A New Browser Extension Blocks Any Websites that Use Google, Facebook, Microsoft, or Amazon (theverge.com) 111
The Economic Security Project is trying to make a point about big tech monopolies by releasing a browser plugin that will block any sites that reach out to IP addresses owned by Google, Facebook, Microsoft, or Amazon. From a report: The extension is called Big Tech Detective, and after using the internet with it for a day (or, more accurately, trying and failing to use), I'd say it drives home the point that it's almost impossible to avoid these companies on the modern web, even if you try. Currently, the app has to be side-loaded onto Chrome, and the Economic Security Project expects that will remain the case. It's also available to side-load onto Firefox. By default, it just keeps track of how many requests are sent, and to which companies. If you configure the extension to actually block websites, you'll see a big red popup if the website you're visiting sends a request to any of the four. That popup will also include a list of all the requests so you can get an idea of what's being asked for.
Black screen (Score:5, Funny)
Blank screen (Score:2)
Or at the least people will be wondering where their packages are because they can no longer pull up tracking.
Re: Blank screen (Score:1)
Re: Blank screen (Score:3)
In my country they use OpenStreetMap and sharing data with Google without user consent is literaly illegal.
Re: (Score:1)
Guess what consent is built into all those pesky EULAs...
Re: (Score:2)
Nice real-time test of ad blocker (Score:5, Interesting)
When in "locked" mode this extension won't display a page that contains a detected request. Instead it displays a big fat warning. Initially this seems pretty useless, but you can use it as a dead man's trigger to test your ad blocker in real time: lock down all of this extension's "big tech" domains (except the one you use for office work), while also leaving your ad blocker on. If you get stopped anywhere on the web, it'll be because your ad blocker fell down on the job.
Re: (Score:3)
Re: Nice real-time test of ad blocker (Score:2)
That falsely implies that
* ad == big tech, ... in reality, there are more ad companies ... I can assure you that is almost impossible.
* this blocker blocks all hosts from big tech,
In both cases, it's the vast majority, yes, but not 100%.
Re: (Score:2)
* ad == big tech, ... in reality, there are more ad companies
Those independent advertisers that you are imagining (as in, imaginary) are owned by Google. All of them. Its the first thing Google did after IPO: buy up every independent advertiser
Re: (Score:3)
No, Google owns 99% of the "legitimate" ad market.
There are plenty of websites that have ads that are not Google sponsored.
Think sites like The Pirate Bay, file lockers and other sites. No traditional ad network would sponsor them, but there are enough alternative ones that host fake download buttons and other stuff.
So no worri
Re:Black screen (Score:4, Funny)
I imagine that immediately after installing this utility the user will phone his ISP and complain that his internet stopped working.
Naw, they'll never be able to Google their ISP's phone number.
I doubt it will work (Score:2)
There's nothing to stop these companies from setting up multitudes of shell companies which will get their spam directly from these companies to pipe to you.
Re: (Score:2)
There's nothing to stop these companies from setting up multitudes of shell companies which will get their spam directly from these companies to pipe to you.
You probably think adblocking doesn't work too.
Re: (Score:3)
Re: (Score:2)
Adblocking is a form of wack-a-mole.
Re: (Score:2)
Re: I doubt it will work (Score:2)
Ad blocking without pretty smart parse tree processing already doesn't work.
Re: I doubt it will work (Score:2)
Actuallyy ad blocking doesn't work... in the same sense that anti-virus doesn't work.
It only works against those malware writers, and I'm including ads here, that don't check against the blocker first. Which is usually the abandoned stuff.
In other words: Blacklists don't work. Use a whitelist. Like a well-configured firewall.
Re: (Score:1)
You're a moron. Ad-blocking *does* work. I have literally *never* seen a single ad since installing uBlock Origin.
Big Tech Detective (Score:1, Insightful)
Or Loony Detective.
If you want to improve privacy, block requests to sites that violate user privacy. Blocking everything related to "Big Tech" only puts you very close to other nuts with their space lasers and events that did not happen.
Re:Big Tech Detective (Score:5, Informative)
The concentration of the modern IT infrastructure in the hands of only a few companies is a significant risk in may ways. You don't even have to block a lot of companies: Just block Cloudflare and the internet stops working for you. And Cloudflare terminates TLS on their servers. Do you know this excerpt from an interview with Cloudflare CEO Matthew Prince?
