EFF Releases Privacy Badger, an Addon That Algorithmically Blocks Online Trackers

New submitter zfc writes: Online tracking has become a pervasive invisible reality of the modern web. Most sites you load are likely to be full of ads, tracking pixels, social media share buttons, and other invisible trackers all harvesting data about your web browsing. These trackers use cookies and other methods to read unique IDs associated with your browser, the result being that they record all the sites you visit as you browse around the internet. This sort of tracking is invisible to most web users, meaning they never get the option to agree to or opt-out of it. Today the EFF has launched the 1.0 version of Privacy Badger, an extension designed to prevent these trackers from accessing unique info about you and your browsing.

How good is it?

[Visarga]

Should I replace Disconnect.me with it?

Re:

[rvw]

Should I replace Disconnect.me with it?

Isn't Disconnect a tracker service itself?

Re:How good is it?

[joelpurra]

Disconnect.me uses a blacklist based on known tracker domains. Given that this blacklist based blocking only detects about 10% [1] of global top web sites' resources from third party domains (loosely defined as "not the same domain, nor a subdomain"), using heuristics like Privacy Badger is probably better. Either way, they can work together. Blacklists are convenient but easy to get around for tracker companies (for example by buying a new domain). Shared whitelists are convenient, but will invariably add too many or too broad exceptions too please more users, allowing tracker companies to sneak past (for example by using, by disconnnect.me, whitelisted cloudfront.net and other CDNs for easy forwarding/domain masking). Having a personal whitelist that you maintain yourself to your own needs is a good way to go. I personally use Matrix for resource whitelisting, with a stricter ruleset blocking all third-party domains by default. It's easy to whitelist specific resource types per domain (like css and images, but not javascript), I understand that most people don't care enough to bother though. https://github.com/gorhill/uMa... [github.com] [1] I have researched third party resource usage and blocking specifically using disconnect.me's blacklist, so go ahead and check it out. [/shameless plug] http://joelpurra.com/projects/... [joelpurra.com]

Re:How good is it?

[joelpurra]

I'm not involved in the development of uMatrix nor Disconnect.me, I just used Disconnect.me's blocklist for scientific third-party/tracker research.

• Ghostery uses a blacklist, so it's always running behind tracker companies. Plus, Ghostery itself is owned by an marketing company.
• uBlock was created by the same guy who created uMatrix, Raymond Hill (gorhill), but Matrix is much more fine-grained for advanced users. (Block has been forked, and it looks a bit messy.)
• ScriptSafe looks like a limited and messy version of uMatrix, and also seems to use some code written by Raymond Hill (gorhill). Haven't tried it though.

Basically, I would replace these with uMatrix.

Re: How good is it?

[Threni]

On android, ublock handily blocks ads too. Not sure about messy; codebase? Once installed you don't even see it, it just works in the background.

Re:

[joelpurra]

Not sure about messy; codebase?

Sorry for using the same words in different ways that close to each other; in this case I meant that the forking [github.com] seems [wikipedia.org] messy [github.com]. uBlock origin [github.com] was created and is maintained by the original author, but the fork marketed as simply uBlock on ublock.org is not (at least not anymore).

Re:

[K. S. Kyosuke]

using heuristics like Privacy Badger is probably better

Now you are doomed. The hosts file army will obliterate you, all one of them.

Re:

[Anonymous Coward]

While we are on the topic of blocking malware, DoNotSpy10 [pxc-coding.com] is an essential tool if you are using Windows 10 to decrapify it of spyware and ads.

Re:

[dszd0g]

And of course, some people are saying that DoNotSpy10 itself contains spyware in its installer (OpenCandy):
http://www.wilderssecurity.com... [wilderssecurity.com]

It is not open source, and does not appear to be trustworthy.

I think it is probably much safer to just follow instructions for oneself, like these:
https://fix10.isleaked.com/#12 [isleaked.com]

Re:

[Anonymous Coward]

It's so good that I've stopped using AdBlock and instead just have Privacy Badger and FlashBlock.

