Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Jams Facebook's Web-Tracking Tools (bbc.com)

Posted by BeauHD on from the right-to-privacy dept.

The next version of iOS and macOS "will frustrate tools used by Facebook to automatically track web users," reports BBC. At the company's developer conference, Apple's software chief Craig Federighi said, "We're shutting that down," adding that Safari would ask owners' permission before allowing the social network to monitor their activity. BBC reports: At the WWDC conference - held in San Jose, California - Mr Federighi said that Facebook keeps watch over people in ways they might not be aware of. "We've all seen these - these like buttons, and share buttons and these comment fields. "Well it turns out these can be used to track you, whether you click on them or not." He then pointed to an onscreen alert that asked: "Do you want to allow Facebook.com to use cookies and available data while browsing?" "You can decide to keep your information private."

Apple also said that MacOS Mojave would combat a technique called "fingerprinting", in which advertisers try to track users who delete their cookies. The method involves identifying computers by the fonts and plug-ins installed among other configuration details. To counter this, Apple will present web pages with less details about the computer. "As a result your Mac will look more like everyone else's Mac, and it will be dramatically more difficult for data companies to uniquely identify your device," Mr Federighi explained.

117 comments

  1. Do this by Anonymous Coward · · Score: 0

    Hey Firefox, looking for something else to copy? Stop looking at Chrome for a second and check out what Apple is doing.

    1. Re:Do this by Anonymous Coward · · Score: 0

      They've already done it. Months ago.

    2. Re:Do this by Anonymous Coward · · Score: 0

      Well, it will be useless anyway on a renowned Slashdot collaborator handled by special education in the Santa Clara County, a long tail amazon revenue stream and long tail youtube channel adept.

      He is impossible to miss thus, easily trackable without any fancy spyware.

    3. Re:Do this by AmiMoJo · · Score: 4, Interesting

      Firefox can do this already, but it's not that effective unfortunately.

      The real problem these days is fingerprinting. Particularly installed fonts and user agent strings. Those two alone are often pretty unique, and combined with canvas fingerprinting and IP address are very powerful tracking mechanisms.

      Unfortunately no browser can block them, and I have not found any plug-in except for NoScript that can block getting a list of installed fonts. There is a tool called "fluxfonts" that randomly installs and removes fake fonts in the background, but it would be nice if a mainstream browser did something about this.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    4. Re:Do this by Mordaximus · · Score: 5, Informative

      The real problem these days is fingerprinting. Particularly installed fonts and user agent strings. Those two alone are often pretty unique, and combined with canvas fingerprinting and IP address are very powerful tracking mechanisms.

      They are addressing this as well in Mojave. Slimmed down system information, it only reports system fonts. Essentially one MacBook will look like the next, etc. In theory, anyway

    5. Re: Do this by Anonymous Coward · · Score: 0

      Sorry, they have all available resources tied up thinking about how to redesign the UI once the current UI redesign has been released.

    6. Re:Do this by theweatherelectric · · Score: 5, Informative

      Hey Firefox, looking for something else to copy?

      What, you mean like how Firefox provides built-in tracking protection? Or how Firefox provides a Facebook Container which isolates Facebook from the rest of your browsing activity? Or how Firefox is developing an anti-fingerprinting mode? Or how Firefox is integrating Tor as a built-in feature?

      I don't think you know what you're talking about. The web browser is the most commonly used piece of application software. If there's one type of software you should educate yourself about, it's web browsers.

    7. Re:Do this by Plumpaquatsch · · Score: 1

      I bet you will be really pissed when you find out what Apple has announced for Safari. https://www.wired.com/story/ap...

      --
      Of course news about a fake are Fake News.
    8. Re:Do this by AmiMoJo · · Score: 1

      It's really good news that Apple is doing something about this.

      Hopefully others will follow. Their improvements seem to be based on research done by Mozilla, so perhaps at least Firefox will get something similar soon.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    9. Re:Do this by Anonymous Coward · · Score: 0

      I JUST returned to Firefox 52 because I couldn't find a decent user agent muddler extension. While many point out that by sending odd user agent strings, I stick out more, sending either random or completely neutered UserAgent strings is better than just always sending the exact same string, in my opinion. If EVERYONE sent a neutered or random user agent string, the system would work very well.

    10. Re:Do this by 110010001000 · · Score: 0

      Apple also said that MacOS Mojave would combat a technique called "fingerprinting", in which advertisers try to track users who delete their cookies. The method involves identifying computers by the fonts and plug-ins installed among other configuration details. To counter this, Apple will present web pages with less details about the computer. "As a result your Mac will look more like everyone else's Mac, and it will be dramatically more difficult for data companies to uniquely identify your device," Mr Federighi explained.

    11. Re:Do this by cascadingstylesheet · · Score: 2

      The real problem these days is fingerprinting. Particularly installed fonts and user agent strings. Those two alone are often pretty unique, and combined with canvas fingerprinting and IP address are very powerful tracking mechanisms.

      They are addressing this as well in Mojave. Slimmed down system information, it only reports system fonts. Essentially one MacBook will look like the next, etc. In theory, anyway

      Wouldn't that mean you only get to see system fonts then? (Assuming the reported list of fonts actually does something?)

