Firefox tracking protection sped up web browsing up to 44% in test


#1

[Read the post]


#2

Should be about 10 trackers at BB, per Ghostery’s count. The linked site (Venturebeat) has rather more :slight_smile:


#3

Clicking on the link, Ghostery blocked 22 trackers…and hey, a new one! Now I now have Madison Logic blocked as well. Maybe that just illustrates their point.


#4

Considering how SLOW some of these tracking domains can be, it’s not a big surprise. Our marketing department friggin’ LOVES them, but they’re a huge pain in my side as a developer.


#5

I’ve been pretty aggressive with both NoScript and LittleSnitch for many years now. I wonder how much real-world advantage I’ll actually derive from this setting. Probably not much, but I can always hope for a strong placebo effect.


#6

thank you i’ve switched on the no tracking


#7

I still use IE for some things (I know…I know) and it drives me crazy how slow it loads some pages.

The one “feature” I hate the most is the auto playback of embedded video content. I wish there was an adblock/ghostery component available for IE. I’ve found lots of hacks but none of them work as well.


#8

What’s the best method to do this in Chrome?


#9

#10

Yeah–I run ad blocking more for the speedup than for the ad removal as such.


#11

This would otherwise be great if it stopped trying to load blocked stuff after a reasonable amount of time. Most pages pose no problem, but some it gets stuck on for many minutes before finally giving up. It basically loads all the relevant stuff but some script in the background that it broke then keeps the browser occupied (this happens even on some Mozilla pages). It’s particularly annoying when I open multiple tabs.


#12

no idea what is best but https://www.eff.org/privacybadger will work


#13

Well, admitting that you have a problem is the first step. :wink:


#14

Yeah exactly, it’s a real pain in the arse when mobile to have most of one’s bandwidth sucked by irrelevant ads.


#15

I use Adblock + Ghostery + NoScript, and FF is amazingly fast and stable, even with dozens of tabs open. Always appalled when I see someone else looking something up on their browser at what a slow distracting crapfest it is. And crashy because those ads are what do it.

NoScript is too annoying for most people, but AdBlock + some privacy blocker will do most of it. And disable the java extension if that evil thing has wormed its way in there again. Without those, that’s how you get pwned - your computer’s having unprotected sex in Haiti (and Estonia, China, Russia, Nigeria, New Jersey, Edmonton…)


#16

I use a linux iptables firewall I wrote years ago that currently runs with around 263,000 IPV4 subnets blocked. It works well, but not everyone has that.

I run the Chrome browser without any plugins for most streaming video. I just recently rediscovered the old hosts file trick of listing blocked DNS names with the local ip4 address 0.0.0.0 . It works so well that I had to reinclude some blocked servers in order to use it.

On linux/unix systems the hosts file resides in /etc and looks like this:

#------------------------------------------------------------------------
# /etc/hosts:  This file describes a number of hostname-to-address
#              mappings for the TCP/IP subsystem.  

# IPV4 addresses
127.0.0.1       localhost 
192.168.1.1     linux1
192.168.1.2     linux2 

# IPV6 versions of localhost and co
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
#------------------------------------------------------------------------

On a Windows 7 virtual machine I have here, the default hosts file is located in and contains as follows with one line added at the end for a typical local network name.

C:\Windows\System32\drivers\etc>type hosts
#------------------------------------------------------------------------
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#       127.0.0.1       localhost
#       ::1             localhost

192.168.1.1		linux1			# I added this one
#------------------------------------------------------------------------

The trick is to take the names of ad servers, trackers, et al. and place them in the hosts file with address 0.0.0.0 . For example:

#------------------------------------------------------------------------
0.0.0.0 governmentsplargfreengroup.net
0.0.0.0 2oddones.net
0.0.0.0 c.wuffostat.net
0.0.0.0 displayhindquarters.com
0.0.0.0 looterspavilion.ru
#------------------------------------------------------------------------

…and so on.

The custom in web pages these days is to let such host references quietly fail, as otherwise the rain of intermittent site errors in ordinary browsing would be most oppressive. Since these accesses are directed to a local web server that either isn’t present or doesn’t fit the url they fail instantly. Pages load faster as their embedded ads and widgets do nothing and take almost no time to do so.

Performance issues that may obtain with large host file lists ( my current one is 24K+ ) can be mitigated using a caching solution like nscd or dnsmasq ( you can have many custom hosts files with dnsmasq ) on linux or by turning up the size of the Windows DNS cache, a registry tweak commonly found on Windows tuning sites. I have no familiarity with OS X, but someone who does should be able to identify a similar facility.

Where do such lists of web servers come from? The following shell script builds a merged hosts extract as shown above. Note that it removes certain domains that proved nice to have resolvable :slight_smile:

The script can probably be adapted to OS X pretty readily. The Cygwin utilities for Windows cover all the needed programs, but will take some installation work in order to open a bash shell and run this script. I haven’t tried it.

#------------------------------------------------------------------------
# getbadhosts.sh
# fetch bad hosts lists from 4 websites and boil them down to one 
# clean file with edits
#-----

cd /tmp
mkdir getbadhosts
cd getbadhosts

wget  http://www.malwaredomainlist.com/hostslist/hosts.txt
wget  http://winhelp2002.mvps.org/hosts.txt
wget  http://someonewhocares.org/hosts/hosts
wget  http://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&mimetype=plaintext

cat hosts* serverlist.php\?hostformat\=hosts \
 |dos2unix \
 |grep '^[0-1]' \
 |cut -d'#' -f1 \
 |tr [:upper:] [:lower:] \
 |sed 's/127.0.0.1/0.0.0.0/g'|sed 's/\t/ /' |sed 's/  / /' |sort -u \
 |grep -v 'localhost' |grep -v '0.0.0.0 local' \
 |grep -v 'hulu' \
 |grep -v 'paypal' \
 >hosts_blocked.txt

exit 0
#------------------------------------------------------------------------

#17

There’s also an element of safety…it’s easier for hackers to insert malware into a third-party ad provider than to go after individual sites (for example, TPB hasn’t ever been malicious itself, but has had ads on it which have been dodgy).


#18

Now, how do I get ghostery to work on my iPads?


#19

One of the main reasons I use ad blockers is that most ads are full of Javascript and other performance hogs. I didn’t mind the early Google Ads with their little 4 lines of text, or the better-behaved non-animated banner ads, but there’s way too much junk to let any of it stick around, and sorry if that means blocking ads on Boing-Boing and other sites I support, but I have to turn most of it off.


#20

Well, if you have a decent Wifi router, you can just firewall/blacklist all the garbage domains in the router before it ever gets to your ipads.