FixTracking.com

yegg Staff yegg
Created: 5 years and 5 months ago
In honor of Data Privacy Day, we made http://fixtracking.com/.

We hope for it to be a site that people can send mainstream people to so that they can easily stop getting tracked in their browsers. We reviewed all the extensions for the major browsers and recommended the ones we think to the best jobs at addressing the major tracking mechanisms, which we also explain on the site. We then have another section of additional tools to consider.

This thread is a great place to provide feedback and discuss ways to improve the site. There was a lot of nuanced thinking that went into the site, and we'd love to tweak it over time to be the best place possible.

This forum has been archived

Thank you all for the many comments, questions and suggestions. Particular thanks go to user x.15a2 for constantly monitoring, replying and helping so many users here. To continue these discussions, please head over to the DuckDuckGo subreddit.


anonymous
Something that I use in addition to Ghostery, AdBlock Plus, and HTTPS Everywhere on Firefox is Collusion.

From the Mozilla addon page:
"Collusion is an experimental add-on for Firefox that allows you to see which sites are using third-party cookies to track your movements across the Web. It shows, in real time, how that data creates a spider-web of interaction between companies and other trackers."

I like to use this so I can see which sites (even after using the above) I still get reffered to. For the most part, hot linking is the main cause, but it does help to understand what is actually being sent without pulling out tcpdump.

Also, for Flash cookies, I just disable them all together. To do this, it is simply a matter of right clicking on a flash object, selecting global options, and then selecting "Block all sites from storing information on this computer" from the Storage Tab. Note: That is for Linux (not sure about others).

There is also an option to have flash ask before storing, but if you watch videos on Hulu, YouTube, CNN, or others you'll get pestered all the time.
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
There doesn't seem to be any plugin to 'fix' browser fingerprinting. Would be useful with a plugin that does, or a note on which plugins do combat this issue, maybe in combined effort? Thanks for a great list with simple info!
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
I'm surprised you recommend DoNotTrackMe instead of Ghostery. I've tried the two and DNTM is in no way as effective as Ghostery in recognising and thus blocking trackers.
posted by [Old Forum guest] • 5 years and 5 months ago Link
yegg
The question of comprehensiveness aside, Ghostery has a fatal flaw in terms of recommended them: they don't block by default. This is why there is the big disclaimer next to their name.

We do currently recommend them on Opera since there is nothing else available, but we're generally very hesistent to fully recommend anything that doesn't do the desired behavior by default.
posted by yegg Staff5 years and 5 months ago Link
anonymous
The icon used in the example for Flash cookies under "Common Tracking Methods" does not match those actually used.
It would also be useful to detail the risk in trusting so many independant plugin authors with trust in handling access to every single website you visit. 

Happy Data Privacy Day!

--
Team PrivaSecTech
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
Are there any plans to have this page in different languages?
posted by [Old Forum guest] • 5 years and 5 months ago Link
yegg
Yes there is! The tokens will be part of the translation platform soon, which anyone can contribute to at http://dukgo.com/
posted by yegg Staff5 years and 5 months ago Link
anonymous
Standard battery:
  • certificate patrol
  • collusion
  • donottrackme
  • ghostery
  • https-everywhere
  • https-finder
  • noscript
  • perspectives
...on iceweasel.
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
Support for development and non-standard browsers needs to be added to fixtracking.com

Browser: Firefox-21.0a1 (aka 'Firefox Nightly')
Browser: Rekonq-2.xx (Identifies as Safari, Which is incorrect. Rekonq has early support for Chrome Extensions and User Scripts{javascript})
Browser: Midori-x.xx (Identifies as Chrome, Which is incorrect. Midori has support for User Scripts)

---------

Also, while the Chromium Project is in Essence "Chrome" they are not the same browser, you should identify it properly and show the changes that correspond to it... Including there Logo, Settings Page, and Extensions Page. Also note that Chrome shares Browsing information and History to Google. While Chromium does not.