      (I'd be fine with that, but will the public at large be fine with it)?

      Actually, since CSS lets you specify a list of fallbacks, why does the browser have to report fonts anyway? I have neglected to look into this little corner of madness ...

    12. Re:Do this by jbmartin6 · · Score: 1

      Firefox can do this already, but it's not that effective unfortunately.

      Could you clarify why you say this?

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    13. Re:Do this by AmiMoJo · · Score: 1

      Try the EFF's Panopticlick.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    14. Re:Do this by Anonymous Coward · · Score: 0

      Bizarrely, everything you mention relies on JavaScript. Maybe disabling javascript solves the problem?

    15. Re:Do this by Anonymous Coward · · Score: 0

      Disabling javascript breaks 99% of the web.

    16. Re:Do this by Anonymous Coward · · Score: 0

      This is pointless because it's add-ons. Drop the add-on mentality for a second.

      Security and privacy features should be built-in the browser.

    17. Re:Do this by Anonymous Coward · · Score: 0

      The real problem these days is fingerprinting. Particularly installed fonts and user agent strings. Those two alone are often pretty unique, and combined with canvas fingerprinting and IP address are very powerful tracking mechanisms.

      Disable Javascript. That way there is much less information that sites can exfiltrate from your browser, and so fewer bits of entropy to identify you.

      Javascript is a HUGE problem for browser fingerprinting. Disabling it is not a complete solution by itself, because there is other identifying information hat leaks, but it is a large and necessary part of a solution.

    18. Re:Do this by Anonymous Coward · · Score: 0

      And if they include it, "you people" start complaining it's bloated

    19. Re:Do this by Anonymous Coward · · Score: 0

      You need to do more work if you want a good result with Panopticlick. Just having Firefox isn't enough, but it's where you should start from.

      First, get at least the updater.sh or updater.bat from this project: https://github.com/ghacksuserjs/ghacks-user.js

      Put it in your Firefox profile directory, close Firefox, run it, then make sure to actually read over the comments in the user.js file that it'll pull in. If you're on Firefox ESR, definitely make sure to uncomment the appropriate sections in the 4600s and 9999s before starting Firefox up again. The comments mention exactly where you should do this. You should also set some overrides. I highly recommend enabling the part that sets your browser window size to a more common aspect ratio, your browser window size does a lot towards fingerprinting. If possible, force your browser window to a locked size that can't be resized or maximized. The Plasma 5 desktop environment allows for this (right click title bar, More Actions, Special Application Settings...) so do that if you can.

      Get a small handful of decent privacy-focused extensions, too. Privacy Badger, uMatrix and uBlock Origin will be good enough for anyone, no need for too many extensions. You can find working versions of them for the latest Firefox as well as Firefox ESR.

      Get all that set up, then run Panopticlick. It will get fussy when it tries to connect to certain domains because of the blacklists on some of those extensions. It makes sense, considering that Panopticlick wouldn't do a very good job at testing your privacy if it wasn't at least attempting to try to fingerprint and track you so it could report its success or failure to you, so this and ONLY THIS TIME, ignore those warnings and proceed on through every time you get those warnings during the Panopticlick tests. Don't forget to restart Firefox afterwards, too!

      It's a lot of work, but if you do want your privacy to be protected, that will likely get you a very good score on Panopticlick.

    20. Re:Do this by Anonymous Coward · · Score: 0

      Disabling JavaScript can be done selectively with appropriate extensions. I'm doing just fine with slashdot.org and fsdn.com being the only two domains I allow to deliver JS on Slashdot, the rest can eat a dick. I can AC and adjust threshold, I don't have much use for anything else.

    21. Re:Do this by Shotgun · · Score: 1

      Wouldn't that mean you only get to see system fonts then?

      If only we could be so lucky.

      --
      Aah, change is good. -- Rafiki
      Yeah, but it ain't easy. -- Simba
    22. Re:Do this by Anonymous Coward · · Score: 0

      Disabling javascript avoids breaking 99% of the web.

      FTFY.

      Disabling javascript is essential in this day and age. It's the attack surface used by most "visit the site and get jacked" attacks, it's responsible for 99% of the shitfest on the current web like disabling right clicks or popping shit over the top of what you're trying to read, or a bunch of others. It's responsible for the majority of the privacy clusterfuck, and it's the mechanism used to gather most information used by panopiclick-style attacks. It allows targeting other, hardware vulnerabilities like the recent Spectre and Meltdown, both which have successful javascript attacks against them.

      Every sane person should disable javascript by default and whitelist a few essential things. Just giving random sites the ability to run code on your computer is a spectacularly bad idea.

    23. Re:Do this by spire3661 · · Score: 2

      All webpages should have an html fallback. If they dont, its not really a webpage.

      --
      Good-bye
    24. Re:Do this by Gr8Apes · · Score: 1

      Disabling JS makes the web browsable again for 99% of its pages. 99% of the web does not need JS, and never should have had JS installed with it.

      --
      The cesspool just got a check and balance.
    25. Re:Do this by Gr8Apes · · Score: 1

      Actually, since CSS lets you specify a list of fallbacks, why does the browser have to report fonts anyway? I have neglected to look into this little corner of madness ...

