But I never got around to polishing it and making it more accessible.
The thing that really prompted me was peeking at what financial websites were doing, trying to connect to data mining sites like ru4.com and refusing to load if they couldn't connect to facebook.com and twitter.com.
My script also fixes paths in profile folders so that the roboforms extension will still work, because it is the only password manager that I have found that is able to completely automate my logins, despite the best efforts of UX designers.
I also couldn't order food from seamless.com unless I allowed a script on their site to connect to facebook.com. So, now seamless.com gets its own empty sandbox.
And because you're using your filesystem to store a browser profile, you can have specific extensions or settings for each profile.
So whenever I want to do financial stuff, it just connects over an autossh tunnel to my home, so it will never trigger any any stupid re-authentications when I'm connecting from a cellphone or work.
You have a link and/or author for the add-on to which you're referring?
When your browser redirects a tab from example.com to accounts.google.com to do an OAuth login, the Google OAuth login cookie that gets set by accounts.google.com under that tab, needs to also be visible later on to any other tab whose "root node" navigates to accounts.google.com.
Maybe you can make an exception for just SSO providers—but won't other nefarious uses (e.g. analytics providers) then just pretend to be SSO flows?
And maybe you can just whitelist the existing SSO providers—but that's an instant oligopoly.
"Single sign on" means "contact centralised provider with identifying information plus site browsed".
The explicit desire here is to stop that tracking.
Tracking _is_ single sign on with the "sign on" being invisible to the user.
(Mind you, Google themselves are working to move enterprises away from this model, with their https://cloud.google.com/beyondcorp/ effort avoiding the "Intranet as a bunch of services on separate internal domains" model, in favor of a "Intranet as a bunch of services all living under smart proxies that make them look like one domain and handle IAM for you" model. But enterprises would need to move first, before complete tab isolation could be workable for them.)
There's also even-more-enterprise SSO, i.e. SAML and its "using your bank as an SSO provider to prove your identity to government services" use-cases. This actually isn't SSO at all—there are more identity providers than there are services. The point here is to federate proofs-of-identity by allowing many different (whitelisted) agencies to vouch for your identity, so that the government doesn't need to issue you some centralized proof-of-identity. This would also break under complete tab isolation, and I don't think there's any good replacement in this case.
(personally I get a small hit of joy every time I hit a site that is caught and blocked trying to do things it shouldn't, and vow never to return. it's better than it happening without knowing.)
If you don't want every tab to be connected, every tab isn't connected.
It's not like the problem is impossible; nobody is saying that. My point is that the solution is non-obvious to the point that nobody has solved it yet, despite likely man-years being put into trying. Firefox Containers are the best UX we've come up with so far to kinda-sorta solve the problem. Do you have any better idea?
If you click a link that opens a new tab and swipe back from that new tab, Safari closes the new tab and shows you the previous tab.
I’m not exactly sure of the behavior when you open a new tab, then go to another tab, then back to the tab that was opened and then swipe back, though.
If you switch tabs, or close the app, or do anything other than somewhat immediately go back, that back history is lost. And if you do use the shortcut to go back, the new tab is destroyed. There's no ability to open a bunch of tabs and then in each of them independently navigate back to the parent.
Not sure if it has any traction anymore.
I'll stick to Chrome when I want my browser to not lose my sessions constantly.
However, to prevent tracking I mostly use CookieAutoDelete  which only stores Cookies for sites that I have whitelisted after the tab is closed. It's really just a handful of sites I visit frequently and don't want to log in every time. Cookies aren't required for anything else.
Also, not having a Google account comes in handy to prevent tracking by Google. My default search engine is DuckDuckGo.
Removing cookies will not prevent anyone from tracking.
In my experience, Google seems to have a better track record in terms of respecting cookies (or lack thereof) as the main carrier of online privacy management. But I think it's just an illusion. They're just obscuring it to not freak people out too much the way like Facebook does. The information is still there. They have it, from analytics, fonts, reCaptcha and all other means of their creep.