We ran it as a hobby and didn't think much about it until, in 2008, the Department of Homeland Security called and said, "Do you have any idea how valuable the data you have is?" That started us thinking about how we could effectively deploy the data from Project Honey Pot, as well as other sources, in order to protect websites online. That turned into the initial impetus for CloudFlare.
That's right, Cloudflare was basically a suggestion by the Department of Homeland Security, and now it's a Man-in-the-Middle between a large percentage of all web sites and their users.
Re: (Score:1)
Re: Big Tech Detective (Score:2)
Cloudflare isn't they only game in town, not by a long shot. It's one of the few you can use for free though. Once you are booted off there you have to start spending real money or give up.
Re:Big Tech Detective (Score:5, Interesting)
If you’re having a conversation with a friend and they stop you in the middle of a sentence to insist, “Just a sec, Bob has got to hear this!”, you might find it odd that Bob, whom you find odious, is now a participant in the conversation, but maybe your friend had a good reason for including Bob, so you let it slide.
If you’re walking up to your friend to start a conversation with them, and before you can even say a word they stop you and insist, “Just a sec, Bob has got to hear this!”, you’ll find it rather odd that odious Bob is being invited to the conversation before your friend even knows what it’s about, and you may even choose not to have that conversation.
If you’re walking up to your friend to start a conversation with them, and before you can even say a word they stop you and insist, “Just a sec, Bob and his best friends, Charlie, David, and Ernest, have got to hear this!”, you’ll walk away without saying a word if you’re a reasonable person.
Why would we expect differently when it comes to the conversations we have with websites? That’s not conspiratorial: it’s rational.
Re: (Score:2)
Why would we expect differently when it comes to the conversations we have with websites?
Because it's a false comparison, and Bob isn't listening to your conversation in the slightest. In fact all Bob is doing is seeing you to standing next to each other while you two literally shout out your conversation at each other to you in public. The best part is you're both talking in some strange language no one can hear so the only way that Bob is going to find out what you were talking to is if your friend goes and tells him that afterwards. And the reality is Bob doesn't go and tell this stranger yo
Re: (Score:2)
In fact all Bob is doing is seeing you to standing next to each other while you two literally shout out your conversation at each other to you in public. The best part is you're both talking in some strange language no one can hear
All analogies break down at some point, and you've taken my analogy well past that point. Sure, the analogy breaks down as we get into technical implementation details, but at the conceptual level at which it was written and intended, the analogy still holds.
The fact is, whenever a site does something like embedding third-party content or including scripts that make calls to third-parties, Bob and his buddies are being invited to the conversation in some capacity. Are they going to be privy to everything sa
It's called effiency! Stop seeing conspiracy theor (Score:1)
It's about the most sensible *default*.
How many N@zis would it have taken, for you to close the borders to all Germans *by default*?
Apparently, for you the answer is "ALL of them".
Hey, some Google hosts may still not be evil! Let's keep the head in the sand, and stick to the comfortable denial, calling everyone a nutjob who threatens to break it, like any good blackeyer!
At some point you have to admit you're a conspiracy theorist, seeing "notjobs" everywhere.
And we passed that point, mate.
You can still add
Not very valid as it is.. (Score:2)
To paint a better picture, the extension should try to load the website but blocking the microsoft/google/facebook/amazon acesses.
I bet many will still work
Re: (Score:1)
Many more won't. Those are the big cloud providers. You can't even load the first HTML of many sites without contacting their servers. This is highly likely even if your hosting provider is a small shop: They probably rent servers from the big ones.
Re: (Score:2)
Re: (Score:3)
That is what I wanted to say. I, by & large, do that by using NoScript to block most things; I allow what I want and most sites still work well enough. If a site depends on javascript from all over - I just go elsewhere. If something is hosted at AWS (but not Amazon) I am relaxed, I do not like sites that us things like google fonts as google will look & remember.
Re: (Score:3)
"To paint a better picture, the extension should try to load the website but blocking the microsoft/google/facebook/amazon acesses.
I bet many will still work"
That's what Ghostery is for.
Re: Not very valid as it is.. (Score:2)
Much better: Redirect it to localhost, with a local server caching the files and replying with empty files if possible. That way nothing hangs. I do that for in-app ads.
