?

    1. Re:Poison the well by Rob+Lister · · Score: 1

      I don't know if it is feasible but I kind of like that idea. What are the downsides?

    2. Re:Poison the well by cbp2 · · Score: 3, Insightful

      I actually suggested this directly to EFF a year or two ago. Basically have some extension that lowers the signal-to-noise ratio to the point where you can't find the signal. There are problems with this approach, though. You would need to trigger a lot of extra network traffic to hide your true (intended) actions. Also, if you want to hide all searches/traffic, you'd have to have your extension do a lot of fake pr0n traffic, too. Would everyone want an extension that does that? And finally, there are lots of heuristics that can be used to sort out the real traffic from the fake "chaff" traffic... how you click on the links, how long you are on the pages, how you interact with the pages, etc.

      But I agree... I wish there was some automated way to poison this well and make it useless for trackers.

      The bottom line is that we need a better way to pay for the web content we all consume. Micropayments? Google Contributor is interesting. Advertising is ruining the experience, causing tons of unnecessary and unwanted web traffic, and is becoming ineffective with the rise of ad blockers. As long as everyone wants everything to be "free", we're going to have this tracking problem.

    3. Re:Poison the well by paul_metcalfe · · Score: 1

      AdNauseam is all about this poisoning of the well: https://dhowe.github.io/AdNaus...

      --
      Always read at -1, don't let others decide what you should and should not read.
    4. Re:Poison the well by CauseBy · · Score: 1

      Any degradation of the quality of the 'signal' is good, and more is better but the noise doesn't have to really completely overwhelm the signal. Reducing the advertising value of the data by any amount would be progress, at least.

    5. Re:Poison the well by CauseBy · · Score: 1

      Seriously. I grew up with cable TV and then one day I was at a friend's house and he turned on cable. An ad came on and, even as a young child, I couldn't figure it out. I asked him, don't you pay for cable? So why are there ads?

      I never outgrew that, and I've never paid for cable in my adult life.

    6. Re:Poison the well by grumpy_old_grandpa · · Score: 1

      TrackMeNot is good to flood search engines
      http://addons.mozilla.org/en-U...

      AdNauseam is about flooding click ads
      https://addons.mozilla.org/en-...

      Flagger is more poking fun at surveillance organizations
      https://addons.mozilla.org/en-...

  9. Re:How does it improve anything? by Anonymous Coward · · Score: 1

    The point is not to give you irrelevant ads, that's just the consequence of the extension's real purpose, which is to block tracking.

  10. Re:eff? I will try it by AmiMoJo · · Score: 2

    It's an excellent add-on because it doesn't rely on blacklisting like other privacy blockers do. It simply looks for 3rd party hosts are seem to be tracking you (e.g. reading and writing the same cookies across multiple 1st party domains) and blocks them.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  11. Re:eff? I will try it by JMJimmy · · Score: 1

    Privacy badger sees 7, no sorry, 8 trackers on this site (an extra one appears when you hit Reply)

    Been using it since it came out - very light on resources and does one job well.

    I must be doing it right, I only get 4. Unfortunately, Privacy Badger doesn't seem to function properly - it tells me there are 4 but will never load up the list and several of the buttons are unclickable.

  12. No on-off switch by X10 · · Score: 1

    You can switch Privacy Badger off for a specific page, but you can't turn if of altogether. If you want it to pause blocking, apparently you need to uninstall, then later install again when you want to resume blocking. I sometimes use "pause blocking" in Ghostery, which for this reason I prefer over Badger. Also, Ghostery has a switch for "block all trackers", In P Badger, you have to switch them on one by one.

    --
    no, I don't have a sig
    1. Re:No on-off switch by Anonymous Coward · · Score: 1

      Any decent browser will let you disable the addon without uninstalling it...

  13. Re:Um, old news, and slashvertisement? by Gonoff · · Score: 1

    Version 1 of a product is the point where something changes from "pre release", Beta, Developer edition, Alpha etc to Live.
    I imagine that a lot of people here are familiar with using Betas - or even create them.

    Like you, I have been using Privacy Badger for a while now but now, it is no longer experimental - hopefully anyway.
    It should continue to update with time. Good luck to them.

    Advertisments, in my mind, tend to be for things that will make the producers money. The EFF is not asking for money for this. You do not have to look at adverts. Do they count downloads? Probably. Do they track users? It would make an interesting story if they did but I think they probably don't.
    Slashdit talks about new stuff. We might talk about new versions of Linux. That's not surprising. Someone might want to talk about the new #iShinyShiny thing from Apple as compared to his (more often than not) Android smartphone. People here like to slag off Apple. The EFF gets a more civilised ride.

    --
    I'll see your Constitution and raise you a Queen.
  14. Won't work by Artem+S.+Tashkinov · · Score: 1

    First of all there are immortal cookies (infinite cache entries created specifically for your unique PC). Secondly, there's a unique combination of your web browser + OS + fonts + plug ins: https://panopticlick.eff.org/ Thirdly, there are unique patterns in your behaviour (websites that you visit and how frequently you do that) and other wonderful metrics to trace you.