To prevent tracking, you need to have a full control over information you send to the internet, including browser request headers, IP address, behavior patterns of web browser, and so on. Cookie management alone is just a fallacy and gives a false feeling of control over privacy.
This is also why I consider those "privacy containers" broken by design. They just operate on cookies and don't contain anything besides cookies. I would even consider them harmful because of their misleading nature.
Privacy containers could do more interesting things like:
- Connect through a VPN/proxy, so IP address changes all the time.
- Change browser characteristics (screen size, available fonts, user agent string, etc) to fool the fingerprint. I suppose that fingerprints are hashes, so you only have to corrupt one ingredient of the hash to make the fingerprint unusable.
Tor browsers do stuff like this.
What about hardcoding the fingerprint? So that every end user looks the same.
So long as the client runtime can inspect the host, inferring the fingerprint, and call back to the mothership, there's no foolproof, durable way to defeat fingerprinting.
At best, fudging the fingerprint just buys some time in the arms race.
It is simply a series of attributes that are tested and compiled. Attributes that are consistent for a single browser but have some degree of variation between different computers.
Put enough of those together and you can uniquely identify someone. The exact things that are checked, however, will vary between implementations, and can always be changed in the future, so there isn't an easy way to spoof all of them to be identical.
In addition, many of these attributes that are tested need to return accurate results for normal functionality to work, so you are again limited in what you can fudge to avoid fingerprinting.
I have that even on my regular browser...
The underlying problem of privacy is addressed. The consequence of anonymity is a lack of trust.
Anyway the very idea that people are making money from me keeps me up at night so I use FF with a bunch of privacy aiding extensions. The war to fingerprint users is endless though. Ad tech is a billion dollar industry.
I think that your comment makes it seem trivial to control fingerprinting by controlling the information you send over the internet. While I suppose it is true that you can prevent fingerprinting by not allowing data transmission, this will also make the intenet and especially the www unusable.
Masking your IP address would require access to multiple IP pools, which is cost prohibitive. Alternatively, you could use some centralized proxy, which just changes who controls the information about you, but perhaps in even a more scary way.
Once again, privacy and convenience conflict.
That way, my identity is disassociates, hopefully. All logins are on chrome which are used minimally and all browsing is on FF with no track on, cookies blocked etc
They still can track and target ads at you without an account. An account is not required for that.
For some sites I need to allow google.com cookies otherwise I will keep getting recaptcha checks.
- install Cookie Auto-Delete (https://addons.mozilla.org/en-US/firefox/addon/cookie-autode...)
- set it to delete all local data for all domains, 15 seconds after its last tab is closed
- create a Firefox container for untrusted apps you can't get rid of (e.g Gmail, Facebook) and set these domains to open in this "untrusted" container by default
- set Cookie Auto-Delete not to delete the data for this particular container
- whitelist the few domains you trust so that you can keep their sessions open in the Default container
Result: No need to use a secondary browser or to install special "Google/Facebook/etc Containers for Firefox". You always browse the Web incognito by default! Only when you visit some particular webpages do you enter a custom container that keep your personal data separate from other activities.
This has worked nicely for 2+ years, with other essential extensions such as uBlock Origin, Privacy Badger, HTTPS Everywhere and Decentraleyes.
It does prevent tracking of websites that don't do fingerprinting. The best is the enemy of the good!
Though I guess with this setup I can do "accept cookies" knowing that they will shortly be deleted.
I can't skip GDPR page redirects, though.
Run your browser in private mode for everything except a few websites you trust.
Things like this make me believe less in patent reform, and more in complete abolishment.
These are typically pretty straightforward (although tedious) but on some Tor circuits it just never lets me through: the endless "Please try again".
That is to say, if Google's Catcha bot does not like you[r IP], many other parts of the internet stop working, too.
I have a separate Firefox profile I use for rare occasions when I need to allow third party tracking in order to do something.
