Why Do-Not-Track browser settings are useless and what to do about it


#1

Originally published at: https://boingboing.net/2018/10/17/no-call-list.html


#2

I’d also suggest uMatrix, which offers both granular and global control of various browser behaviors, using a brilliant UI that also serves as an informative infographic of what various sites are trying to do on your computer.


#3

This is the /robots.txt of the new m̶i̶l̶l̶e̶n̶n̶i̶a̶ (edit) millennium.


#4

Singular, I hope…


#5

I double up my ad blocking with Privacy Badger and uBlock. Occasionally one or both will bork some site and i have to turn them off to get something to work. Like sometimes i can’t login to some sites, embedded content from twitter, youtube and other social media fail to load sometimes. But still i have no regrets running additional ad blockers.


#6

Definitely assumed as much.

Also, I just don’t have the inclination to put the amount of effort it requires to stay even somewhat anonymous, so if the man or whoever wants to come at me it just is what it is. My operating philosophy is that I’m too insignificant for anyone to bother.

I am a


#7

A reasonable expectation of privacy these days is a pipe dream.
In case you missed it, corporate America has turned you into the product. You are worth $12.00.
Enjoy your plutocracy.


#8

Better than

Midlander: There are some


#9

I run several plugins to try to keep me sort of anonymous. But there’s so much stuff that browsers send out that even I can’t seem to prevent and they’re still creating profiles from that. Capitalism…


#10

And how many trackers does Boing Boing use? Do they respect DNT?


#11

A handful, but honestly that’s nothing compared to the average site which often has a couple dozen of them. It’s a couple of ad companies and the omnipresent google analytics.


#12

I counted 33 things being blocked by uBlock Origin and Privacy Badger on the article page. They may not be unique. But they are being blocked.

There are ony 8 blocked on this page.


#13

I’m not sure only 8 makes it ok. Kind of like being shot by 8 bullets instead of 33. I mean, yes, some pages have a lot more 3d party trackers and scripting, including real-time ad auctions for your eyeballs, but is this really a sliding scale issue? Or a threshold issue?

Ghostery shows 11 trackers on the BoingBoing article page, not including other 3d party scripting not specifically designated by them as trackers.

I block them primarily for security purposes. I don’t have ad blockers per se, I have 3d party scripting blockers to help prevent injected malware from affecting my system.


#14

For all intents and purposes this is the same thing. There are no ads that are immune to the danger of malware.


#15

This relates to one of the reasons I find those “You are using an Ad Blocker!!!” scripts so annoying. No, I’m not. I’m not trying to block your ads. Any ads served up by your own domain will be completely visible to me. I’m only blocking third party content from other domains for security purposes. NYT asks me to white list them - they already are white listed, which is how I can see them at all! What they want me to do is white list other domains they don’t control that provide un-vetted scripting and behaviors to their site.

Also, big companies need to stop using random new domains for different services including logins and updates, like the way Adobe uses a special domain for acrobat updates that looks like a phishing attack. They need to use subdomains of their primary domain so I can know to whitelist them. Otherwise these companies are training me to be phished.


#16

I’d like an adblocker that clicked on obnoxious company’s links and trolled around it’s pages uselessly, quietly in the background. I could then happily surf knowing I was making these assholes pay click cost for nothing.


#17

Sounds like a good idea, but the cost of one unique visitor is a small fraction of a cent. So unless half the world adopts your idea nothing much will happen. And you’d still need to allow all the tracking scripts to run, since without them no money will be changing hands. Kind of defeats the purpose.


#18

Just looking at noScript on the BBS, I’m seeing Quantserve, Scorecard Research, and Google Analytics. I don’t know why they’d need all three on the BBS subdomain which doesn’t run ads anyway.

On the main site (which I never visit), I’m seeing

  • crwdcntrl
  • dtcn
  • facebook
  • Google Analytics
  • quantserve
  • scorecard research
  • stackcommerce and stack sonar (linked with the BB store I’m sure)
  • unrulymedia
  • stats for wordpress

And I’ve blocked 3rd party scripting by default as well as running a pretty hardcore list in uBlock origin so I’m sure a lot of stuff just isn’t showing up because the filtering blocked it way ahead of time.


#19

These and a VPN make me feel better.


#20

I hate to be the bearer of bad news, but Ghostery’s parent company Evidon sells your data.

There’s no way to use the modern web without being tracked. Addons make your browser more unique, making it easier to “fingerprint” you. It’s a catch 22. I’ve opted to go full wingnut with ad-blocker, canvas blocker, VPN, pi-hole, ad-blocker-blocker-blocker, etc., but it doesn’t really matter. It can’t be fixed by an end user.