Chromium: http://www.chromium.org/Home
Chrome: https://www.google.com/intl/en/chrome/#cds
Rekonq: http://rekonq.kde.org/
Midori: http://twotoasts.de/index.php/midori/(NOTE: this is not the project site, as i could not locate it. BUT this provides just as much information.)
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
For Chrome, I would highly recommend SafeScript (which used to be ScriptNo) instead of NotScripts.

NotScripts hasn't been updated in 2.5 years whereas SafeScript is as good or better than NoScript for Firefox and is in active development. This plugin was originally based on a combination of NotScripts and NoScript for Firefox.

I also found NotScripts to be useless on Opera. I uninstalled it when it appeared to be pretty ineffective.
posted by [Old Forum micasuh] • 5 years and 5 months ago Link
zac
Duly noted--thanks! We'll definitely look into that. 


-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 5 months ago Link
anonymous
I'd like to throw a shotout to http://www.selectout.org as well. Tracking Opt-Out without installing an extension (as well as a cool search engine to see what cookies/scripts/data is collected on each website).

Still being improved on, and not completely perfect or complete yet though.

Disclaimer: I made it.
posted by [Old Forum guest] • 5 years and 5 months ago Link
zac
Thanks for the suggestion, however, the tracker opt-outs aren't effective. It's not obligatory to listen to an opt-out request and, even among advertising companies that are supposedly user-friendly (members of the NAI), most of them don't respect opt-out requests: https://cyberlaw.stanford.edu/blog/2011/07/tracking-trackers-early-results



-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 5 months ago Link
anonymous
Most of the privacy policies of the third-party tracking companies state that Opting-Out (through NAI, selectout, or on their own website) will prevent the data from being retargeted/sold/whatever. Not necessarily that tracking itself will stop, so wouldn't tracker opt-outs still be an effective measure? I have been working with a number of them, and the whole point in having an Opt-Out cookie that expires (as most of them do) is to be able to retarget in the future while respecting their Opt-Out wishes for 1 week, 2 weeks, whatever the length of time is. Do Not Track on the other hand is something that is completely useless at the current time because it is optional. So I would think though that an actual Opt-Out cookie is still effective in securing privacy if even for just a couple weeks while the cookie lasts.

(I'm not trying to fight my case, just trying to learn more through this so I can build a better service moving forward).
posted by [Old Forum guest] • 5 years and 5 months ago Link
zac
Right--the general gist is, you're still being tracked, they're just not targeting ads at you based on the information they collect. 


-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 5 months ago Link
anonymous
I'd also recommend RequestPolicy for Firefox, it was listed in http://donttrack.us/ before!
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
The Adblock and Adblock Plus extensions are also available for Opera. It would be nice to add them to Opera's choices too 
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
The browser fingerprinting icon isn't used for any addon - why include it if there's not a way provided to avoid it?
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
I went to the page to see if it would be a good recommendation for my not-so-techie friends. Probably like many other folks who visited here.
 
Many folks who have this issue near top of mind surf with JavaScript turned off. (see the endorsements for NoScript) so when we hit the page we are greeted with this text:

It looks like you have JavaScript disabled and this page requires it to work properly. We'd like to show you some great resources for managing privacy on the web but you'll first need to enable JavaScript in your browser.
I think that you should acknowledge non-scripters in this text. Perhaps something like:

It looks like you have JavaScript disabled and this page requires it to work properly. While we congratulate you on your choice to surf safely by turning off scripting, we'd still like to show you some other great resources for managing privacy on the web. So perhaps you could enable JavaScript in your browser.

It would be a good way to make friends with the sorts of people who are most likely to share this page.

Thanks for your efforts

Zip

P.S. Here is my current regime:
Firefox
NoScript
Ghostery
AdBlock Plus (with extensive whitelist)
Hosts file
Beef Taco
Better Privacy (with Ghostery conflicts resolved)
Google Analytics Opt-out
Flashblock
Facebook Disconnect
Twitter Disconnect
Google Advertising Cookie Opt-out
HTTPS Everywhere
Collusion

Of course, all of these add-ons, combined with my screen size, color depth etc, makes Panopticlick tell me that my browser is unique. Oops!