      I looked into this years ago, and there is absolutely 0 reason for this function to exist in today's world. If all browsers returned 0 fonts, the same style sheets still get served in 99.999999....% of the cases. So other than fingerprinting the machine, what purpose does this function serve?

      --
      The cesspool just got a check and balance.
    26. Re:Do this by Cajun+Hell · · Score: 1

      Someone remind me: why should javascript ever be able to know what fonts you have? Why would anyone care?

      Maybe browsers don't let you twiddle some config setting to deny font requests, but it could nevertheless be disabled in the browser's code. Is there any reason to even suspect that this might break anything? I wouldn't expect it to break anything. Being able to query fonts sounds like a totally useless feature anyway.

      --
      "Believe me!" -- Donald Trump
    27. Re:Do this by Anonymous Coward · · Score: 0

      THe browser should not return any of this information. At most it should return

      "A web browser on a computing device"

      Nothing else. Might get all the jackasses to stop trying to turn the web into digital TV with their retrded jacvascript crap.

    28. Re:Do this by Anonymous Coward · · Score: 0

      Well said. Browsers shoudl just remove javascript entirely. Plain old HTML is good enough for serving up information. If you want whizzing interactive things go and watch your TV.

      Javascript provides nothing but a massive attack vector. To parpahrase you allowing any old site to run code on your computer is a brain dead, retarded, utterly stupid idea !

    29. Re:Do this by Anonymous Coward · · Score: 0

      Firefox can do this already, but it's not that effective unfortunately.

      Isn't it? I'm using it on all devices and everytime I log into Google o Wikipedia, for example, I get a warning stating that a session has been started from a previously unkown device. And those are not the only sites. So yes, I think it is effective. I guess you know you do need to set it up manually.

    30. Re:Do this by TheFakeTimCook · · Score: 2

      Firefox can do this already, but it's not that effective unfortunately.

      The real problem these days is fingerprinting. Particularly installed fonts and user agent strings. Those two alone are often pretty unique, and combined with canvas fingerprinting and IP address are very powerful tracking mechanisms.

      Unfortunately no browser can block them, and I have not found any plug-in except for NoScript that can block getting a list of installed fonts. There is a tool called "fluxfonts" that randomly installs and removes fake fonts in the background, but it would be nice if a mainstream browser did something about this.

      Apple has a solution to "fingerprinting". They return random data.

    31. Re:Do this by Anonymous Coward · · Score: 0

      "User Agent Switcher" add-on can do this. If you're using uMatrix, it can also do this.

    32. Re:Do this by Anonymous Coward · · Score: 0

      Canvas fingerprinting: "Canvas Blocker" add-on.
      User agent fingerprinting: "User Agent Switcher" add-on, uMatrix add-on.

    33. Re:Do this by Anonymous Coward · · Score: 0

      It's probably reporting all this to JavaScript. If you think about an application running on your device, does it make sense it should be able to query for what fonts are installed locally?

      Heck, look at this. Measuring the size of each glyph?

    34. Re:Do this by Anonymous Coward · · Score: 0

      There are two approaches to prevent tracking like this: withholding, whitewashing and polluting, in that order. First, remove all the suplurflous information (e.g. no From header, remove OS and instruction set from User agent header). Then, you should make everything that can be the same actually report the same information (e.g. same fonts, same accept encoding header) Finally, if you can't do that with the data, pollute it (e.g. add random noise to canvas element, randomize js execution times).

  2. not needed for slashdot users by Anonymous Coward · · Score: 0

    we all been blocking facebook already for some time :P

  3. Source by Aadarshkothari · · Score: 1

    Can we also track the source of the traffic?

  4. Browsers and OS should do this by AHuxley · · Score: 2

    Not a member of a social media brand?
    Ban it from the browser, OS until a user wants to register a social media account and be spied on.

    --
    Domestic spying is now "Benign Information Gathering"
  5. The world-wide web, it is broken. by Anonymous Coward · · Score: 0

    And this is really but one of the symptoms: Who thought it was a good idea to leak all that data back to websites in the first place?

    It's what you get when you let knuckledragging nincompoops "design" browser software then have more drooling morons rubber-stamp the resulting software's vague write-up of what it all does into something euphemistically called a "web standard". Go on, go read the W3C's drivel sometime.

    This approach leaves a lot to be desired. But apparently "the community" actually likes the ambiguity and the loopholes and the abuse, so they can have another round of "browser war" play out. Over every user's back, of course.

    1. Re:The world-wide web, it is broken. by Anonymous Coward · · Score: 0

      If the masses were interested in privacy, there would be no FaceBook, and likely no Google. Hurray for the Boobus Americanas.

  6. Shouldn't have enabled this in the first place by Anonymous Coward · · Score: 0

    I'm pretty sure we can blame needing this not so much on facebook, marketeers, and their ilk, but on the willingness of browser makers to just leak users' data to any and all visited website. So the fact they have to do this now means they've failed horribly before, and this is no more than a feeble (and probably easily circumvented) try at catching up with sanity.

  7. Safari? What about Facebook app? by Anonymous Coward · · Score: 0

    Isnâ(TM)t doing this in Safari the wrong place? Most of us probably use the Facebook app for iPhone not Safari itself. Unless the Facebook app uses WebKit under the covers or something...