    If you want to avoid being traced and tracked there's just one way:

    • You buy a single time anonymous SIM card.
    • You go to some public place where there no web cameras installed or you're not under their monitoring.
    • You browse the web using at least TOR, or even better a combination of VPN + TOR.
    • You use the most common computer OS (Windows 7 64), the most common web browser (IE11/Google Chrome or Mozilla Firefox) and the least number of browser plugins and extensions.
    • You do NOT login using Facebook/Google/Microsoft/Yahoo/etc. services, because these companies trace your presence on unrelated websites using various "Share Me" options.
    • You do NOT use Skype/WhatsApp/Vibe other apps.
    • You completely destroy your browser profile and this SIM card after you're finished.

    This is actually a recipe for browsing the web anonymously however this is the reality of the modern web - not to be traced means to be anonymous as much as possible.

    1. Re:Won't work by CauseBy · · Score: 1

      It's not binary. It's not "tracked" vs "untracked". It's a question of how expensive it is to track you and how reliable the data is. Raise the cost and fewer advertisers will bother. Raise it high enough and maybe we can substantially damage the ad industry.

  15. I thought by Ol+Olsoc · · Score: 1

    There was an add on that would send bogus information to the trackers. If not, there should be.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  16. Re:Safari by U2xhc2hkb3QgU3Vja3M · · Score: 1

    One thing that annoys me to no end with Chrome is the stupid "status bubble". I hate when things move on the page I'm trying to read and having that stupid thing fade in and out every time I hover a link is just too distracting. And in typical Google we-know-better-than-you fashion, there's no option to disable this stupid thing and get a classic status bar instead.

  17. Seamonkey by blivit42 · · Score: 1

    Too bad it still doesn't work in Seamonkey :-(

  18. Re:What's the differenece between this and ublock? by Anubis+IV · · Score: 2

    uBlock is extremely user-friendly. It's basically just one button: an on/off toggle. uMatrix is the extensions that's aimed at advanced users and provides both additional information and more granular control over what's getting blocked.

  19. Re:Original Announcement @ Slashdot 14/05/04 by Trax3001BBS · · Score: 1

    http://www.yro.slashdot.org/st...

    2015 story has a new version.

    Thank you, I've been running it since that story with Firefox. Looking for a version # I found that Privacy Badger has been on auto update (something I normally disable in any program) so not sure what version I started with.

    It's FireFox I only use it when I must and always as a gateway to my games.

    Privacy badger is ok, I wouldn't run it alone. I posted about Privacy Badger just a few days ago, /. shows 3 blocks others showed they had many more; I use a HOSTS file so know what's being blocked just not where (which site).

  20. Re:What's the differenece between this and ublock? by grub · · Score: 1

    Thanks for the tip of uMatrix, folks. Trying it out now to see how it works compared to NoScript, AdBlock+, et al.

    --
    Trolling is a art,
  21. Re:What's the differenece between this and ublock? by Stan92057 · · Score: 1

    No i disagree its not. Tell me just what i should choose? And no the default option isn't and doesn't always remove what you want sometimes they keep coming back even after choosing the default option to block.Their is no way to report unbockable items, no way to report unblocked popups and so on. Sometime it blocks the whole site by accident why would a casual user know what to do to fix it except to uninstall it. What would a casual user do when given the below options?

    Click, Ctrl-click ##h4 ##.title ###comment_top_50269409 ###comment_50269409 ###tree_50269409 ###commtree_50269253 ###tree_50269253 ###commtree_50267595 ###tree_50267595 ###commentlisting ###commentwrap ##.d2incommentspl ###comments ###firehose ###content ##.col_2 ##.smack-refactor.container ###fix

    --
    Jack of all trades,master of none
  22. Re:eff? I will try it by CauseBy · · Score: 1

    Yep. My Ghostery says 7.

  23. Re:Something you already have, hosts, does this by CauseBy · · Score: 1

    Oh for fuck's sake not this guy again. Why can't Slashdot filter this bozo out?

  24. Re:Facebook an exception?? by sudon't · · Score: 1

    It's probably their evercookie, (thanks a lot, Samy!). Try deleting FB's cookie. Watch it pop back up. You have to kill the browser to get rid of it. Plus, you have those FB "share" buttons on every web page, nowadays. Ghostery can block those, I believe.

    --
    -- sudon't

    Air-ride Equipped

  25. Re:What's the differenece between this and ublock? by Anubis+IV · · Score: 1

    uBlock isn't perfect (few things in life are), but the fact that it comes up a bit short in some areas doesn't mean that it isn't user-friendly. I installed it on my (non-technical) wife's computer two weeks ago and as far as I know she's had zero issues with it. She's able to browse all of her sites without problem, but now they load significantly faster and have a higher visual signal:noise ratio.

