Items tagged with: trackers
The privacy crisis Apple and Google need to fix—now
Article word count: 1113
HN Discussion: https://news.ycombinator.com/item?id=19653771
Posted by tumblen (karma: 564)
Post stats: Points: 128 - Comments: 57 - 2019-04-13T16:02:40Z
#HackerNews #apps #are #filled #smartphone #trackers #with
Go to the profile of Owen Williams
Credit: Anadolu Agency/Getty Images
Most of us understand by now that we’re being followed across the web. But how much do we know about how the smartphone apps we use track our every move? Thanks to tiny pieces of code that millions of developers use to make their lives easier, an array of companies gets free access to data they can employ to understand your habits. The process is invisible, and it’s worse news for you than you might think.
When we browse the web through Google Chrome, for example, a dizzying array of companies follow us. Such is the Wild West of our modern web, but you still remain in control of which sites you visit and which social networks you log into.
The shift to native apps changes this equation, however. Suddenly you’re no longer in full control of what’s loaded, nor of who is tracking you, and you must trust app developers to do the right thing.
All of this should make you skeptical of marketing like Apple’s recent “privacy matters” campaign.
On mobile, tracking is generally performed through the use of a “software development kit” or SDK—a set of tools that helps app developers get something done faster. Many SDKs help developers debug their code or hook into useful services, but others help advertisers and marketing companies peer into your private life. Take the iHeartRadio app for example: Last fall, Medium reported that it contained code from Cuebiq’s SDK, which would permit user data to be sold for the purposes of ad tracking.
All of this should make you skeptical of marketing like Apple’s recent “privacy matters” campaign. While the company offers tools within Safari to block trackers on the web, it doesn’t offer any control over trackers embedded in apps that are distributed through the iOS App Store. Most people use the Google Chrome browser anyway, and it has even fewer privacy protections baked in. (Apple does ask developers to “respect user preferences for how data is used,” but good luck with that.)
SDKs present a solution to Apple’s pesky tracking restriction for advertisers. They can connect who you are between apps, provided the developer of each app uses the same SDK and the advertiser is able to use signals to figure out who you are. If we look at the top 200 apps on the iOS App Store, it’s interesting to see how broad the reach of most SDKs actually is.
The top 10 most commonly used SDK libraries in the top iOS apps, as reported by analytics firm Mighty Signal, are largely provided by Facebook (three out of 10) and Google (four out of 10). Google’s AdMob tools, for example, helps developers show advertising and track their users, and it’s integrated into 78% of the top apps on iOS—everything from the Holy Bible to LinkedIn. Facebook’s “Core Kit,” which provides access to the social platform’s features, is integrated into 61% of top apps. The list goes on.
Both of these SDKs allow Facebook and Google to track users beyond their desktop web browsers and automatically collect information like when you installed the app, each time you opened it, and what you purchased.
Tracking in SDKs is clearly part of the modern App Store ecosystem, and it goes far beyond the big corporate names. There are a dizzying array of companies you’ve never heard of invisibly tracking your habits in apps you use every day. Networks like Vungle, Apps Flyer, and Applovin all call themselves “advertising and analytics” platforms. They help developers monetize their apps, and all of them track data to sell to other partners behind the scenes as well.
This often overflows into our daily lives in weird ways. The technology podcast Reply All recently dug into mysterious automated robocalls, which were somehow matching the area code of producer Damiano Marchetti, even adjusting to different locations as he traveled. How could such robocallers know where you physically are?
After digging into all of Damiano’s apps, Reply All made a discovery: He had downloaded a game called Mobile Legends: Bang Bang, which reported the phone’s location and IMEI (a unique identifier) to a bunch of analytics companies, which then sold that data, eventually leading to robocallers purchasing it.
The world of SDKs is intentionally obfuscated from view in the same way a magician wishes their most impressive tricks to remain secret.
The Wall Street Journal recently wrote about data collection on millions of other apps, such as those intended for menstrual cycle and body weight tracking. Those apps were found to sell this data to Facebook. Many people assume that Facebook is monitoring their microphones, but the reality is that they don’t need to: They can just collect data from the apps you’re using all day long.
In the past, Apple has moved to make it more difficult to identify you by blocking access to unique identifiers and your phone number, but it’s still trivial to correlate an identity via your IP address, the name of a Wi-Fi network, or just matching together the bread crumbs of data they grab about you. Android allows even broader access to identifiers—not surprising, given that it’s built by a company that relies on advertising to make money.