Slashdot's score on this page (Score:5, Interesting)
Amazon: 18 requests
Google: 59
Other: 43
Re: (Score:2)
Yes, Slashdot is one of the literal worst.
Just leave it sit and the ublock hit counter just keeps rising.
Re: Slashdot's score on this page (Score:2)
Wasting your phone's battery with background workers all the way, by the way. Even when you ope another app. It may have changed since Daylight, but I verified it myself before that
Re: (Score:1)
Oh man, Ublock is like gold.
I didn't realize it until I tried to watch a youtube video without it. Man, that sucks! Most of the internet sucks without it.
Reminds me... I need to donate to that project again.
Not a bad idea (Score:1)
Where are they coming from? (Score:2)
a browser plugin that will block any sites that reach out to IP addresses owned by Google, Facebook, Microsoft, or Amazon
So what happens when you run a whois query against the Economic Security Project website economicsecurityproject.org
Re: (Score:2)
It would have taken you less time to run the query than post about it...
Re: (Score:2)
Not if grandparent is on mobile and someone else can run the query before grandparent can get back to a desk.
The domain name ECONOMICSECURITYPROJECT.ORG is registered to "Contact Privacy Inc. Customer 124925184" through Google Domains
Re: (Score:2)
Let's say: not if the grandparent is on an Apple device. My Android phone appears to have no trouble running whois. I have a decent shell environment installed from the play store. I can run YouTube-dl too...
Even with that, icann has a web based whois tool.
Android SDK 29 (for Android 10) breaks Termux (Score:2)
I have a decent shell environment installed from the play store.
A lot of those shell environments on Google Play Store break on Android 10 because of tighter W^X policy in Android SDK level 29 and higher. In particular, 29 breaks Termux [github.com].
Re: (Score:2)
fucking hell that sucks. I'm on 9. I guess Google is determined to erode every advantage of android except for price.
Use Pihole (Score:5, Informative)
It does a reasonable job of filtering the crap and blocking trackers without you having to do anything to the myriad devices in your home that want to talk to the interwebz.
https://docs.pi-hole.net/ [pi-hole.net]
You can install it on an inexpensive Raspberry Pi and tuck it next to your router. It probably took me a grand total of 20-30 minutes to put the Raspberry Pi 4 together and configure the software. It's interesting to see what gets blocked and which devices are chatty about phoning home. On average, mine blocks about half of all DNS queries and rarely seems to get in the way.
Best,
Re: (Score:2)
Until your browser implements DoH and bypasses your settings. The only valid reason for DoH because the only way to hide from your ISP is a VPN.
Re:Use Pihole (Score:4, Informative)
Re: (Score:2)
Re: (Score:2)
That leaves 3 letter agencies, and big tech itself, as the ones that would be pushing for DoH, and they all are.
Re: (Score:3)
And if you don't have a Raspberry Pi, you can easily run pi-hole via Docker on any PC you have laying around.
1) Install Docker/Docker Desktop on a PC that you keep on 24/7.
2) Follow the Quick Start guide [github.com] pi-hole maintains at their GitHub page for the Docker image, which basically boils down to saving their example docker-compose.yml file to disk, modifying it to suit your needs (documentation for doing so is on the page I linked), then running docker-compose up -d from the directory where you saved the dock
or littlesnitch (Score:3)
I put in a trial copy of littlesnitch a while ago, and it found enough interesting things to keep it.
zoom, for example, tries to talk to several naked IP addresses when you launch, and more every several minutes. Blocking them does not stop it from working.
Oh, and if you have the connection monitor out, you'll see that opening zoom apparently tells half of china to try to attack your ssh port . . .
The Brave browser, supposedly privacy centric, also makes many contacts to naked IP addresses.
Re: (Score:1)
Re: (Score:2)
I haven't the foggiest.
I haven't used Linux (except in passing and on pi) since FreeBSD supported the hardware I was using in the late 90s, and have never used windows except on someone else's machine.
And I haven't used FreeBSD except to access old files since Spotlight roped me into using Mac for my unix . . .
What about Javascript (Score:2)
Plenty of developers us Google hosted APIs for things like JQuery. I'm sure a lot of sites out there would just stop working if you completely blocked Google. Maybe that's what some users of this extension want, but I'm pretty sure a lot of users will be amazed at how many things stop working and don't understand why it's not working.
