Slashdot Mirror
Chrome, Safari and Opera Criticised For Removing Privacy Setting (sophos.com)
It's a browser feature few users will have heard of, but forthcoming versions of Chrome, Safari and Opera are in the process of removing the ability to disable a long-ignored tracking feature called hyperlink auditing pings. From a report: This is a long-established HTML feature that's set as an attribute -- the ping variable -- which turns a link into a URL that can be tracked by website owners or advertisers to monitor what users are clicking on. When a user follows a link set up to work like this, an HTTP POST ping is sent to a second URL which records this interaction without revealing to the user that this has happened. It's only one of several ways users can be tracked, of course, but it's long bothered privacy experts, which is why third-party adblockers often include it on their block list by default.
Until now, an even simpler way to block these pings has been through the browser itself, which in the case of Chrome, Safari and Opera is done by setting a flag (in Chrome you type chrome://flags and set hyperlink auditing to 'disabled'). Notice, however, that these browsers still allow hyperlink auditing by default, which means users would need to know about this setting to change that. It seems that very few do.
Until now, an even simpler way to block these pings has been through the browser itself, which in the case of Chrome, Safari and Opera is done by setting a flag (in Chrome you type chrome://flags and set hyperlink auditing to 'disabled'). Notice, however, that these browsers still allow hyperlink auditing by default, which means users would need to know about this setting to change that. It seems that very few do.
... and made Firefox lift its game out of complacency, but it is long past the time to return to FF.
Just seek out one of the alternatives, it's sad that these mainstream browsers are ok with the privacy issues that tracking incurs but hey, we are the product right? I'd gladly pay for software, browsers included that doesn't track and pay a premium for actually defending my privacy without ambiguous TOS that changes every time the wind shifts.
Harrison's Postulate - "For every action there is an equal and opposite criticism"
Modern webExtentions are neutered by design by the advertising industry funding Chrome and its puppet Mozilla. Even Pale Moon is neutered by blacklisting of extensions.
I couldn't find any response from Google, though there could very well be. But this just seems like a shortcut for something Google and others have done for a long time, which is just use an intermediate link as the tracker, which just does a redirect to the ultimate destination. A site admin could just replace any links on the site with intermediate links to the tracker/redirector.
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
I'm not sure why you think those three browsers are repackaged versions of each other. Apple forked WebKit in 2010 as WebKit2 for use in Safari, and hasn't used WebKit proper since it made the switch. Google forked WebKit in 2013 as Blink for use in Chromium/Chrome, and hasn't used WebKit proper since it made the switch. In the last few years, Chromium has been adopted by Opera and Microsoft, but Safari—despite having started at the same place that Chrome started—today remains on a different foundation. That Safari is making this change at the same time as the others is due to political/corporate maneuvering, not technical changes.
Also, while there are valid arguments to be made against a browser monoculture—a problem that WebKit-based browsers are contributing to—that doesn't mean that the rendering engines themselves are bad. Far from it, I think most people would agree that on their technical merits, WebKit-based engines are among the best we have, and certainly aren't bad enough to justify your vitriolic frothing against them.
Yes, it is trivial to fix, though you have to write an extension with the scary "can look at all web pages you visit" permission since it has to muck with all pages.
There's a standard mechanism to inject a script into every page that loads. You would set it to inject on every page and frame. The script should look for any a tags with the ping attribute, and remove the attribute. Then you want to set up a MutationObserver (or whatever the newer API is now?) to detect any changes to the page which could add in ping attributes to a tags or new a tags. When the event fires, you run your code again to scan for a tags with ping attributes and remove the attributes.
That's the basic functionality and it would not take long to make. You'd probably want to make it fancy by adding things like a pings blocked counter or whatever which would take longer. Such extensions probably already exist.
The one Pale Moon "blacklisted" refused to fix serious issues with getting it running on PM so the PM team simply replaced it with uBlock Origin, they even have a handy updater that contacts Github and grabs the latest uBlock version compatible with PM so you don't need to deal with keeping up with versions.
Considering uBlock actually works with PM and does the same job while the later versions of NS was crashy AF on PM? I really see blacklisting an extension that wouldn't work properly as a non issue as uBlock does the same job and is compatible. BTW feel free to contact the NoScript dev and ask him to support the latest version of PM but don't be surprised if he tells you which bridge to jump off of as I've heard the dev is rather..."surly" and doesn't take criticisms or suggestions very well. A shame really but...well "not very sociable" developers aren't exactly a new thing are they?
ACs don't waste your time replying, your posts are never seen by me.