The world of SDKs and the companies tracking with them is intentionally obfuscated from view in the same way a magician wishes their most impressive tricks to remain secret. If you knew that the game you love was the one ratting out your habits, you’d probably consider uninstalling it.
There’s frustratingly little we can do to combat SDK tracking without intervention from Apple and Google. There are nuclear methods that can help protect you, such as installing a network-wide ad-blocker on your home Wi-Fi, which blocks the requests at the source—but of course that only works within the confines of your home. On the go, some VPN providers are able to block advertising, but with the same limitations: You must stay connected to the VPN at all times to block them, which simply isn’t realistic.
What we really need is change from the top. Apple and Google should provide operating system controls that show the parties harvesting data inside the apps on our devices or should require third parties to reveal this information. A good example of this in practice can be found in the Guardian app, which allows users to disable tracking on a per-SDK basis in its settings. Requiring this should be standard for all developers.
Ultimately, the gatekeepers of mobile app stores have a responsibility to give us more control. Otherwise, the next big privacy scandal will be the digital equivalent of the Deepwater Horizon oil spill: All our information out there, under the surface, helping companies build a picture of who we are—without us ever seeing it.
HackerNewsBot debug: Calculated post rank: 104 - Loop: 152 - Rank min: 100 - Author rank: 65
VSCodium is a tracking-free, free and open source clone of Microsoft's Visual Studio Code created so that developers will not have to build VS Code from source which contains telemetry/trackers.
Article word count: 473
HN Discussion: https://news.ycombinator.com/item?id=19650109
Posted by arthurz (karma: 87)
Post stats: Points: 137 - Comments: 76 - 2019-04-13T00:00:05Z
#HackerNews #code #open #source #studio #trackers #visual #vscodium #without
We have covered Visual Studio Code before so you must know how much of an awesome code editor it is. While VS Code is open source freeware, its source code is only available on Microsoft’s official GitHub repo and its downloads are licensed under a closed source license which contains telemetry so you’ll be happy with the app we have for you today.
VSCodium is a tracking-free, free and open source build of Microsoft’s Visual Studio Code created so that developers will not have to build VS Code from source which contains telemetry/trackers.
This fit is accomplished by using special scripts to clone the vscode repo, build it from source, and then upload the resulting binaries to VSCodium’s GitHub releases free of telemetry passes.
With that being said, VSCodium is a replica of Visual Studio Code and thus, works in the same way with all the features and support present in its parent project. Except for the app icon – that’s different.
VSCodium - Clone of Microsoft’s Visual Studio Code
VSCodium – Tracker-Free Visual Studio Code
Features in VSCodium * Free to use * Cross-Platform: Available on Windows, GNU/Linux, and Mac. * Open source with source code available on GitHub. * Native support for several languages. * Additional functionality using extensions. * IntelliSense and smart code completion. * An advanced and robust built-in debugger. * Native support for Git.
Semantik - An Open-Source Mind-Mapping App for KDE
You know the feature list in VS Code is virtually inexhaustible. The same goes for VSCodium.
How to Install VSCodium on Linux
Follow these steps to install VSCodium on any Debian-based distro like Ubuntu. Take note of the pipe "|" symbol used to join the commands.
Add its repo’s GPG key.
$ wget -qO - https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg | sudo apt-key add -
Add the repo to your system.
$ echo ʼdeb https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/repos/debs/ vscodium mainʼ | sudo tee --append /etc/apt/sources.list.d/vscodium.list
Update your PC and install the app.
$ sudo apt update && sudo apt install vscodium
VSCOdium is installed by default on ParrotOS and if it’s not installed on your system you can install it with the simple code:
$ sudo apt update && apt install vscodium
On Fedora / Centos / OpenSUSE, you can install VSCodium using following commands.
Add the GPG key of the repository and install VSCodium as shown.
-------- On Fedora/CentOS/RHEL -------- # dnf config-manager --add-repo https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/repos/rpms/ # dnf install vscodium
-------- On OpenSUSE/SUSE -------- # zypper addrepo -t YUM https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/repos/rpms/ vscodium_mirror_on_gitlab # zypper in vscodium
If you like, you can transfer your tools and preferences from VS Code to VSCodium using the instruction manual here. Are you using a different OS? See how to install VSCodium on your system here.