And, yes, I use a completely naked version of Opera when a site refuses to work.
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
This is a really useful resource, and I have two suggestions for  your consideration. The first is to group the add-ons by function, so the average visitor could easily avoid duplication. The second would take this a step farther--suggest "packages" of add-ons that work well together to accomplish the over-all goal.

Finally, a question if I may. In the section on Firefox settings that impact privacy, it's not clear to me if "warn me if sites try to install add-ons" should be disabled* along with "block reported attack sites" and "Block reported web forgeries".

*Would that allow a site to install an add-on without asking me?

DDG just keeps getting better and better! Thanks for all your great work.

JG

posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
Anyone got any thoughts about use of browser independent tools like Privoxy?
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
Beef taco is another good add-on for privacy.

There are more settings you could put about firefox, such as not allowing third-party cookies, click-to play with plug-ins etc. how about also suggesting using Tor at the bottom for extra privacy.
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
For fingerprinting try Firegloves (only for firefox). Copy-paste user-agents from any site having a list of these to addons preferences.

Also to provide more privacy with cookies we could use cookie-managers like CookieMonster or CS Lite Mod (both for Firefox). I prefer the second since it stores my settings instead  of the first one, which it doesn't.

But the real power, for firefox, is in about:config. Test these settings and tell me your experience/results. (Sorry for the long legnth)

geo.enabled = false

geo.wifi.uri = [leave blank]

network.http.accept.default = text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

network.http.use-cache = false

network.http.keep-alive.timeout = 600

network.http.max-persistent-connections-per-proxy = 16

network.proxy.socks_remote_dns = true

network.cookie.lifetimePolicy = 2

network.http.sendRefererHeader = 0

network.http.sendSecureXSiteReferrer = false

network.protocol-handler.external = false [set the default and all the subsettings to false] (can’t open manget links like torrentbutler.eu and thepiratebay.se

network.protocol-handler.warn-external = true [set the default and all the subsettings to true]

network.http.pipelining = true

network.http.pipelining.maxrequests = 8

network.http.proxy.keep-alive = true

network.http.proxy.pipelining = true

network.prefetch-next = false

browser.cache.disk.enable = false

browser.cache.offline.enable = false

browser.sessionstore.privacy_level = 2

browser.sessionhistory.max_entries = 2

browser.display.use_document_fonts = 0

intl.charsetmenu.browser.cache = ISO-8859-9, windows-1252, windows-1251, ISO-8859-1, UTF-8

dom.storage.enabled = false

extensions.blocklist.enabled = false

(the network.http.sendRefererHeader = 0 and network.http.sendSecureXSiteReferrer = false made my Collusion addon graph clear. This means the no referer was sent to any website and worked). Waiting for your thoughts.

WithoutWax
posted by [Old Forum guest] • 5 years and 5 months ago Link
zac
Deleted your duplicate post :) In regards to Firegloves--thanks for the recommendation! According to the page on Firefox, though---they're going to stop supporting it so we're hesitant to recommend it on fixtracking.com 

Hopefully, someone can fill this gap with a new addon because, as far as browser fingerprinting goes, there aren't too many addons out there with respectable track records and reliability. 

-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 5 months ago Link
anonymous
My list is for privacy paranoid-zombie-freak-call whatever you like  people like me. Of course these are optional settings, not to be used without knowledge.

Also I'd like from you to dedicate honor to people who fought for our rights, especially for our digital rights, like Phil Zimmerman creator of PGP and Bruce Schneier computer specialist.

Thank you for reading me and delete on of my 2 posts, are the same by the way.

WithoutWax

posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
The threat to privacy here is very small, happening if, and only if, you attempt to browse to a site which has been reported as a threat to your computer or your personal information, and only disclosing the URL of a site already previously reported as dangerous, and the exposure is very minimal, and likely not even personally identifiable.