Re:

[JMJimmy]

It's so good that I've stopped using AdBlock and instead just have Privacy Badger and FlashBlock.

Sure if you want 3rd party ad services to install malware/spyware/etc on your system.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[lsatenstein]

I've been using it for about 2 months. Now that version 1 is out, I will upgrade. I do prefer it to adbloc. It will require some manual settings that you must make to benefit from it. For example, when you visit a page, or a site, it will tell you about the trackers and provide you the option to disable the ones that you deem harmful to your system or to your privacy. By the way, once setup, for a site, it remains that way, until the trackers arrive with new names. That has not happened to me yet.

Re:

[Stan92057]

Ublock is not user friendly its not for casual users its for advanced.

Re:

[Anubis IV]

uBlock is extremely user-friendly. It's basically just one button: an on/off toggle. uMatrix is the extensions that's aimed at advanced users and provides both additional information and more granular control over what's getting blocked.

Re:

[grub]

Thanks for the tip of uMatrix, folks. Trying it out now to see how it works compared to NoScript, AdBlock+, et al.

Re:

[Stan92057]

No i disagree its not. Tell me just what i should choose? And no the default option isn't and doesn't always remove what you want sometimes they keep coming back even after choosing the default option to block.Their is no way to report unbockable items, no way to report unblocked popups and so on. Sometime it blocks the whole site by accident why would a casual user know what to do to fix it except to uninstall it. What would a casual user do when given the below options?

Click, Ctrl-click #

Re:

[Anubis IV]

uBlock isn't perfect (few things in life are), but the fact that it comes up a bit short in some areas doesn't mean that it isn't user-friendly. I installed it on my (non-technical) wife's computer two weeks ago and as far as I know she's had zero issues with it. She's able to browse all of her sites without problem, but now they load significantly faster and have a higher visual signal:noise ratio.

Moreover, if you're talking about being persnickety enough to want perfect blocking and are willing to go so f

Re:

[Stan92057]

I an just fine with ublock. I said for casual users and i am sticking by my comment. We agree to disagree.

Re:

[Anubis IV]

Let me know when it runs in Windows 10 and/or OS X. Otherwise, you're wasting your time posting your copy/paste spam in response to me yet again. I'll actually take a look at it if I can run it on my home systems though, since I do like keeping an updated hosts file in coordination with the other ad blocking tools I use.

Re:

[davester666]

No, as they are doing a global 'man-in-the-middle' attack on the internet.

Re:

[chewy_fruit_loop]

ghostery blocks 6 from this page alone

Re:eff? I will try it

[JSG]

Privacy badger sees 7, no sorry, 8 trackers on this site (an extra one appears when you hit Reply)

Been using it since it came out - very light on resources and does one job well.

Re:

[AmiMoJo]

It's an excellent add-on because it doesn't rely on blacklisting like other privacy blockers do. It simply looks for 3rd party hosts are seem to be tracking you (e.g. reading and writing the same cookies across multiple 1st party domains) and blocks them.

Re:

[JMJimmy]

Privacy badger sees 7, no sorry, 8 trackers on this site (an extra one appears when you hit Reply)

Been using it since it came out - very light on resources and does one job well.

I must be doing it right, I only get 4. Unfortunately, Privacy Badger doesn't seem to function properly - it tells me there are 4 but will never load up the list and several of the buttons are unclickable.

Ghostery works in Safari

[bogie]

Privacy Badger has no support for Safari which makes it a no go for most Mac users.

Re:

[lsatenstein]

Privacy badger sees 7, no sorry, 8 trackers on this site (an extra one appears when you hit Reply)

Been using it since it came out - very light on resources and does one job well.

I second your experience. Its a great tool

Re:

[CauseBy]

Yep. My Ghostery says 7.

1.0? Current version is 2015.8.5.1

[UnknownSoldier]

I've been running this for a while now. It is a little strange they say version 1.0 has been released when the current version is numbered 2015.8.5.1 ?