What do you think about VSCodium? I imagine that developers who didn’t want to fork Visual Studio Code because of the info that Microsoft tracks will happily jump at VSCodium. Tell us what you think in the comments section below.
The cost of maintenance is skyrocketing as more readers are coming on board and the ad service that we employ in order to generate revenue is unfortunately no longer sufficient and this is especially due to the increased use of ad-blockers.
We humbly request that you consider disabling your ad-blockers to support us financially or by donating as anything from $1. Your donation(s) will go a long way in supporting FossMint and sister site, TecMint, in running efficiently. Thank you.
Make a Contribution via PayPal
HackerNewsBot debug: Calculated post rank: 116 - Loop: 51 - Rank min: 100 - Author rank: 72
Plus: UK health service sites contain commercial trackers
Article word count: 857
HN Discussion: https://news.ycombinator.com/item?id=19424041
Posted by snaky (karma: 3287)
Post stats: Points: 162 - Comments: 44 - 2019-03-18T19:03:20Z
#HackerNews #adtech #and #from #google #government #have #others #trackers #undisclosed #websites
All but three of the European Union member statesʼ government websites are littered with undisclosed adtech trackers from Google and other firms, with many piggy-backing on third-party scripts, according to an analysis of almost 200,000 webpages.
The report (PDF), published today by Cookiebot in collaboration with civil rights association European Digital Rights (EDRi), scanned 184,683 EU government webpages on 11 and 12 March to assess the cookies on each.
It found that there were 112 companies slurping up information on EU citizensʼ browsing habits on the webpages of the governments supposedly fighting the good fight against excess stalking of netizens.
Adtech trackers were found on 25 of the 28 member statesʼ sites, with only Spain, Germany and the Netherlands clean of commercial cookies. There were 52 companies identified on Franceʼs government sites, 27 on Latviaʼs and 19 on Belgiumʼs. Twenty cookies were identified on GOV.UK, of which 12 were marketing, and all belonged to one company – Google.
Indeed, the search giant is described as the "kingpin of tracking" within the report, present on 82 per cent of all the sites and accounting for three of the top five trackers: YouTube, DoubleClick and Google.
The report authors said this was of "special concern" because Google can cross-reference trackers with its first-party account details via its widely used consumer services such as Mail, Search and Android apps.
Separately, the work assessed public health service sites, again finding that cookies were widespread, with 52 per cent of those tested having commercial trackers.
And again, Google was right up there, making up two of the top five, with the others being Adobeʼs eversttech.net, AppNexusʼ adnxs.com and Mediamathʼs Mathtag.com.
For this assessment, the researchers chose six EU countries and carried out 15 health-related search queries – such as "How do I know if I have HIV?", "Signs of being an alcoholic" and "I want to terminate my pregnancy" – from IP addresses in each country to identify the relevant landing pages on each nationʼs health service.
In the UK, some 60 per cent of these landing pages had such ad trackers, less only than Irish sites, where trackers appeared on 73 per cent of landing pages. A single German website about maternity leave was monitored by 63 companies, while a French page about abortion was tracked by 21 firms.
The group said this could be used to "infer sensitive facts about [usersʼ] health condition and life situation" and be resold to target ads. "These citizens have no clear way to prevent this leakage, understand where their data is sent, or to correct or delete the data," it said.
"These scripts can act as Trojan horses, opening backdoors to the website code through which ad tech companies can silently insert their trackers," the report said.
It urged website owners to be more careful when including third-party components on their sites; to make sure they had a detailed overview of the current trackers; and to remove any unwanted ones from the source code.
Visitors should also be offered full transparency and control over trackers on the site – but it shouldnʼt just be up to users to lock down their browsing habits. Stronger regulations need to be in force, and adhered to.
"How can any organisation live up to its [European General Data Protection Regulation] GDPR and ePrivacy obligations if it does not control unauthorised tracking actors accessing their website?" asked Cookiebot founder Daniel Johannsen.
"Public sector bodies now have the opportunity to lead by example – at a minimum by shutting down any digital rights infringements that they are facilitating on their own websites."