Sure, you could do a lot of this yourself with different browsers/browser profiles/containers, but it'd be far better to have someone provide that list as a prebuilt addon.
e.g. googlevideo.com resolves to 184.108.40.206 and the PTR for that IP is lga15s48-in-f196.1e100.net
They even have a faq for this: https://support.google.com/faqs/answer/174717?hl=en
Most sites I visit these days--even super common sites like medium.com--have dozens (or even the hundreds alluded to above) of dependencies from seemingly unrelated sites. I have no idea if those are CDNs for common js libs, analytics libs, spammer libs, tracking libs, or what. I recognize things like CDN links for jQuery, Bootstrap, React, etc. I see many that seem to be Facebook tracking.
Of course, blocking many of these breaks the page. I have started to avoid sites that break without access to urls I can't identify. But this is both laborious to vet, and isolating.
There is no longer such a thing as easy, anonymous, inclusive web browsing.
DNS has been made hierarchic for this reason.
This is what I use. I have everything that I log into google for in one container, social media in a second, and everything else is nicely sand-boxed away from those horrors.
Personally, if I was dealing with someone who wasn't already using strong unique passwords for everything, and didn't want the burden of having a password manager, I would absolutely recommend relying on Chrome's built in password manager and having to be signed in to Chrome everywhere. This might actually be one of the use-cases that triggered the 'auto sign into Chrome when you sign into a Google product in a tab' feature, which didn't go down very well in some circles.
I believe (re)using relatively weak passwords on multiple sites is a bigger risk to privacy than Google tracking every page I visit. I would assume they track every page I visit regardless of whether I'm signed in to Chrome or not.
EDIT: Note that I'm assuming this feature in Chrome is similar to the feature in Safari, where Safari suggests strong passwords, but this doesn't prevent those passwords from being stored in your password manager of choice.
If you start using Google's password manager with their auto-suggested long complex passwords, there is no way you can remember the passwords yourself. You'll need to be logged into Google Chrome to have access to the password. Therefore, you'll need to be logged into Google Chrome to log into any website. Currently, there is not way to export passwords from one browser to another, so if all your long complex random passwords are in Chrome, as a practical matter, you won't be able to use Firefox, Safari, or Internet Explorer, you'll be required to use Chrome.
The apprehension over the feature is not about security at all (in fact, this system is likely more secure). It's about control. If you allow Google to manage all of your passwords, then you'll need Google to do anything.
Per my previous, Safari has a similar feature, which streamlines the process of generating secure passwords without needing to switch to the password manager to generate the password, and upon submission, it gets stored in the keychain, and also pops up the ability to store into 1Password via the usual extension.
Sure, all those passwords in the keychain are locked to Safari only, so Chrome, Firefox, etc are unable to access them, but that's what external password managers are for.
It absolutely nudges people away from password managers and on to Chrome. You now you have two options... (1) get a password manager on all of your devices that properly syncs with Chrome; or (2) only use chrome on your devices.
Many people are going to choose option #2. This will lead to more people relying on Google Chrome and Google Accounts, and will now you'll need to be logged into Chrome to log into any other site. It's a way for Google to become requisite, and add more power when they already have so much.
Coupled with clearing history, this should be fairly close to a much more stricter private mode.
I never made a separate browser profile for Facebook, but the moment Firefox's Containerisation was available in Test Pilot, I made a container for all things Facebook.
Or, if you'd like, you may disable auto-update.
You can review it yourself. There is not a whole lot of code here.
Now in the era of WebExtensions (which are SOOO much more secure!!!) it seems they finally approved a version published by those bad actors. No idea tho if and what tracking is in there and if mozilla stuck to their guns and made them remove tracking or not.
Is there a source you're using for this info? As I visited a couple times during that period (including mid this year) and saved a personal copy of the Versions URL which listed multiple versions post acquisition available .
 Specifically: 2.1.1 (2017-10-31), 3.0.1 (2017-11-10), and 3.1.1 (2018-05-23).
(Or human reviews are now allowed after publishing when an extension passes automated review - I'm not sure.)
On iOS, install Firefox Focus, and in Safari settings enable FF provided Content Blocker.
guess if you wait 10yrs for something as simple as an ad blocker, your expectations will be very low anyway
But yeah there is always nitpicking to do when it comes to security. No one is ever truly secure.