The fine article mentioned:

Privacy Badger 1.0 works in tandem with the new Do Not Track (DNT) policy, announced earlier this week by EFF, Disconnect, Medium, Mixpanel, Adblock, and DuckDuckGo.

Honestly, it is not always obvious that is actually working. I mean, sure, there is a red number shown how many sites it has blocked, but the actual useful stat is the options which lists ALL the sites you have visited that are tracking you: chrome-extension://pkehgijcmpdhfbdbbnkijodmdjhbjlgp/skin/options.html

Maybe I guess that's the point though -- it just works in the background so there is one less thing to worry about.

Re:

[Dins]

It is a little strange they say version 1.0 has been released when the current version is numbered 2015.8.5.1 ?

"2015.August.5th.Version 1", perhaps? Just a guess.

Re:

[Trax3001BBS]

http://www.yro.slashdot.org/st... [slashdot.org]

2015 story has a new version.

Thank you, I've been running it since that story with Firefox. Looking for a version # I found that Privacy Badger has been on auto update (something I normally disable in any program) so not sure what version I started with.

It's FireFox I only use it when I must and always as a gateway to my games.

Privacy badger is ok, I wouldn't run it alone. I posted about Privacy Badger just a few days ago, /. shows 3 blocks others showed they had many more; I use a HOSTS file so know what's being blocked just not where

Re:

[U2xhc2hkb3QgU3Vja3M]

One thing that annoys me to no end with Chrome is the stupid "status bubble". I hate when things move on the page I'm trying to read and having that stupid thing fade in and out every time I hover a link is just too distracting. And in typical Google we-know-better-than-you fashion, there's no option to disable this stupid thing and get a classic status bar instead.

Re:

[Anonymous Coward]

The point is not to give you irrelevant ads, that's just the consequence of the extension's real purpose, which is to block tracking.

Re:

[CauseBy]

What ads? I don't see any ads.

I always hear that question -- don't you want to see ads that interest you? Yeah, sure, and I've never seen one of those in my entire life, so I'm willing to go on assuming that I won't. It's not theoretically impossible but I have better things to do than worry about it.

Re:

[sudon't]

It's probably their evercookie, (thanks a lot, Samy!). Try deleting FB's cookie. Watch it pop back up. You have to kill the browser to get rid of it. Plus, you have those FB "share" buttons on every web page, nowadays. Ghostery can block those, I believe.

Re:

[sudon't]

Yes, yes, we've all seen your spam a million times. Which is why it's called spam. Why not try to keep it down to one per thread? You'll come across as less of a lunatic.

Not bug free

[ebcdic]

Privacy Badger claims there are 67 trackers on this page, including ones from NASA and British Telecom.

Poison the well

[superid]

I'd rather disrupt the whole tracking network by injecting false information on a mass scale to ruin the economic value of tracking.
Are there any add-ins that do that?

Re:

[Rob Lister]

I don't know if it is feasible but I kind of like that idea. What are the downsides?

Re:

[cbp2]

I actually suggested this directly to EFF a year or two ago. Basically have some extension that lowers the signal-to-noise ratio to the point where you can't find the signal. There are problems with this approach, though. You would need to trigger a lot of extra network traffic to hide your true (intended) actions. Also, if you want to hide all searches/traffic, you'd have to have your extension do a lot of fake pr0n traffic, too. Would everyone want an extension that does that? And finally, there are lots

Re:

[CauseBy]

Seriously. I grew up with cable TV and then one day I was at a friend's house and he turned on cable. An ad came on and, even as a young child, I couldn't figure it out. I asked him, don't you pay for cable? So why are there ads?

I never outgrew that, and I've never paid for cable in my adult life.

Re:

[CauseBy]

Any degradation of the quality of the 'signal' is good, and more is better but the noise doesn't have to really completely overwhelm the signal. Reducing the advertising value of the data by any amount would be progress, at least.