Diego Naranjo at EDRi used the opportunity to lament the delay to the long-awaited ePrivacy Regulation, which was initially meant to be enforced as the yin to the GDPRʼs yang, covering communications data rather than personal data.
However, it has been stuck in discussions between member states for more than a year, and privacy activists fear it is being watered down as a result of lobbying from adtech industry and concerns among member states.
If it does lose ground, Naranjo warned, it will "open a Pandoraʼs box of more and more sharing, merging and reselling of personal data in huge online commercial surveillance networks, in which citizens are being unwittingly tracked and micro-targeted with commercial and political manipulation."
Their calls for progress echo those made by the European Data Protection Board last week. The group – made up of the blocʼs data protection watchdogs and EU data protection supervisor – issued a statement urging legislators to "intensify efforts" to adopt it.
"The future ePrivacy Regulation should under no circumstance lower the level of protection offered by the current ePrivacy Directive and should complement the GDPR by providing additional strong guarantees for all types of electronic communications," it said. ®
Sponsored: Becoming a Pragmatic Security Leader
HackerNewsBot debug: Calculated post rank: 122 - Loop: 125 - Rank min: 100 - Author rank: 24
Why does a vegan get ads for ice cream?
My friend, let’s call him Jake, has been a #vegan for years, long before it was trendy.
He said the other day, “Okay, Bill, you’re the one who keeps telling me about the terrible things the #internet can do (he usually ignores most of my advice) so how come I get #ads for Ben & Jerry’s in my emails on my Mac? They keep screaming at me “Hey, Jake! Buy Ben ‘n’ Jerry’s now!”
I try to ignore the irritation I feel that he hasn’t even installed an #adblocker yet and ponder the problem. “Hmm, which email provider do you use, Jake?”
“Hotmail,” he said, sheepishly.
I gave a weary sigh. As some in the Federation know, Hotmail and Gmail collect keywords in our private subject lines and contact list and sell them on to advertisers without our knowledge or permission – especially if we don’t fix our privacy settings.
I asked him if he had any people in his contact list called Ben or Jerry. He had a think. A flicker of recognition shone in his eyes and we both knew.
“Stop using it, Jake,” I said. “Use Tutanota or Mailfence at least…”
He is addicted to convenience.
He is still using Hotmail.
#apple #consumertech #privacy #tech #Google #locationtracking #surveillance #monitoring #adblockers #ads #digitaladvertising #internetmarketing #gmail #hotmail #outlook #microsoft #mail #data #corporations #telemetry #mass-surveillance #surveillance #tracking #trackers #spyware #surveillancecapitalism #icecream #icecreamcone #mac #ios #ipad
Which websites featured on the Federation have the worst privacy?
My last post highlighted how ticking the OEmbed box to add a website picture to a post can compromise Federation users if it contains a tracker.
I also mentioned tools, like Disconnect, we could use to detect websites which track their users. In this post I reveal some of the most popular reference websites on the Federation with low privacy and high tracking rates.
I believe Federation users should consider not embedding, or at least warning their readers about the surveillance techniques carried out by these sites.
A Princeton University study identified almost a million websites that track their users. Here are just 5 examples of websites whose stories are commonly quoted on the Federation:
Wired is a popular website referenced on the Federation by many users because it publishes great tech-based stories. But how private is it?
Although it offers an ‘ad-free’ version for subscribers, normal visitors are ruthlessly fleeced for their data.
WIRED has embed deals (agreements to embed tracking codes into their pages for money or gain) with a staggering 171 third parties including Google, Amazon, Facebook, Vogue, GQ, Golf Digest, Bonappetit and Vanity Fair.
Some tracking beacons embedded on WIRED and captured by Ublock Origin
151 of these third parties are known tracking or advertising companies like Google, Amazon, Facebook, Turn, Add This, Scorecard Research, Adobe, Twitter Analytics, Typekit, Criteo and Quantserve. Aggressive trackers like Google Tag Manager (GTM), Add This and Turn are present here.
Below is a screengrab of the many scripts NoScript has blocked from the WIRED website, the 33 scripts, gifs and beacons blocked by Ublock Origin and a couple by Disconnect.
WIRED sets 25 short-term and 28 long-term cookies itself, while allowing its third party partners (including 69 tracking companies) to set 26 short-term and 133 long-term cookies.
It uses Google Analytics without the anonymization feature enabled, so user details are sent to Google servers.