Re: What about Javascript (Score:2)
Wait, why not just store jQuery on your own server?
Re: (Score:2)
Moreover, with Firefox starting to separate cache per site [slashdot.org], the "user is likely to have recently loaded this version of jQuery from Google's CDN" excuse no longer holds merit.
Re: (Score:2)
I think the idea is to cut down on page load times because the user would more likely already have it cached if a bunch of sites are all pointing to the same JQuery URL. I see this to be on the level of extremely marginal gains as it would really only apply the first time a user browsed your site. Also, it would cut down on the amount of bandwidth you needed as you could offload some traffic to Google for free. Again very marginal gains as the user would only request on their first request, and it would
Re: (Score:2)
The biggest problem with blocking a company in the interests of blocking other sites that might utilize that company is that it would typically also block you from doing business with that company when you might actually want to.
In other words, it is pushing an agenda that one should not be patronizing those companies without actually offering any justification for doing so that is visible to the end user.
Using AWS (Score:2)
Re: (Score:3)
Well, you have privacy and control.
AWS gives Amazon the ability to kill a lot of web content if they so willed. In my mind this control is the larger practical concern about AWS specifically. One company having that power over so much content is worrisome, whether they want to stop hosting something on purpose, or suffers some sort of business or technical problem that causes so much to go down.
On privacy, in reality, they further do have the ability to crack into workload running on their infrastructure.
For site operators who seek to leave AWS behind (Score:3)
For website operators who seek to leave AWS behind, how does one go about finding a workable replacement for EC2 (VM hosting), S3 (static file hosting), SES (email sending with a history of maintaining productive relationship with the big webmail providers), and CloudFront (caching reverse proxy)? That is, how does one find a list of providers of each service and evaluate the quality of each provider's service?
Re: (Score:1)
Re: (Score:2)
That is, how does one find a list of providers
It's all replaceable, either by one vendor, multiple vendors
I'm aware of that. How does one find a list of such vendors?
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
The point is it is a singular entity and fortunes can change.
"Yahoo just spent 3.6 billion dollars on GeoCities, there's no way GeoCities will be a bad choice for posting your personal website"
"MySpace is making a lot of money, there's no way they are going anywhere"
Who knows what changes may occur to unexpectedly disrupt the state of affairs with Amazon.
Oh, really? (Score:2)
And, pray tell, what does Amazon's execution of Parler mean for your argument?
AWS was apparently quite aware of content, employees did not like it, and they booted it off - THEY clearly care about the content and THEY clearly are in fact in control. Yes, they play the Big Tech game of adjusting their "Terms of Service" in real time and then censoring based on the momentary meaning of those "terms", which I might add are not up for negotiation, nor are they equally applied - they're effectively implemented u
Re: (Score:1)
Oh, the irony!!!! (Score:5, Interesting)
So it looks like they're a bit up in arms about relying on big tech. So lets look at their website in Chrome Developer Tools. OK, it looks like they managed to make their tiny, tiny website (all 4 or so pages of it) work fine with no outside reference to big tech. But wait, what's this at the bottom?
"Big Tech Detective made possible by the Economic Security Project"
OK, let's check out their website at https://www.economicsecuritypr... [economicse...roject.org] in the Chrome Developer Tools in the Source tab:
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
px.ads.linkedin.com
snap.licdn.com
www.facebook.com
www.googletagmanager.com
Well, I guess they aren't THAT concerned about reliance on the "Big Tech" companies
Hey! Look! You're a meme! (Score:2, Insightful)
You've reached your final evolutionary form! [knowyourmeme.com]
Congratulations! No way but down now!
Re: Hey! Look! You're a meme! (Score:2)
If you don't get it AT ALL, maybe don't be a smug asshole. Cause to me, you look like the guy in the well there, and it took me some time to realize you meant it the other way around. When do you start helping?
Re: (Score:2)
So it's now meme-ish to call out people who say "we should do X" while not themselves doing X? If so, then a meme I happily am.