    Moreover, if you're talking about being persnickety enough to want perfect blocking and are willing to go so far as changing around options for a browser extension, then you're no longer talking about casual users, since casual users simply don't pull up the options for ANY of their extensions. Rather, if something doesn't work, they'll simply look for a way to disable it, which uBlock makes ridiculously obvious and simple to do on the sites it doesn't (yet) work on.

    As for you, it sounds like you may be better served by uMatrix. The first few days were a bit rough for me, but after that it only needs tweaking when I visit new sites, for the most part, and even then, not very often.

  26. Re:What's the differenece between this and ublock? by Stan92057 · · Score: 1

    I an just fine with ublock. I said for casual users and i am sticking by my comment. We agree to disagree.

    --
    Jack of all trades,master of none
  27. Ghostery works in Safari by bogie · · Score: 1

    Privacy Badger has no support for Safari which makes it a no go for most Mac users.

    --
    If you wanna get rich, you know that payback is a bitch
  28. Re:eff? I will try it by lsatenstein · · Score: 1

    Privacy badger sees 7, no sorry, 8 trackers on this site (an extra one appears when you hit Reply)

    Been using it since it came out - very light on resources and does one job well.

    I second your experience. Its a great tool

    --
    Leslie Satenstein Montreal Quebec Canada
  29. How much will it help when used with NoScript? by Bathroom+Humor · · Score: 1

    I only use Adblock Plus and NoScript, because I feel like I'd get diminishing returns from using 4 different addons for privacy and blocking bad traffic due to stacked redundancy.

    How much will this help me out?

  30. Re:Something you already have, hosts, does this by K.+S.+Kyosuke · · Score: 1

    Not really, because it doesn't solve the same class of problems.

    --
    Ezekiel 23:20
  31. Got an alert! My first one with PB, one years use. by Trax3001BBS · · Score: 1

    https://www.robtex.com/ clicking on a disqus.com icon you will be met with a requester to abort and reason: "Logging into Disqus can allow it to track you around the web". Answering no shows what u had to post was not that important.

    My Post was to help, the IP address 72.21.91.29 shows over 100 pages containing malware (most I've seen) but it's a feed for the UseNet where Malware is expected and fairly obvious. Not a big deal.

    I took a back door approach to get a disqus.com account (through robtex.com) I had no ToS (privacy policy) to read.

    Post to Robtex.com can be posted without account, and how I will from now on.

    Was kool though, sitting unobtrusively all this time in the menu bar, when it tosses up an alert you take notice. The reason for Privacy Badger showing a plus, sorry but many just say a bad site ahead awaits u.

    That Disqus.com didn't make the HOSTS file? No clue, I dropped the ball.

    I have checked https://www.robtex.com/ while I found no Google links before, nor mention of Google in the FAQ (no ToS), the site reeks of Google (very nice, good useful info). It's no big deal, it's just http://testmy.net/ was Google yet they hid the fact, vs Flurry.com, it took some digging and many links from original ToS but you would find a Google ToS. A post reply was by one of the admins of how much they enjoyed working for Google, and I questioned the ToS; It was changed to a Google ToS; Changed now to: no clue (not read yet) but just assume Google and do what you do - I leave Google alone but for advertising, and data collection other than what I know (my choice) is going to be Public domain (my searches for one).

    FWIW https://disqus.com/ gives no alert.

  32. Re:Got an alert! My first one with PB, one years u by Trax3001BBS · · Score: 1

    it's just http://testmy.net/ was Google yet they hid the fact, vs Flurry.com, it took some digging and many links from original ToS but you would find a Google ToS. A post reply was by one of the admins of how much they enjoyed working for Google, and I questioned the ToS; It was changed to a Google ToS; Changed now to: no clue (not read yet)

    Read, it takes a link from "Third Parties & Use of Cookies" in the Privacy Policy to show it is a Google site http://www.google.com/policies...

  33. Re:Something you already have, hosts, does this by K.+S.+Kyosuke · · Score: 1

    How can you block things with undesirable contents using IP level rejection? A single domain or IP address can serve both things that you want and things that you don't want.

    --
    Ezekiel 23:20
  34. Re:Ublock = inferior & inefficient vs. hosts by Anubis+IV · · Score: 1

    Let me know when it runs in Windows 10 and/or OS X. Otherwise, you're wasting your time posting your copy/paste spam in response to me yet again. I'll actually take a look at it if I can run it on my home systems though, since I do like keeping an updated hosts file in coordination with the other ad blocking tools I use.

  35. Re:Ghostery = 'souled-out' & inferior vs. host by sudon't · · Score: 1

    Yes, yes, we've all seen your spam a million times. Which is why it's called spam. Why not try to keep it down to one per thread? You'll come across as less of a lunatic.

    --
    -- sudon't

    Air-ride Equipped