    1. Re:Safari? What about Facebook app? by Anonymous Coward · · Score: 0

      Facebook app on you Macbook? Sorry, people who use the Facebook app on their iOS device only have themselves to blame if they are tracked, they installed it themselves.

      But this article is about tracking your usage when NOT visiting Facebook. I know it is hard to read a summary here at Slashdot.

    2. Re: Safari? What about Facebook app? by Anonymous Coward · · Score: 0

      Where does it say itâ(TM)s about tracking when NOT using Facebook? I read the article 3 times and donâ(TM)t see that. I suggest you re-read the article yourself.

    3. Re: Safari? What about Facebook app? by vakuona · · Score: 1

      From TFS:

      The next version of iOS and macOS "will frustrate tools used by Facebook to automatically track web users,"

    4. Re: Safari? What about Facebook app? by Megane · · Score: 1

      Exactly. This is about the web bugs and other things from Facebook that end up in other web pages, little things like "Share on Facebook" buttons. You see that little "f" icon? If it's served from facebook.com, your browser had to talk to them to get it.

      --
      #naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
    5. Re:Safari? What about Facebook app? by Anonymous Coward · · Score: 0

      This is for most other people, who just use web browsers to talk to websites.

      The type of people who so strongly want to help a website's company that they'll download and install and run their native app, can't be helped and don't want to be helped. If they didn't want to give advantages to those companies, they wouldn't be running their apps.

  8. Native in Browsers by johnsie · · Score: 3

    Various plugins do a good job of this, but some sort of blocking should be a native optional feature in major browsers. I've already refused to accept the new privacy policy from Facebook as I refuse to let that company turn my data into a product. People let them go to far. There must be an option to choose which companies are not allowed to collect your data, and that's why GDPR is a good thing. Facebook tried to avoid data privacy by moving millions of accounts out of Europe/

  9. Don't think this is the right way to fight it by Solandri · · Score: 4, Interesting
    There are two ways to fight this:
    • Try to stop these tracking methods. Which just results in the people doing the tracking coming up with new tracking methods. That kicks off an endless arms race where each side keeps countering the move the other side makes.
    • Pollute the data. Let them collect the data, but the browser should surreptitiously add fake data. Either generated by randomly crawling linked pages in the background, or by sharing anonymized sites other users have browsed. The moment the "user's" browsing data is no longer an accurate representation of the sites the user is actually browsing, that data loses its advertising value. And advertisers will be forced to place ads based on the type of people who like to visit a certain site (e.g. GPU ads on a gaming site), rather than trying to display ads targeted at the person browsing regardless of what site they visit.

    The first method is a never-ending game of leapfrog. The second method favors users because there are a lot more of them than companies tracking this data. They can generate fake browsing data faster (up to the limit of their Internet bandwidth) than these companies can filter it out.

    1. Re:Don't think this is the right way to fight it by johnsie · · Score: 4, Informative

      It'll still be an arms race. They'll try and find ways around it. GDPR has shown that strong legislation is probably going to be the best way to prevent this sort of tracking.

    2. Re:Don't think this is the right way to fight it by Anonymous Coward · · Score: 0

      You are a big ol' shitbird.

    3. Re:Don't think this is the right way to fight it by Anonymous Coward · · Score: 0

      So your idea is that if you block the tracking, it will lead to an arms race, but if you pollute the data, they will just give up? If you give them real and fake data, they will figure out which is which. With enough data, that's remarkably easy. Computers aren't able to fake being human when tested by other computers. Captchas exist.

    4. Re:Don't think this is the right way to fight it by Anonymous Coward · · Score: 0

      Polluting the data is a crappy idea. Prevention is better than cure.

    5. Re:Don't think this is the right way to fight it by Anonymous Coward · · Score: 1

      On the eve of the GDPR I received an email from an affiliate organisation extolling how they would be complying with the law and be able to track users using such methods as the opt out of tracking cookies and industry wide opt ins (eg; agree with one website you agree with them all).

    6. Re:Don't think this is the right way to fight it by alvinrod · · Score: 2

      The problem with your proposed solution is that you assume that these same tracking companies would be wholly incapable of cleaning the polluted data. All they would need is access to the browser that does the polluting and enough time to see how it works and they could probably get above 95% accuracy in terms of removing the fake, polluted data.

      It's always a game of cat and mouse. The only way to really stop it is to make a user's data so worthless as to remove the economic incentive to attempt to track them. Unfortunately, that doesn't seem all that likely either.

    7. Re:Don't think this is the right way to fight it by Anonymous Coward · · Score: 0

      NO. False data and bad leads is the solution. The people dumb enough to pay for leads have to see dud information and bad leads.
      The OS improvement Copperhead already does this, by providing bogus information. In fact there is an industry out there that fakes page impressions and click throughs. Lets step this up a level. Feeding bad information, or sending mangled payloads back is the solution.