All WIRED servers are based in the US so GDPR privacy rules can be ignored.
Websites loading this many scripts/cookies are usually blacklisted by most users, not least because they drain a device’s battery.
WIRED claims that subscribing with them will mean an ad free experience, but I find it hard to believe that a subscription to WIRED will suddenly load a clean page without a single tracker retrieving data. But then I am not a WIRED subscriber. Please comment if you are and have no trackers.
Seen by some as a safe pro-privacy resource celebrating Free and Open Source Software, FOSSPOST lets its users down by digitally fingerprinting their devices and loading 19 trackers into a browser.
FOSSPOST has embed deals with 27 third parties, making its embed renting in the ‘low’ category, including Google, Amazon, Creative Commons and WordPress.
13 of these are known tracking or advertising companies like Google, Amazon, Mailerlite, One Signal and the data-hungry caterpillar that is WordPress.
FOSSPOST sets 2 short-term and 2 long-term cookies itself while allowing its third party partners (including 3 tracking companies) to set 4 long-term cookies.
It uses Google Analytics without the anonymization feature so user details are sent to Google servers. All FOSSPOST servers are based in the US so GDPR privacy rules can be ignored.
Acquired by Yahoo’s parent company, Oath (a company that includes AOL), under the Verizon umbrella, in 2010, this is a popular reference source for researchers and Federation users.
Historically, Yahoo deserves some kudos as they were one of the few big tech companies that objected to sharing their users’ details with the PRISM
The Bush administration threatened them with $250k a day fines until they complied. Verizon bought them in 2017. Yahoo suffered the largest data breach in history in 2018.
The link to this NYT story is not embedded (consider blocking the GTM tracker on the site)
TECHCRUNCH.com fingerprints the user’s device and dumps 2-7 Yahoo trackers in their browser, depending on the page loaded.
TECHCRUNCH.com has embed deals with 27 third parties, including Google, Facebook, Yahoo and WordPress.
15 of these are known tracking or advertising companies like Google, Facebook, Yahoo, WordPress, Atwola, Typekit, AOL and Scorecard Research.
TECHCRUNCH.com sets 4 short-term and 5 long-term cookies itself while allowing its third party partners (including 4 tracking companies) to set 1 short-term and 7 long-term cookies.
It uses Google Analytics but interestingly enables the anonymization feature so some user details are not sent to Google servers.
All servers are based in the US so forget about GDPR privacy rules.
THE REGISTER .co.uk
Although a great resource with well-written and groundbreaking stories, it isn’t as private as I’d hoped.
There is no obvious digital fingerprinting but it seems to have gathered more Google syndication in the last couple of years, (9 of its 16 embed deals are with the Big G). 12 known tracking or advertising companies like Google, Admedo and the Amp Project gather data.
THE REGISTER sets 3 short-term and 4 long-term cookies itself while allowing its third party partners (including 2 tracking companies) to set 7 long-term cookies.
It uses Google Analytics without enabling the anonymization feature so user details are sent to Google servers. Although THE REGISTER’s domain is in the UK, both its data and email servers are based in the US so GDPR privacy rules could be compromised here, though I am not a lawyer.
The Guardian .com
I’ve been sitting on this for a few years now but it’s about time I blew the whistle.
I first noticed the Guardian newspaper’s website was digitally fingerprinting its users’ devices when they published an article on, um, Canvas Fingerprinting.
That page has been removed since, but they still continued doing it, long before Facebook, though not before Google.
I’ve kept quiet about this surveillance because I admire the paper for its incredible journalism, especially exclusives like the Snowdon revelations, and its general championing of freedom issues across many sectors of society. But the hypocrisy has started to wear me down.
Some tracking items & widgets embedded on Guardian .com and captured by Ublock Origin
The Guardian has embed deals with a privacy-sapping 142 third parties, including Google, Amazon, Bing, Twitter, and, despite being one of its main critics, Facebook. 132 of these third party partners are known tracking or advertising companies like Google, Amazon, Facebook, Turn, AddThis, Scorecard Research, Blue Kai, Twitter Analytics, Rubicon, Criteo and Quantserve.
Some of the most aggressive trackers like GTM, AddThis and Turn are present here.
The Guardian also sets 3 short-term and 5 long-term cookies itself, while allowing its third party partners (including 51 tracking companies) to set 10 short-term and 131 long-term cookies.
