
Blocking Google and Facebook using Ad Block Plus and Ghostery - maus80
http://www.leaseweblabs.com/2014/02/blocking-google-facebook-using-ad-block-plus-ghostery/
======
r0h1n
Adding a couple of solutions to the bucket. The first is of course Disconnect
[0], which does everything Ghostery does and more, minus their "compromised"
business model -

The second is "Self-Destructing Cookies" [1], a browser add-on that deletes
cookies as soon as a tab is closed. Those sites whose cookies you do not want
deleted (like, say, HN), you can add to a whitelist.

And yes, use AdBlock Edge instead of AdBlock Plus.

[0] [https://disconnect.me/](https://disconnect.me/) [1]
[https://addons.mozilla.org/en-US/firefox/addon/self-
destruct...](https://addons.mozilla.org/en-US/firefox/addon/self-destructing-
cookies/)

~~~
dfc
Disconnect is an "of course"? I looked at their issues page and saw these two
open requests that are basic requirements for me:

" _Feature: option to manage Whitelist /Blacklist #272_ \-- The whitelist is
being stored in JSON format in the FF prefs.js, this is really hard to manage
manually. I'd like a basic dialog for Whitelist/Blacklist management of
sites."

" _Element hiding in Firefox #237_ \-- Implemented?"

Scanning the rest of the bugs it seems like they do a bad job of doing what
HTTPS-Everywhere does _extremely well_ and the graph of behavior-tracking
websites looked like a crappy version of LightBeam.

~~~
r0h1n
I personally don't use whitelisting, but yes, the lack of an element hiding
element is felt.

Just did a quick Google search and discovered it might be possible to use the
"Element Hiding Helper" plugin with Adblock Edge:
[https://addons.mozilla.org/en-US/firefox/addon/adblock-
edge/...](https://addons.mozilla.org/en-US/firefox/addon/adblock-
edge/versions/?page=1#version-2.0.2)

------
radley
Check out _Adblock Edge_. They're a branch the last version of Adblock Plus
before ABP whitelisted everything Google.

[https://addons.mozilla.org/en-US/firefox/addon/adblock-
edge/](https://addons.mozilla.org/en-US/firefox/addon/adblock-edge/)

~~~
dfc
Is not needing to uncheck the box that says "allow non-intrusive ads" the only
thing adblock edge has to offer?

~~~
radley
Not by my experience. I also use Element Hiding Helper and found many Google-
based elements (such as YouTube sponsored videos) would still be visible using
ABP. When I switched to ABE, my filters worked as expected.

~~~
dfc
I dont even know what YT sponsored videos are. I am always shocked when I see
ads before/after a video on a friends computer. Did you have a crappy
blockilist subscription with ABP?

------
Aoyagi
I don't know, I've used Ghostery and ABP for a while and despite claims of
lack of trust, I've had no issues with them. They both allow blocking
everything, the options aren't exactly hidden in a locked closet guarded by a
leopard. But I don't get my hopes too high, I know that there are still other
ways to track users and I feel it's a hopeless fight (without going to
extremes like ABP+Ghostery+noscript+TOR+no cookies+never using the same device
twice). But hey, if it annoys them enough to pay for being whitelisted by
default on some platforms, it's worth the fight for me.

------
unlimited_power
[http://www.areweprivateyet.com/](http://www.areweprivateyet.com/)

~~~
dredmorbius
Y'know, something more than a naked link is going to be just a smidge more
useful and informative:

 _AreWePrivateYet recreates Stanford University 's Tracking the Trackers:
Self-Help Tools study on a continuous basis in a reproducible way. The above
chart compares the level of protection provided by the different privacy
extensions across various metrics._

~~~
aj
It is also worth mentioning that
[http://www.areweprivateyet.com/](http://www.areweprivateyet.com/) is created
and maintained by Evidon, the makers of Ghostery (and unfortunately, they have
no placed any obvious disclaimer except the footer mention and the top right
ghostery logo which is not entirely sufficient imo

------
paulgb
It surprises me that more people don't just block third-party cookies. No need
to maintain blacklists that way. Sure, you still see ads, but it keeps
tracking at bay.