Re:

[paul_metcalfe]

AdNauseam is all about this poisoning of the well: https://dhowe.github.io/AdNaus... [github.io]

Re:

[grumpy_old_grandpa]

TrackMeNot is good to flood search engines
http://addons.mozilla.org/en-U... [mozilla.org]

AdNauseam is about flooding click ads
https://addons.mozilla.org/en-... [mozilla.org]

Flagger is more poking fun at surveillance organizations
https://addons.mozilla.org/en-... [mozilla.org]

Re:

[Gonoff]

Version 1 of a product is the point where something changes from "pre release", Beta, Developer edition, Alpha etc to Live.
I imagine that a lot of people here are familiar with using Betas - or even create them.

Like you, I have been using Privacy Badger for a while now but now, it is no longer experimental - hopefully anyway.
It should continue to update with time. Good luck to them.

Advertisments, in my mind, tend to be for things that will make the producers money. The EFF is not asking for money for th

No on-off switch

[X10]

You can switch Privacy Badger off for a specific page, but you can't turn if of altogether. If you want it to pause blocking, apparently you need to uninstall, then later install again when you want to resume blocking. I sometimes use "pause blocking" in Ghostery, which for this reason I prefer over Badger. Also, Ghostery has a switch for "block all trackers", In P Badger, you have to switch them on one by one.

Re:

[Anonymous Coward]

Any decent browser will let you disable the addon without uninstalling it...

Won't work

[Artem S. Tashkinov]

First of all there are immortal cookies (infinite cache entries created specifically for your unique PC). Secondly, there's a unique combination of your web browser + OS + fonts + plug ins: https://panopticlick.eff.org/ [eff.org] Thirdly, there are unique patterns in your behaviour (websites that you visit and how frequently you do that) and other wonderful metrics to trace you.

If you want to avoid being traced and tracked there's just one way:

• You buy a single time anonymous SIM card.
• You go to some public place

Re:

[CauseBy]

It's not binary. It's not "tracked" vs "untracked". It's a question of how expensive it is to track you and how reliable the data is. Raise the cost and fewer advertisers will bother. Raise it high enough and maybe we can substantially damage the ad industry.

I thought

[Ol Olsoc]

There was an add on that would send bogus information to the trackers. If not, there should be.

Re:

[CauseBy]

Oh for fuck's sake not this guy again. Why can't Slashdot filter this bozo out?

Re:

[K. S. Kyosuke]

Not really, because it doesn't solve the same class of problems.

Re:

[K. S. Kyosuke]

How can you block things with undesirable contents using IP level rejection? A single domain or IP address can serve both things that you want and things that you don't want.

Seamonkey

[blivit42]

Too bad it still doesn't work in Seamonkey :-(

How much will it help when used with NoScript?

[Bathroom Humor]

I only use Adblock Plus and NoScript, because I feel like I'd get diminishing returns from using 4 different addons for privacy and blocking bad traffic due to stacked redundancy.

How much will this help me out?

Got an alert! My first one with PB, one years use.

[Trax3001BBS]

https://www.robtex.com/ [robtex.com] clicking on a disqus.com icon you will be met with a requester to abort and reason: "Logging into Disqus can allow it to track you around the web". Answering no shows what u had to post was not that important.

My Post was to help, the IP address 72.21.91.29 shows over 100 pages containing malware (most I've seen) but it's a feed for the UseNet where Malware is expected and fairly obvious. Not a big deal.

I took a back door approach to get a disqus.com account (through robtex.com) I had

Re:

[Trax3001BBS]

it's just http://testmy.net/ [testmy.net] was Google yet they hid the fact, vs Flurry.com, it took some digging and many links from original ToS but you would find a Google ToS. A post reply was by one of the admins of how much they enjoyed working for Google, and I questioned the ToS; It was changed to a Google ToS; Changed now to: no clue (not read yet)

Read, it takes a link from "Third Parties & Use of Cookies" in the Privacy Policy to show it is a Google site http://www.google.com/policies... [google.com]

Re:

[fph il quozientatore]

Yeah, this! Who could imagine, for instance, a leading commercial search engine replacing their logo with playful images and games every few days, to celebrate past events?