Yes, we NEED the Guardian’s continued existence, but castigating Facebook et al while allowing them to track its users doesn’t sit well with me.
The website uses Google Analytics but at least enables the anonymization feature, so some user details are not sent to Google servers.
Although The Guardian’s data servers are in Germany, their email servers are based in the US so GDPR privacy rules could be compromised here, though, again, I am not a lawyer.
In conclusion, I’ve given just 5 examples of popular sites Federation users quote in their posts.
I am NOT advocating a boycott of these sites but politely suggest we don’t OEmbed them, just feature a hyperlink and give readers the heads-up about these privacy concerns.
Alternatively, look for other sources featuring the same story. It’s also worth highlighting which websites do NOT add a tracker when we OEmbed a story, or have a low level of surveillance. Please promote those guys.
#news #fakenews #journalism #FreePress #PressFreedom #theguardian
#privacy #tracking #trackers #facebook #social #mass-surveillance #gdpr #google #location #user #device #setup #private #secure #internet #tips #tricks #online #os #windows #apple #ios #advertising #ad #revenue #streams #developers #media #data #corporations #telemetry #consent #spyware #surveillancecapitalism #humanrights, #anonymity #cookies #surveillance #browser #proxy #relay #network #www #leaks #fingerprint #activity #activitytrackers #thefederation #pods #federation #fediverse #friendica #mastodon #pleroma #socialhome # #Gnusocial #Funkwhale #Peertube #pixelfed #hubzilla #Diaspora
How can Federation users post more safely?
You know how it goes. We find a great story online and we want to share it with our supporters or feature it in our feed with appropriate hashtags for maximum reach.
But do we check the website featuring the story for privacy before we post?
When we embed a link by selecting the OEmbed box (often ticked by default) this displays an image or video on our post from the website we’ve featured.
They may look cool, but these images can contain beacons or other trackers. Embedded trackers also load into the browsers of any user who scrolls down the public feeds.
Should we ensure the website is safe before linking to it?
Actually some do. Posts that don’t feature a website’s images (with the OEmbed box unchecked as below) can actually protect Federation users from a serious amount of surveillance.
Some thoughtful users actually reproduce the article’s main points in their post, to protect their readers from visiting the site itself. They usually supply a link to the original content if one wants more detail and perhaps is protected with tracker blockers. So how do we know a site we recommend is safe?
Here are some privacy tips:
• Consider checking the page’s security/privacy before linking to it.
Using Tor, or a beefed-up Firefox fork or version (for detecting digital fingerprinting), and/or Disconnect, NoScript or Ublock Origin add-ons to reveal a multitude of trackers.
• There is usually more than one website featuring the same story. Consider picking the website with the least trackers and digital fingerprinting.
• Issue a warning in your post about any of the site’s surveillance methods and privacy issues you’ve detected.
• Embedding a picture/video could also make users vulnerable. Consider unchecking the OEmbed box.
In the next post I’ll give examples of a number of websites with low privacy and excessive trackers, commonly featured in the public feeds.
#secure #internet #windows #apple #revenue #streams #developers #Social #media #data #corporations #tracking #trackers #facebook #social #mass-surveillance #gdpr #google #alphabet #location #user #device #setup #private #secure #internet #chrome #tips #tricks #online #os #mobile #ie #safari #apple #ios #ad #revenue #streams #developers #telemetry #consent #windows10 #windows7 #windows81 #microsoft #linux #debian #ubuntu #mate #gnome #grub #iphone #firefox #advertising #android #chrome #browser #browsers #phone #phones #device #Tor #privacy, #humanrights, #anonymity #internet #security #cookies #surveillance #browser #web #onion #router #torbrowser #bridge #proxy #relay #leaks #fingerprint #activity #activitytrackers #spyware #surveillancecapitalism
““By summer 2019, the Firefox browser will also block, by default, all cross-site third-party trackers, strengthening privacy without your having to do a thing.” https://t.co/cqpQbSe9Ko”
Article word count: 500
HN Discussion: https://news.ycombinator.com/item?id=19223853
Posted by geekybiz (karma: 69)
Post stats: Points: 132 - Comments: 87 - 2019-02-22T08:13:29Z
#HackerNews #3rd #all #block #default #firefox #party #trackers
 [IMG]Jen Simmons @jensimmons Feb 20
Jen Simmons Retweeted Firefox 🔥
“By summer 2019, the Firefox browser will also block, by default, all cross-site third-party trackers, strengthening privacy without your having to do a thing.”https://twitter.com/firefox/status/1098286110067908609 …
Jen Simmons added,
Firefox 🔥Verified account @firefox
Our Facebook Container extension is not only the most popular browser extension weʼve ever built, but now has secured us a spot on the Top 50 #FCMostInnovative. Have you tried it out yet? https://mzl.la/2NhrLm7
 [IMG]Peri Moritz @peareye Feb 20
Replying to @jensimmons
How do you see this affecting http://caniuse.com ʼs data collection?