    8. Re:Don't think this is the right way to fight it by AmiMoJo · · Score: 3, Interesting

      Pollution is quite effective. For example, there are various add-ons for popular browsers that add random noise to canvas elements, changing the fingerprint every time. Even if they are tracking you by other means such as detecting installed fonts, the random canvas fingerprint and maybe a random user-agent pollutes their data.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    9. Re:Don't think this is the right way to fight it by Anonymous Coward · · Score: 0

      GDPR is communist level suppression of freedom. If the masses were actually interested in their privacy, these companies that abuse their trust would be out of business. Considering how well FaceBook, Google, et. al. are doing, you are a lying SJW.

    10. Re:Don't think this is the right way to fight it by 6Yankee · · Score: 1

      I'll let you send them my font list if I can send them yours...

    11. Re:Don't think this is the right way to fight it by jbmartin6 · · Score: 1

      You may be right about data pollution, although I have often wondered how easy it would be to tune out what you suggest. If my device randomly visits a needlepoint site, then a site about making home made sake, then FIVE sites about playing chess, it's pretty easy to figure out I like to play chess and the other ones were red herrings. My point is things that are true would rise above the noise of various random hits and would be easy to figure out based on timing, frequency, etc. Now, if I could create various fake personae and have an AI add their activity in the background to my own, probably better. If AI existed. On the other hand, what if there is something you just don't' want them to know? I may not want them to know I like chess, regardless of whether or not I fool them into thinking I also like needlepoint.

      --
      This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
    12. Re:Don't think this is the right way to fight it by Anonymous Coward · · Score: 0

      The root of the problem is because a web page is allowed to request data from multiple domains.

      Remove that and you've killed 99% of the problems concerning ads and other crap.

    13. Re:Don't think this is the right way to fight it by sinij · · Score: 1

      I think technical term is poisoning the data. It is brutally effective, and not because it hides your own data, it also makes entire data set less valuable by contaminating it with fake data.

    14. Re:Don't think this is the right way to fight it by sit1963nz · · Score: 1

      This is currently the same tactic being used by spambots and anarchists
      Look how many garbage posts are made in discussion forums, and they are growing in number.

      The idea is to pollute sites where people can have reasoned, intelligent discussions with so much junk that it destroys the forum and drives the thinkers away.

      This "normalises" abuse, hate, lies, anger, etc etc and that becomes part of normal society IRL.

      Without rational discussion, "fake news" will rule because there will be nowhere to discuss truth and facts, provide evidence, and highlight the benefits of logical thought. People will become even MORE partisan, where right and wrong are replaced with left and right where both sides are wrong.

      Back some 20-30 years ago news reporting was far less biased, they were far more interested in the facts and the truth. Now days when a news item does not conform to the bias that media outlet has the story is ignored, or simply buried and trivialised. This is dangerous , without knowing the truth no one can make and informed decision , and that truth is now being decided by a smaller and smaller cabal of wealthy people who have their own agenda. And when that happens democracy looses.

  10. For other platforms... by Gravis+Zero · · Score: 3, Informative

    If you aren't already, you should be using SafeScript which allows you to block lots of fingerprinting stuff. If you think you don't need it then you should check out BrowserLeaks to see how horribly wrong you are. :)

    --
    Anons need not reply. Questions end with a question mark.
    1. Re:For other platforms... by Ol+Olsoc · · Score: 1

      If you aren't already, you should be using SafeScript which allows you to block lots of fingerprinting stuff. If you think you don't need it then you should check out BrowserLeaks to see how horribly wrong you are. :)

      And how! Early on in using NoScript I did an inventory of what was blocked. Facebook was the champ of tracking scripts, and a lot of those addresses the scripts reported to were obscured - ie not obviously facebook. And there were several FB trackers on most the sites that had them. Google had a number of scripts - at least they had the decency to make that clear. several ad providers, the font trackers, and a few I never figured out. My biggest haul for one page was over a hundred scripts.

      And this was some years ago, long before I had to have a Facebook account for some projects I was working.

      Which is why I have told people for years that Facebook is tracking everyone, not having an account does not stop them from tracking anyone.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    2. Re:For other platforms... by Anonymous Coward · · Score: 0

      The chrome extension is basically unusable at this point.

    3. Re:For other platforms... by Anonymous Coward · · Score: 0

      Not using safescript, and the site you said would convince me got just about everything wrong except country and province..

  11. Re: Trump will die in prison a traitor by Anonymous Coward · · Score: 0

    You sound like you gobble buckets of knobs.

  12. Organized criminals by Anonymous Coward · · Score: 0

    Meh. This is like organized bands fighting each other (be it Apple, Google, Facebook, Microsoft, you name it).

    In this case, I'd call it Irish (heh) mob vs. American Mafia, or something.

  13. NOT by Anonymous Coward · · Score: 0

    Nobody forces you to use the BloatWeb with hundreds of tracking companies, with dozens of JS code-lets loaded into your page.

    There are still plenty of pages which are plain HTML (as in 1998 HTML) and do not need JS to render. Without tracking cookies.

    Only the CommerceWeb is full of this crap.

    We also do not need the latest BS of Google, FB, Twitter or the like. We can always use Linux and very basic browsers without JS and boycott all this nonsense. Then the internet works VERY fast and secure.

  14. The T Word! by Anonymous Coward · · Score: 0


    TRUMP!

    A terrible obscenity, I know, but IN! YOUR! FACE!