Re: (Score:2)
I don't even get your point in the slightest. It's not like I'm saying "we can't make it perfect, so lets not make it better". I'm saying the people saying "lets make it better" aren't doing anything themselves other than saying "lets make it better". Show the way. Demonstrate how you yourself have overcome the obstacles so that others can follow. Except they haven't overcome the obstacles. So perhaps their rallying cry would be better phrased as "someone please show me how to do it better, because I can't
Re: (Score:2)
Re: (Score:3)
So it looks like they're a bit up in arms about relying on big tech. So lets look at their website in Chrome Developer Tools. OK, it looks like they managed to make their tiny, tiny website (all 4 or so pages of it) work fine with no outside reference to big tech.
I'd say that was a slightly twisted take on their beef. If I had to try to summarise their position I'd say they were up in arms about big tech abusing their position in the market, and abusing the relationship they have with the public. You can probably spot the common theme: abuse.
But wait, what's this at the bottom?
"Big Tech Detective made possible by the Economic Security Project"
That would be their "shout-out" to the organisation that, presumably, provided them with the funding they needed to create and host the project. As it says under their FAQ's: "Based on the groundbreaking reporting by Kashmir Hil
It's an app world out there. (Score:2)
Re: It's an app world out there. (Score:3)
LOL. Geeks obsessed with the ... browser?
The browser is exactly what we geeks associate with clueless kids and Eternal September. Apps are just one step worse (or equally bad).
A geek loves his command line and scripts and toolkboxes of small nice well-made single-purpose tools. Not some kind of Thermomix AOL abomination. :)
I'm a graphics-loving "geek" too, but most geeks I've seen here, wonder if colors in Lynx or mutt aren't a step too far ;)
I rewlly wish there was a shell that fits the geek spirit but is
Re: (Score:2)
Re: It's an app world out there. (Score:2)
Re: (Score:3)
The nerds were saying how stupid that new WWW thing is in #hack and #phreak on IRC before there was ever a WWW search engine of any kind.
The nerds were unpopular in your school because they were smart and awkward.
The geeks were unpopular in your school because they were dumb and awkward.
Using tech doesnt mean you are smart. If all you do is use tech, not anything else like develop, hack, bodge, and cobble, then you are a geek. You are ascribing geek behavior to nerd
Re: (Score:2)
Before the web, banks had their own online banking apps with text console interfaces. I imagine there were lots of other single-purpose apps (or "small nice single-purpose tools") for other uses. Then came the browser, and suddenly you didn't need a separate app for accessing every single piece of information out there. I think that was clearly an improvement.
The current "app" craze with "smart"phones is a step backwards in that sense. Except there's no technical reason to do that, they only do it to inc
big tech (Score:1)
... onto Chrome. (Score:2)
*ba-dum TISS*
Doesn't Chrome already phone home everything you do?
uMatrix did this just fine (Score:3)
Re: (Score:2)
uMatrix is an extension I find indispensable, but it works off domain names, whereas this one claims to work off IP addresses.
Do they stop *YOU* from using those sites? (Score:2)
I'd say it completely misses the mark in that regard if it also doesn't let you patronize those companies even if you want to.
Google Chrome plugin .... (Score:2)
...says it all
They missed one... (Score:2)
"The app needs to be side-loaded in Chrome"
Just stop right there. If you're browsing in Chrome you are using a Google product.
Also the list (at least in TFS) doesn't include Apple. If they are not included in a list of "Big Tech" then the list is too opinionated. They are the biggest (by a few definitions) of the tech companies out there right now. What are the criteria? Oracle could still easily be on that list... try to use the internet without Java or any company using an Oracle database somewhere in-hou
Plugin? (Score:1)
Is it a plugin for Microsoft Edge, or Google Chrome? lmao
It is a lot easier to install ... (Score:3)
Re: (Score:2)
ghostery (Score:2)
so, like ghostery, but with extra exhibitionist masturbation?
Re: (Score:2)
But Chrome? (Score:2)
etc hosts (Score:2)
I just put their addresses in /etc/hosts to block them everywhere. Works great no side effects except that ad links return 404 errors. So Google tracking is very limited and not dependent on a browser.
Re: hosts blocker .. (Score:2)
Hosts blocking doesn't help against half the shit on he web today.
Re: (Score:2)
Congratulations on making a free replacement for APK's proprietary software. Now how do we get operating systems' resolvers to accept wildcards in the hosts file so as to work around surveillance giants' use of pseudorandom subdomains?