 [IMG]Jen Simmons @jensimmons Feb 20
Replying to @peareye
I believe it already is — (I assume you mean StatsCounter, where Can I Use gets data on market share of browsers). Firefox is being underreported in browser-market-share data, because we are taking steps to protect users. We stand up for users anyway. Mission over measurements.
 [IMG]Andy @iamalsoandy Feb 20
Replying to @jensimmons @peareye
Mission over measurements is a great line!
 [IMG]Richard Heart BitcoinHEXin4wks @RichardHeartWin 4h4 hours ago
Replying to @jensimmons
 [IMG]Jared Rauh @JaredRauh Feb 20
Replying to @jensimmons
I think this implies yes, but will this change block Google Analytics by default as well? If so, aren’t there huge ramification if companies can’t see how many users are accessing their site through Firefox?
 [IMG]Đăng Tú @dangtu_work 14h14 hours ago
Replying to @JaredRauh @jensimmons
What ramification you are talking about?
 [IMG]Jared Rauh @JaredRauh 13h13 hours ago
Replying to @dangtu_work @jensimmons
If it appears as though Company X doesn’t have any Firefox users, why aim to test in it and support it? 🤷🏼♂️
 [IMG]Charles @cloudthrasher 3h3 hours ago
Replying to @JaredRauh @dangtu_work @jensimmons
Or, perhaps stop using GA and install an analytics package on the local server. All these metrics analysts worry about are fairly meaningless if not (as Facebook and Google have admitted) fantasy.
 [IMG]internet disapprover @errstr 3h3 hours ago
Replying to @jensimmons
Will it block the Google Analytics built into the about:addons page?
 [IMG]Thibaut Nguyen ಠ_ರೃ @teebot 2h2 hours ago
Replying to @jensimmons
Do you plan to allow anonymous and more ethical analytics solutions like fathom?
 [IMG]Robert Foss @memcpy_io 2h2 hours ago
Replying to @teebot @jensimmons
I would assume not as it being ethocal or not canʼt be verified client side.
 [IMG]Crypto Colax @ColaxCrypto 3h3 hours ago
Replying to @jensimmons
 [IMG]Paul McClean @paulmcclean 17h17 hours ago
Replying to @jensimmons
 [IMG]Jahit Design @jahitdesign Feb 21
Replying to @jensimmons
Firefox really does care about its users
 [IMG]JP @jptaXman24 Feb 20
Replying to @jensimmons
That’s pretty remarkable now only if they could do the one think I want
 [IMG]Rick Bruner @rickbruner Feb 20
Replying to @jensimmons @dmarti
Whoa, really giving Opera a run for its money
 [IMG]Jarrod Overson @jsoverson Feb 20
Replying to @jensimmons
Thatʼs the first Iʼve seen that. Have you come across any information on how theyʼre planning on doing this?
 [IMG]Jarrod Overson @jsoverson Feb 20
Replying to @jsoverson @jensimmons
nm, found the old reference. I had forgotten about this initiative, thanks for posting it.
HackerNewsBot debug: Calculated post rank: 117 - Loop: 152 - Rank min: 100 - Author rank: 138
Turn off location. PART 2
Apart from Edge, which has to be tweaked from the W10 OS, most browsers can have their location services disabled through their menu. I cannot list EVERY browser in existence here, as I have a life. If you have other browser location tweaks, please share.
1. Click on Chrome’s menu and select the cog symbol – SETTINGS
2. Click the SHOW ADVANCED SETTINGS link at the bottom. Don’t be afraid of the ‘advanced’ implication, this has been worded to scare off timid sheep from reclaiming their privacy.