  15. And by Anonymous Coward · · Score: 0

    Block these nasty trackers at the firewall. That is some initial work until you have the 153 worst tracking companies.

    Using an APK style /etc/hosts can help, too. (yeah, I know you hate this guy...)

    1. Re:And by stealth_finger · · Score: 1

      That is some initial work until you have the 153 worst tracking companies.

      153? seems oddly specific.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    2. Re:And by Plumpaquatsch · · Score: 1

      That is some initial work until you have the 153 worst tracking companies.

      153? seems oddly specific.

      Maybe he works for the 154th entry on the Forbes' 200 Worst Tracking Companies List?

      --
      Of course news about a fake are Fake News.
  16. Are you French ? by Anonymous Coward · · Score: 0

    "fighting is hopeless, do not do anything !!!"

    No, I guess you are a FB propaganda operative. Or one from Google, they do exactly the same $hit.

    1. Re:Are you French ? by Merk42 · · Score: 1

      "fighting is hopeless, do not do anything !!!"

      No, I guess you are a FB propaganda operative. Or one from Google, they do exactly the same $hit.

      Did you press the wrong button? GP never said that, nor even implied that.

  17. Tracking has become a addiction for companies by Anonymous Coward · · Score: 0

    Tracking users on the web is a big commodity these days. I'm not a tin foil hat person myself but see what Facebook does as completely over stepping lines of trust with users information. This is a company drunk with people's data and used it inappropriately. Google isn't far behind and I think a wave of government intervention is coming against these companies as well as the privacy advocates who have sounded the alarms for years on this growing trend of data collection and tracking.

  18. The radar, Sir, it appears to be JAMMED. by Anonymous Coward · · Score: 0

    RASPBERRY!

    1. Re:The radar, Sir, it appears to be JAMMED. by Anonymous Coward · · Score: 0

      I came here expecting exactly this. Was not disappointed.

  19. I'm a fucking genius ... apk by Anonymous Coward · · Score: 0

    See subject. I am a fucking genius because I can run ping on linux not as root
    Crazy right, but here I am able to do the impossiable
    All you fags can't which is why you should run my incredible APK hosts file engine version 77.839#^#W*+++ now for linux
    If you don't or disagree with me you are a fucking ne'er-do-well and I will fucking fuck your fucking face up

    1. Re:I'm a fucking genius ... apk by Anonymous Coward · · Score: 0

      See subject. I am a fucking genius because I can run ping on linux not as root
      Crazy right, but here I am able to do the impossiable
      All you fags can't which is why you should run my incredible APK hosts file engine version 77.839#^#W*+++ now for linux
      If you don't or disagree with me you are a fucking ne'er-do-well and I will fucking fuck your fucking face up

      So you discovered what capabilities are for? Great! You're only years and years behind slightly competent sysadmins. You deserve a participation trophy, that'll make you feel better.

  20. Here's why I'm looking sideways at this - by sabbede · · Score: 3, Interesting

    I'm using pfBlocker to filter DNS on my home network. You know what doesn't work without being able to talk to tracking and ad-serving servers (including google's for some reason)? The iTunes App Store.

    1. Re:Here's why I'm looking sideways at this - by Anonymous Coward · · Score: 0

      Are you sure about that? I use Little Snitch to tightly manage outbound traffic, to include Apple's products. Google is, in my experience, far and away the worst offender. They freely mix their IP space so a doubleclick server IP will also be a gmail IP will also be a youtube IP, will also be used to server google analytics will also be used for gstatic, and so on. Because I block all doubleclick this meant I lost access to youtube (I know, small loss) until Little Snitch got smarter about hostname filtering.

      While Facebook is horrid (and are completely blocked) they lack the breadth of services that Google has which makes them far less pernicious.

      In all of this I've never had trouble with iTunes. Admittedly that is on the desktop, not on an iDevice, but given the high degree of overlap I'd be surprised if it affected one and not another.

  21. Re:Black Muslim is a **RACIST** religion by Anonymous Coward · · Score: 0

    I love black muslims. All hail black muslims!!!

  22. Apple cart by spinitch · · Score: 1

    Don't upset the Apple cart? Wonder how far Apple evaluated their own SNS FB alternative? Seems time might be ripe to trip the FB giant.

  23. Hardly news ... by Anonymous Coward · · Score: 0

    "We've all seen these - these like buttons, and share buttons and these comment fields. "Well it turns out these can be used to track you, whether you click on them or not."

    For those of us who have been using ad-blockers for a long time, this is hardly news.

    All of those third party images, CSS, javascript ... all of that shit can track you because you have to make a request to that server.

    Tools like HTTP Switchboard and uMatrix let you selectively block the third party crap. If your browser doesn't make a request to the server, they can't track you.

    Facebook's embedded shit is all over the place, but so are dozens of other entities who add no value to your browsing experience.

    It's all well and good to single out Facebook, because they probably are the biggest offender ... but there's literally hundreds of other entities who are just ads, tracking, and other forms of parasites.

    It's time we stopped making the web so that we make requests to the dozens of useless crap in the average web page aren't even getting requests from us.

    The problem is web developers are lazy and want to bring in libraries from god knows where, and they are also greedy, which means they've embedded tracking shit from a bunch of third parties in their web page.