~~~
Pacabel
That's a pretty bold claim to make.

If third-party scripts or images are still being requested, then what prevents
a site- and/or page-specific identifier from being included in the URLs of
those assets? And what then prevents those site IDs, page IDs, the IP address
you used to make the requests, your user agent's User-Agent string, the
Referer header values, and other identifying information from being collected
and stored? What prevents them from them from then tying this information
together in a way that tracks you and your browsing behavior?

Keep in mind that cookies of any type are not at all necessary for such
tracking to occur. The only way to truly avoid that kind of tracking is to not
make any such requests in the first place.

~~~
lmkg
I work in web analytics. Recently, one of our clients decided that they wanted
to track visitors across multiple domains. After much hemming and hawing, and
research proposals, and industry comparisons, the ultimate solution that was
decided upon was... third-party cookies.

The change is extremely simple, and the data loss from people who block third-
party cookies is like 5%.

So what prevents sites from deploying these technologies? Economics. To your
point, there are no insolvable technical barriers. But right now the marginal
return return on these technologies in no way stacks up to the marginal effort
required to deploy them. Considering the fraction of the population that even
knows what a cookie even is, I do not anticipate this changing in the near
future. If everyone starts blocking third-party cookies, then yes we'll see an
uptick in use, but I don't see that happening this decade.

------
thisiswrong
"Allow for some non-intrusive advertising"

This is what scared me about Add Block by default on browsers. Essentially
what's happening is the monopolies (Google & FB) get to keep their profitable
business models while all small time content publishers get stripped of
revenue. WTF !?

Where's the Anti trust regulation? You'd think they were conspiring to kill
independent content creation. Or are they?

~~~
Cthulhu_
I... think it's kinda weird, yelling for 'anti trust regulation' when you're
blocking ads / denying people their income.

~~~
null_ptr
What if I choose browse the web with Lynx (text-only browser, no JavaScript).
Am I still denying people their income? What if I watch TV and go to the
bathroom during commercial breaks, am I denying those people's income too?

------
boards2x
Ghostery is problematic, I've stopped using their serivce (now using
disconnect.me.

Some sources say that Evidon, the company owning Ghostery, plays a dual role
in the online advertising industry. Ghostery blocks sites from gathering
personal information. But it does have an opt-in feature named GhostRank that
can be checked to "support" them. GhostRank takes note of ads encountered and
blocked, and sends that information, though anonymously, back to advertisers
so they can better formulate their ads to avoid being blocked.[4]

------
dfc
In my experience Adblock Plus, NoScript and RequestPolicy allow much more
control than Adblock Plus and Ghostery. Adblock is even easier to use if you
install the Element Hider Helper.