3. Click the CONTENT SETTINGS button under PRIVACY. While we’re here, consider unchecking the boxes urging us to use web services to ‘resolve navigational errors’ or ‘prediction services’ to auto complete our searches. This is just more telemetry.
4. Scroll down to the LOCATION section and select DO NOT ALLOW ANY SITE TO TRACK YOUR PHYSICAL LOCATION.
There are countless versions and forks of Firefox so, to save column inches, here are the about:config settings. Firefox (and especially Tor) should have location disabled.
To check, type about:config in the address bar and press enter.
• Press the button that says "I'll be careful, I promise!" or “I’ll take the risk!”
Type the terms in the search box and toggle to the following settings if you don't already have them:
geo.enabled = false → Disables the browser geolocation feature.
WITHOUT THE [SQUARE BRACKETS][geo].provider.ms-windows-location = false → Disables windows location.
geo.wifi.uri → Mozilla has used Google's geolocation service in Firefox by default for many years, so check for any Google addresses that may be here. This is an example of how Mozilla has lied about some of its user privacy claims – it seems to be posting our movements to the Big G. Erase any Google address and leave this field blank.
1. Click the TOOLS menu
2. Select INTERNET OPTIONS.
3. Click the PRIVACY tab at the top of the window
4. Check the NEVER ALLOW WEBSITES TO REQUEST YOUR PHYSICAL LOCATION box.
5. Click “OK” to save changes.
To disable Location in Safari, first click Safari > Preferences.
• Select the PRIVACY ‘hand’ icon at the top of the window.
• Under WEBSITE USE OF LOCATION SERVICES, select DENY WITHOUT PROMPTING to prevent all websites from asking to show your location.
Like the iOS, iPhone apps have to explain how they’ll use location data and must allow users to turn it off. Of course, access to this info is usually well hidden and when we find it it’s often written in brief, vague terms. To find LOCATION, do the following:
- Tap the SETTINGS icon, usually a cog or wheel
- Tap the PRIVACY icon, usually a white hand on a blue background
- Tap LOCATION SERVICES
• ALWAYS allow location (not recommended – it draws data even when it’s off)
• NEVER allow location
• Allow WHILE USING
The last one should be used for apps we think need to know our location or may be affected by disabling, although I’d venture there are few or none of these.
If you just want to block location on EVERYTHING just swipe that green switch in the pic above, to the left.
Always delete apps you never use. Limits spyware and saves battery.
Owned by Google, Android doesn’t stop snooping apps snuffle away location data, even when they’re turned off. It doesn’t even have the iPhone feature to turn off location when not using an app. After much criticism on this, on newer phones, the Big G reckons developers are only allowed to collect data “a few times an hour,” but if we don’t want ANY data collected, we have to do it from the phone’s main SETTINGS menu.
Older Androids are simpler to tweak
1. Open SETTINGS
2. Tap SECURITY and/or LOCATION
3. Uncheck ACCESS TO MY LOCATION box
4. Swipe GPS SATELLITES button to OFF
Like the iPhone, newer Android phones show a list of individual apps and allow us to turn off each app’s location button. Otherwise we can switch all location snoops off with the main button in APP LEVEL PERMISSIONS.
WIPE THE DATA GOOGLE HAVE COLLECTED
To be fair to Google, who collect data like bees collect pollen, they do have a portal where we can remove our location data (and more).
I am not sure if we can access all the data Google collects about us, or our device, if we DON’T have an account with one of their services, (#Gmail, Google Docs, #YouTube, Android, Google Drive, G+, etc) but it’s worth going through the data they’ve collected "to improve our advertising experience".
Obviously, we will be tracked within an inch of our life at Google central, but will have to suck it up if we want to clear our data. Be prepared for eyes to water and flabbers to be gasted.
#privacy #tracking #trackers #facebook #social #patent #mass-surveillance #surveillance #gdpr #google #alphabet #location #user #what3words #device #setup #private #secure #internet #chrome #tips #tricks #online #os #windows #mobile #ie #safari #apple #ios #ad #revenue #streams #developers #Social #media #data #corporations #telemetry #consent #windows10 #windows7 #windows81 #microsoft #linux #debian #ubuntu #mate #gnome #grub #iphone #firefox #advertising #android #chrome #browser #browsers #phone #phones #device