  24. Legislation by JBMcB · · Score: 2

    Legislation may help, but the GDPR is a nightmare. This Week In Law had an entire episode critiquing it.

    --
    My Other Computer Is A Data General Nova III.
    1. Re:Legislation by dAzED1 · · Score: 1

      No, it's not. It also had years of warning, so I have zero pity for companies of any size that waited until the last few weeks to even think about it.

  25. VPN Required? by atrex · · Score: 1

    I don't see how any of these methods put a stop to user tracking unless you're using a VPN to obfuscate your source IP address. So is Safari going to include it's own free VPN service like Opera? Or is this all just a bunch of noise to try and capitalize on the anti-Facebook sentiment and gain market attention?

    1. Re:VPN Required? by WinstonWolfIT · · Score: 1

      Astute. I rotate between Argentina and Albania which results in me being completely untrackable.

    2. Re:VPN Required? by Anonymous Coward · · Score: 0

      That is a good point. A VPN is a required part of the solution, but of course is only one part of many that are needed.

    3. Re:VPN Required? by Anonymous Coward · · Score: 0

      Now if only you can put an end to the frequent flyer adds that keep popping up discount flights between Argentina and Albania!

  26. Apple only targeted ad by lorinc · · Score: 0

    In other news, Apple wants to be the only one to be able to track its demographic to perform targeted advertising.

    --
    Video of some good progressive thrash music
    1. Re:Apple only targeted ad by TheFakeTimCook · · Score: 1

      In other news, Apple wants to be the only one to be able to track its demographic to perform targeted advertising.

      Except they don't. And the truth is in the fact that I have NEVER seen an Apple-related ad show up anywhere that wasn't completely expected.

  27. or virtual machines by goombah99 · · Score: 1

    if it's plug ins it's pointless. You might as well say, just run every browser window in a different virtual machine. It's so simple!!! not. Plug ins mean maintaining plugins over time and trying to figure out which one broke which website, maintainging a different whitelist for every plug in, and removing them when they go out of date, that's a mugs game.

    --
    Some drink at the fountain of knowledge. Others just gargle.
  28. Been doing it for ages via hosts files... apk by Anonymous Coward · · Score: 0

    See subject: Been doing it for ages via hosts files, a native part of your OS' IP Stack operating in faster kernelmode (more CPU priority = why), do the job vs. tracking via DNS requestlogs, CSS & 3rd party scripts, + vs. malware, botnets etc. - et al!

    * Nicest part is SOON it will be ready for MacOS X (via the port to BSD that's almost done too) as it is ready for Linux via APK Hosts File Engine 2.0++ 64-bit for Linux built in FreePascal + Lazarus 1.8.2 Object Pascal (no C buffer overflow possible in Pascal strings as there is in C - & the program deals HEAVILY in strings)!

    (It's FAR faster & more efficient than the Windows model done in Delphi XE 4 (that will be changed to this current better codebase as well)).

    APK

    P.S.=> It does more for security/speed/reliability & even anonymity vs. ANY single "so-called 'competitor'" doing far more for far less + NO "Bolt-on-'MoAr'" ILLOGIC LOGIC complexity that leads to exploitation... apk

    1. Re:Been doing it for ages via hosts files... apk by Anonymous Coward · · Score: 0

      Cool story bro

    2. Re:Been doing it for ages via hosts files... apk by Anonymous Coward · · Score: 0

      kewl story bra.

  29. Aw, poor pussy's impersonating me again... apk by Anonymous Coward · · Score: 0

    Aw, poor pussy's impersonating me again: Gave up stalking me now pussy? Why's that?? Because it shows you stalk me, freak. As I've said before - tell me your name, address, & phone # - I'll verify it & then meet you, face-to-face, & settle this man-to-man (problem is, you're NO MAN, & a pussy (& you KNOW it, constantly proving it)).

    * By the way - On Linux, you need sudo to run ping & thus Root - I beat it & 3rd party toolkits for FreePascal didn't so there ya go (don't YOU wish you had the skills to do that? You never will, as you ARE a total loser "ne'er-do-well" DO-NOTHING ZERO dunce, lol...).

    APK

    P.S.=> Lastly, pussy? I posted here https://yro.slashdot.org/comments.pl?sid=12190270&cid=56730982/ - Go on, "downmod it" & I'll run you DRY of your abused 'downmodpoints' as usual & repost + win, as I always DO vs. "your kind" (pussy "ne'er-do-well" stalkers with no skills)... apk

    1. Re:Aw, poor pussy's impersonating me again... apk by Anonymous Coward · · Score: 0

      Impostor.

    2. Re:Aw, poor pussy's impersonating me again... apk by Anonymous Coward · · Score: 0

      You're wrong, you don't need root privilege to run ping on Linux system. Even for advanced tools like wireshark, there's alternative way so you don't need root to run them, google it.

    3. Re:Aw, poor pussy's impersonating me again... apk by Anonymous Coward · · Score: 0

      Also sudo doesn't always mean root, you can sudo for other users, other than root. "man sudo" for more info. Here is the excerpt: "sudo allows a permitted user to execute a command as the superuser or another user, as specified by the security policy"

  30. A better story where I tell you off bitch... apk by Anonymous Coward · · Score: 0

    See subject & this - as fair as fair gets as you stalk/harass me via unidentifiable anonymous posts https://yro.slashdot.org/comments.pl?sid=12190270&cid=56731102/ you waste of life...