~~~
xenophonf
RequestPolicy is pretty awesome. I've switched to Adblock Edge, which
hopefully protects me better than Adblock Plus. Unfortunately, the more I
delve into web privacy, the more I think that non-technical users are screwed.
How on earth are mere mortals supposed to protect themselves when someone
skilled in the art has a difficult time getting web sites to work in a
privacy-maximal fashion?

~~~
djent
I had to install Adblock on my mother's laptop after she visited a webpage
with a malicious advertisement. I went ahead and installed HTTPS Everywhere
and Ghostery while I was at it. Non-technical users are completely up the
creek without a paddle.

------
616c
To expound upon someguy2's recommendation below, I have since moved on my Arch
Linux laptop after reading a dev's blog post[0] to using hostsblock to block a
lot of known domains to redirect to localhost. That, in conjunction with
dnsmasq and kwakd (a ~400 LOC web server in C that only returns
<html></html>)[2] for all requests makes me worry a lot less.

I also use disconnect.me (after discovering the motivation behind Ghostery is
just to sell info back to marketers). My only real issue is that kwakd is
clearly choking on certain sites (namely Google, which I just back to
permanent NoScript blockage) with some of the weirder stuff it does with
asynchronous JS calls. Blocking Google completely as a result makes my web
experience much, much faster and cleaner.

[0]
[http://jasonwryan.com/blog/2013/12/28/hostsblock/](http://jasonwryan.com/blog/2013/12/28/hostsblock/)

[1]
[http://gaenserich.github.io/hostsblock/](http://gaenserich.github.io/hostsblock/)

[2] [https://code.google.com/p/kwakd](https://code.google.com/p/kwakd)

------
TuxLyn
Unfortunatly, none of this will protect you from EverCookies
([https://en.wikipedia.org/wiki/Evercookie](https://en.wikipedia.org/wiki/Evercookie)).
The only way possible right now is to disable firefox
history/cookies/javascript and use private mode, and even then its not 100%.
But at that point you wont be able to use most of the sites. This means even
if you use TOR or VPN, you can still be tracked. There is one plugin in beta
stage called NeverCookies beta
([https://github.com/sensepost/neverevercookie](https://github.com/sensepost/neverevercookie))
you can also find xpi on softpedia site. NeverCookie does not have any options
in beta version. But there is another plugin no one mantioned called "Random
Agent Spoofer" ([https://addons.mozilla.org/en-US/firefox/addon/random-
agent-...](https://addons.mozilla.org/en-US/firefox/addon/random-agent-
spoofer/)) It protects your ETag, X-Forward-For and more.

------
double051
Ghostery is fantastic after you've set everything to get blocked
automatically, but it's noisy out of the box (you have to really go through
every setting to get it just right), and many websites simply break if you
block some external scripts from loading.

------
rmrfrmrf
The last time I checked out Ghostery, it phoned home by design. Is this still
the case?

~~~
Silhouette
From [https://www.ghostery.com/privacy](https://www.ghostery.com/privacy):

"Ghostery does not collect any data by default. You may choose to send us data
by enabling the Ghostrank™ feature."

------
someguy2
don't forget about flash cookies, a.k.a LSO's or SuperCookies. BetterPrivacy
works well mitigating that.

i'd also recommend 'Secret Agent' \- "Continuously Randomizes your
Firefox/SeaMonkey HTTP User Agent, to Suppress Device Fingerprinting, and
Resist Web Tracking. Also Prevents eTag Tracking.":
[https://www.dephormation.org.uk/index.php?page=81](https://www.dephormation.org.uk/index.php?page=81)

hosts file is another option:
[http://winhelp2002.mvps.org/hosts.txt](http://winhelp2002.mvps.org/hosts.txt)

------
metastart
Try the Epic Privacy Browser -- a chromium based browser that rips out all
google calls/services and protects your privacy -- it blocks ads and trackers
and philosophically doesn't send your browsing through its servers nor
collects any data unlike many of the other privacy addons mentioned.

------
sweedy
Here comes the next story where the writer makes no difference between adbloc
Plus ([https://adblockplus.org](https://adblockplus.org)) and Adblock
([https://getadblock.com](https://getadblock.com))

------
parag_c_mehta
I should also point out that if you are serious about tracking, you should
probably look into disabling Sync and "Signed In" feature of chrome. Though
there is no proof yet, but theoretically Chrome update can start tracking
based on logged in user.

------
nighthawk24
[http://prism-break.org/en/](http://prism-break.org/en/) Opt out of global
data surveillance programs like PRISM, XKeyscore and Tempora.

------
mp3geek
Use Fanboy-Social List, Ghostery isn't needed.

/Disclaimer; Author.

~~~
JetSpiegel
Isn't it called the AntiSocial list?

Whatever the name, it's a great feature. Thanks!

------
SixSigma
my armoury

* Facebook disconnect. * Google disconnect. * Ghostery * Privoxy * Self Destructing Cookies * No-Script

I wouldn't be so concerned about the ads themselves if they didn't flash, jump
about, get in the way of text, harvest my likes, cross harvest my interests,
get hijacked and infect my machine, steal my battery life by being animated
etc. etc.

------
ladzoppelin
Does anyone know how Bluhell Firewall (Firefox) does against trackers?

------
notastartup

        it’s is made by an advertising company called Evidon … 
        it is a Web tracking blocker that actually helps the ad 
        industry 
    

doesn't that defeat the whole product of Ghostery? I was eager to install it
but after reading that I'm not so sure. What are they exactly doing?