All this without breaking user privacy.
Two points against it:
1. You stand out from the crowd with this User-Agent, easy to fingerprint you.
2. Chromium is Google (Ad company) software, like Android. Un-googling it may not be complete or full. Safest way is not using any Google software.
That being said, Brave is pretty upfront about the security of their software. They've paid $25k in bug/security bounties so far and their browser is open source. So if an update turns evil, it stands to reason that someone is going to notice.
FF extensions just have too much power and too little end-user control. At a minimum I'd like to be able to selectively disable them in private browsing mode, as Chrome allows.
Enter your credit card details to check if they've been stolen!
> Email me to subscribe to my anti-spam service!
This is precisely what haveibeenpwned asks for, as your parent wrote.
By the way, if someone from firefox team is reading this : I would _really_ love to be able to just load directories from my FS as extensions rather than having to trust someone on the internet that it does what it says it does. I love building extensions myself, but I just don't install extensions from the web anymore because I don't know what's in there (note that referring to a github repos is not enough : I have no guarantee the content of the extension is the same).
An isolation policy will let you treat subdomain different from main domain. So I can use mail.google.com and still always be logged in, while a search from address bar or elsewhere will open in a temporary container that lasts only as long as the browser tab.
The persistent "Google" container I have has domains mail.google.com, accounts.google.com, and myaccount.google.com.. everything else loads in temporary containers.
Combine with this to remove the link stubs on SERP so you're not sending back click data if there's a shadow profile based on IP and browser metrics.. so shadow profile only knows what you searched and not necessarily what you clicked, and its cleaner for container assignment when opening links in new tabs because there's no brief hop to the same temp container google search loads in before going on to a separate temporary container for the target site:
I'd been using a 'sketchy' container for YTube, but dropped YTube into this. Thereby isolating (I think) YTube from the other 'sketchy' sites I may visit. As for Google ... long-ago blocked it and FB on the network level. Chopping off -some- of the octopus' tentacles.
This looks like a great way to help people who don't want to fiddle with settings to get the same sort of protection. It'd be nice if Multi-Account Containers had an option to add these sites. I should cut a PR for that, probably :\
What I really want is for it to be optimised for the common use case with each domain automatically put in its own container, with some whitelisting of common grouped services (e.g. MS and Xbox Live, Facebook and Instagram).
It's very rare that I actually want to share any cookie info between sites as most of it is tracking. In the rare situation you do, the browser could let you disable containers or add them to a group.
I'd also like something that automatically opts out of tracking preferences, as well as something that periodically deletes cookies/localstorage (say every 14 days).
You could then set it all up and forget about it.
The way I see Facebook Container (as an outside who have been using Multi-Account Container for a while) is that it tried to ride on the Delete Facebook wave few months ago to make people aware of Multi-Account Container functionality, so these Google Container/Reddit Container/etc. always seems weird to me.
Doesn't Mozilla get a significant fraction of its revenue from their search deal with Google?
Paranoia? Yes. Do I have the piece of mind? No. I just simply cannot stay 24/7 on Wireshark examininig every outgoing packet.
Unless the legislation changes for good I really don't see how this mess can be tackled.
Trying to avoid tracking is like some weird obsession/hobby. You go to all these lengths and then you realise they were tracking you anyway, so you throw your arms up in disgust, exclaiming how evil they are and start trying to block that vector, soon enough rinse and repeat. I was there too only a few years ago but I've since given up and my life has gotten measurably better because of it - I no longer feel like I'm trying to "stick it to the man", I don't have to integrate a bunch of different services in an attempt to keep x and y in separate products to reduce my "awareness surface area" to any one company. I just stopped worrying so much. Simple as that. And I'm really not convinced some evil affliction is going to strike me down as a result. Next time you find yourself wasting hours of your time trying to make yourself "private" just think of all the other fun stuff you could be doing.