    * You're SHIT & you KNOW it pussy (you constantly PROVE it for all to see, hence your unidentifiable anonymous pussy posts stalking me).

    APK

    P.S.=> Like I said - give me your name, phone # & address - I'll verify if it's real or not, & then come meet you face-to-face/man-to-man (you don't qualify weasel - you're no man & a punk) & settle this once & for all... ok? Run, BITCH - run... apk

  31. LOL! Trying to "downmod hide" TRUTH/FACT? by Anonymous Coward · · Score: 0

    SysAdmins = DEPENDENTS on programmers like MYSELF to write what they merely use. Sysadmin = a user w/ a better password, nothing more (fact).

    * Writing ScriptKiddie SCRIPTS != coding, period (especially when THEY DON'T WRITE THE PROGRAMS they merely stitch together in scripting).

    (I find it HIGHLY AMUSING & typical of you whimps trying to "downmod hide" when I posted this last time here https://yro.slashdot.org/comments.pl?sid=12190270&cid=56731318/ )

    APK

    P.S.=> Don't LIKE that TRUTH boys? Too bad - it's NOTHING BUT truth + fact (& I'd race my program vs. ANY shit tty terminal script any day of the week + there IS no other like it in GUI ease of use for Linux I've seen either)... apk

  32. HALLELUJAH ! by TheStickBoy · · Score: 1

    ^ what the subject said

  33. YOU = Using OTHERS' work again, lol... apk by Anonymous Coward · · Score: 0

    See subject: W/ ping itself you need sudo OR it hangs. I do what "advanced tools" like wireshark do (advanced = keyword, unlike "sysadmin" scriptkiddies) MYSELF!

    That's right - no 'scriptkiddie' dependence on work of others using their programs like "sysadmins" LMAO (which I could've done via TProcess invisible launch of ping itself piping outputs BACK to GUI via RunAsRoot (which I won't do - it'd give goof 'sysadmin' script kiddies who DO have to use Root & I DON'T as I actually code, some ammo to try "fire" @ me (hypocrite scriptkiddies))!

    * Put it THIS way, again - 3rd party toolkits for Object Pascal/FreePascal (specifically Lazarus GUI apps, where the pipe to GUI interfaces obviously fail (there's the key)) DO fail in it - period.

    (I know - I had doubts in what I was doing & TRIED their code, though I was LOATHE TO DO SO vs. using my OWN work, & found what they DID say "worked" didn't, pasted VERBATIM from their forums - SO, unlike you "SysAdmins" who HAVE TO USE code written by guys like myself OR WIRESHARK? Guys like myself, who actually code, not scriptkiddie use of our work, GET THE JOB DONE... & you DO depend on US).

    APK

    P.S.=> Learn to read - ping itself HAS to be run via sudo (system policy MAC of somekind I imagine, since the IP stack API itself I translated into Object Pascal from C, does the job perfectly & FASTER vs. ping on ANY OS, minus Root/Admin/SuperUser status)... apk

  34. You LOSE & USE others' work, scriptkiddie! by Anonymous Coward · · Score: 0

    See subject & this (as you try "forums slide bury" fact scriptkiddie mere USER w/ a better password using OTHERS' work) https://yro.slashdot.org/comments.pl?sid=12190270&cid=56732338/ & yes, I know that - so don't even TRY "browbeat" me you do-nothing UNIDENTIFIABLE anonymous "ne'er-do-well" SCRIPTKIDDIE user of others work (specifically coders like myself that DO "advanced things" as yes, WireShark is capable of & SO AM I - not you or "your kind", lol (scriptkiddies)).

    * Doesn't CHANGE THE FACT I stated that you NEED Root access to run ping on Linux - period (you lose, again).

    (Trying to "twist" what I wrote, chump? Weak - like YOU!)

    APK

    P.S.=> Hilariously easy to show WHAT you are & seeing you try "downmod hide" my posts (or forums slide 'bury them' too) of truth/fact about "your kind" scriptkiddie, lol... apk

  35. Allow default alternate iOS browsers by Anonymous Coward · · Score: 0

    Other high-security browsers available in the App Store already do this. It's good they're adding it to Safari, but I don't want to have to wait for Apple to fix problems. They should allow us to change the default iOS browser.

  36. Another way to put it... by Anonymous Coward · · Score: 0

    Some months down the road, the sanctimonious iPhone crowd throws a hissy fit over the latest FB related data scandal of the week. "Why do they know all of this about me?" "Because you opted in, retard."

  37. Already in Palemoon by Anonymous Coward · · Score: 0

    Go to about:config

    Then set canvas.poisondata to true

  38. amazing by Anonymous Coward · · Score: 0

    once again apple demonstrates how shitty ipen sores software is, firefox and chrome simply cannot compete with the amazing level of innovation that is apple

  39. Re: Trump will die in prison a traitor by Anonymous Coward · · Score: 0

    You sound like you gobble buckets of knobs.

    Must be a friend of APK then