But if you want best bang for minute spent worrying privacy: Use Incognito, uBlock, Proton Mail and a VPN. 20 minutes of your life and you're pretty darn private. This should cover you without labouring over choices of extensions etc.
You now have accepted a fundamentally different world where anything you like, anything you say, anyone you are with or hope to be with, anything you hope to do, have done, didn't do, every mistake or misstep or misstatement or misunderstanding or fuckup, is recorded, analyzed, classified, and mined. You're being constantly thought about, by the machines, who, if you are lucky, are only interested in making a buck off you, and if you are not lucky, have targeted you for increased scrutiny, security checks, auditing, social classification, digitized karma, and eventually, all of this will translate to a significantly different experience through life. How will it manifest? Maybe it'll be something big like being denied a loan for a car or a house. Maybe it'll be a landlord turning you down for an apartment. Maybe it'll be a constant drip of ads trying to trick you into buying something. Or maybe one day beaker53 will say something bad about the government, or get involved with a terror group, or it will accidentally look like you got involved with a terror group. Or maybe they'll just come annoy you while you're sitting down to tune your guitar with an ad on how to make yourself a better guitar player, if only you did this or that or the other thing. Or maybe they'll pester you because your friends did something or didn't do something or should do something, or how you'll look better in relation to them if you did do something.
Speak for yourself. I'm sick of being watched and being "thought about" by all these damn machines. FFS leave me alone, like it was just 15 years ago. Just 15 years ago.
This is not really an acceptable attitude towards this opinion. You can not mind the current state of tracking, acknowledge benefits, etc and should not be demonized or told your opinion was beat into you. And then congratulate them some rude way?
I used to wonder why so many people were surprised at recent presidential election results, assumed propaganda must be the cause, assumed ignorance of those they don't understand, take elitist attitudes towards others' preferences, etc. But now I'm starting to understand this cognitive dissonance. It's ok that they don't see tracking as a big deal, it's ok they don't want governments to step in, they aren't just dumb victims beat into submission.
Personally, I feel the status quo is preferred over alternatives, but to each their own. Whether someone is poorly informed on a subject or not is hard to gauge and not always something that has to be fixed. The problem here is that ignorance is used as a reason to protect people from themselves forcefully thereby silencing the informed-yet-disagreeing (emphasis on "here" in this situation at this time, can't make generic absolute statements about consumer protection in general).
> We're not discussing it, frankly, because people are generally passive and some, like the poster, express a pretty dangerous lack of concern.
I see quite the opposite. Can't open any newspaper or obtain any general news without the ills of big-web-tech shoved in your face. The harms are explained as extreme but to many, regardless of what the pitchfork bearers shout, the harms are not that extreme. What's dangerous is over concern and the results of that fervor. But all of that is personal opinion, the good part is the freedom to hold that opinion and act on it personally without imposing.
Data never being completely deleted, and the unending tracking being a slow sort of death of personal freedom is a good point, but I read the point of the poster you responded to as this: We can only do so much to secure our privacy, do effective and easy to implement solutions. If we want absolute privacy, its probably never possible until you cut out massive parts the digital world for yourself, and diminishing returns for your efforts most likely aren't worth it.
Edit: you've done this before as well: https://news.ycombinator.com/item?id=18392730. That was already a bannable offense on HN, so please don't do this again.
Yeah you were still being tracked. It's just a lot easier and more specific now. But everything about you that's public record, or even semi-public, including your credit reports, housing history, leins/judgments, voter registration, bio/demo data from any product registration card you ever sent in, purchase history from credit cards, etc. was in marketing databases and bought, sold, and traded. This has been going on since the 1970s at least.
But you're right, it's MUCH more pervasive now.
However, if you really yearn for what it was like 15 - 20 years ago, there's an easy solution: Don't be online. At all. Just like it was then.
The video portrays a future advanced home speaker which terrorizes its family through ads, AI, and "helpfulness" through data mining and the occasional benign hacking of remote systems.
No, it was about someone (“beaker53”) who could be confused for a known person (“beaker52”).
Having a lock on your door won't stop professional burglars, but it implies effort and isn't the same as leaving your front door wide open, which also invites passerbys.
Protecting your privacy actually has a non-negligible effect on your experience on the Internet. Let me give you an example ...
I have a friend that's a T2 diabetic, is self treating and doesn't want to go to a doctor due to past bad experiences. So in trying to help him, I signed up for a Facebook group for diabetics in my area. The result is that now I'm getting commercials for treatments of diabetes.
This to me is freaking scary, because this data can be used against you. Your medical history could affect your credit score for example. Your buying history or your friends list could affect the price of your insurance. Your daughter could get pregnant and the store could find out about it before you. Oh wait, these already happened.
You can't escape all profiling, but the less these profiling companies know about you, the better you are.
I'm using DuckDuckGo lately to search for symptoms of hypothyroidism, because apparently I suffer from it. Along with the privacy extensions I have installed (Privacy Badger, and ad-blocker with EasyPrivacy), guess what, I don't have commercials following me around on hypothyroidism, which to me is confirmation that I'm doing a good job.
You can choose to not care of course. But you're probably young. Give it another decade.
I'd add searx.me to search engines, and uBlock Origin to ad-blockers, in medium mode:
They know more about your online history than yourself they can write a diary for you but if you feel comfortable with that, then you don't need to do anything.
Changing IP, clearing cookie and changing browser may divide your ID but as soon as you log in with your Google account or they realize you may be having identical online activities, you can easily get linked again.
And as soon as you buy something on your Google account, be it physical item or an in app purchase, they know your real identity along with all of the above and then with more profiling, you will be linked with other people by family name, location you often visit and recognized by any other profiling I can't think of now.
Considering all data is saved forever, how likely do you think your country is to get something similar in the next 30 years?
However, it does concern me that it exists. They use this data to manipulate people. To drive "engagement", which means addiction. I could spend too long describing the evil in it, but at the end of the day, why do they care so much about the data? It all only really comes down to a way to manipulate people... into buying goods, into believing things... without hyperbole, just to try to avoid listing out so many points and examples, their desire for data stands in opposition to the popular conception of free will and democracy. I will always take a strong dislike to people and organizations attempting to manipulate me by means other than simply providing value in my life and getting some value back in exchange.
At this point, it concerns me less how much data they collect on me, and that we as a society haven't dropped some kind of regulatory hammer on them before they almost literally brainwash us out of the notion that we would even want something like it.
>This allows Telegram to be widely adopted in broad circles, not just by activists and dissidents, so that the simple fact of using Telegram does not mark users as targets for heightened surveillance in certain countries. We are convinced that the separation of conversations into Cloud and Secret chats represents the most secure solution currently possible for a massively popular messaging application.
>people using these apps can be targeted by governments as those who have something to hide. Due to the limited distribution of such apps, the government can identify and track individuals whose phones connect to the corresponding IP addresses. This is something that is already happening in case of tools like Tor, and, to a lesser extent, of some messaging apps. Yasha Levine is publishing a brilliant investigation about it.
>Am I the only one who doesn't worry too much about all this "tracking"? Trying to avoid tracking is like some weird obsession/hobby.
A cursory glance at recent human history shows the extreme naivety of not worrying about the negative effects of mass computer tracking.
 see here https://support.mozilla.org/en-US/kb/tracking-protection?red... or, alternatively, you can use Privacy Badger or one of the many ad-blockers that let you enable tracking-related lists, such as uBlock Origin.
 see here: https://addons.mozilla.org/en-US/firefox/addon/multi-account...
It's rather aggressive, even: blocks Yandex's maps embedded on other sites (though iirc doesn't block Google's maps).
Doesn't help that FB is getting a bad rep these days and its more mainstream to hate on it.
It seems natural to posit that money is the issue but is it so easy to believe that a foundation most of us trust would compromise its core values?
As mentioned elsewhere hacky add-ons cannot be the end solution, and will not be widely adopted unless incorporated as defaults.
I think if Mozilla included code that specifically targets Google, they would be crossing a line.