The threat to privacy with this feature off, however, is far greater - the sites listed in the "safe browsing" database are listed for either trying to put malware on user's computers, or for being phishing sites, and are therefore orders of magnitude greater threats to privacy than the network requests implementing the database. 

Specifically, according to http://www.mozilla.org/en-US/firefox/phishing-protection/ the way the feature works is that a copy of the "bad sites" database is periodically downloaded by the browser and stored on disk (if I recall correctly, in the urlclassifer.sqlite3 file in the Firefox profile). Sites are checked locally against the database, if there's no match, the browser displays the page as normal, and nothing is sent to third party servers. If there is a match, indicating that the site is currently in the database, Firefox DOES contact a Google server, but only to avoid a false positive - if the site has been removed, the database is updated, and browsing continues normally, otherwse, if the site is still listed, a scary red warning screen tells you that the site is trying to break in to your computer and/or steal your information, and you shouldn't go there.

Given this information, the benefits to privacy and security outweigh the risk for the vast majority of users, and I strongly encourage you to rethink how you present your recommendations in light of the potential security and privacy trade offs which exist here. 

posted by [Old Forum sdaugherty] • 5 years and 5 months ago Link
anonymous
Your opinion is exact, and honest for all browser users.
Why fixtracking.com recommend disabling "Block reported attack sites" and "Block reported web forgeries"?
There is NO TRACKING FEATURE at least on firefox.
I think fixtracking.com must not recommend users to disable these features.
posted by [Old Forum guest] • 5 years and 5 months ago Link
crazedpsyc
Those features function by poking Google with the websites you visit, and therefor compromise privacy. As for the "no tracking feature" -- if you mean the "Do Not Track" option, see here: http://whatisdnt.com/
posted by crazedpsyc 5 years and 5 months ago Link
zac
We're definitely interested in how we can improve on this. The issue we're facing right now is, it's unclear what's going on with the data behind closed doors. It's also not clear which part of their respective privacy policies this would fall under: 




Because there's no specific mention of how this data is handled, we thought it best to at least make people aware that it could be interfering with their privacy. Obviously, though, if there's a better way to phrase this (or format, in general), we're open to it :) 

Any suggestions? 

-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 5 months ago Link
anonymous
I am not recognizing the threading/layout of this forum(s).  This comment seems midstream, but it is the only one mentioning "malware".

FixTracking.com suggests disabling Fraud and Malware protection in Opera.  ????  That is not intuitive to me.  Am I reading that wrong?  Is that a good trade off: Trade malware protection so someone can not target me with ads?  Does it have to be either/or?  Isn't Duck Go supposed to limit browser tracking?  

If Duck Go is set as the default search in Opera, what does the browser extension add?  

This question may be stupid:  Would subscribing to a thread in this forum(s) {again, can't make sense of threading and forum(s) layout here} be an inappropriate privacy leak?
posted by [Old Forum guest] • 5 years and 3 months ago Link
anonymous
I'm guessing that FixTracking.com bases it's recommendations exclusively on the browser you're using. To do otherwise would be a much more involved project, of course, but it would be useful to some users if you stated this. If I'm wrong about this, then I would suggest you display the deficiencies you found so users know exactly which issues remain to be addressed. For example, I'm running HostsManager that mitigates a lot of these threats.

Another option that isn't mentioned is Tor. Although Tor can slow down your browsing, it's better than it was a year ago, and there isn't anything that I'm aware of that works better.

I don't mean to sound critical, though. I fully support the work you guys are doing, and I think you've got a great product here. Keep up the good work!

JG
posted by [Old Forum guest] • 5 years and 5 months ago Link
zac
Sorry--not exactly sure what you mean. Were you referring to the browser settings portion mentioned above? Did you mean to show addons based on which addons were currently installed on that user's browser? 


-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 5 months ago Link
anonymous

Recommended Abrowser/IceCat/Iceweasel/Firefox extensions:

Smart Referrer - Referrer Tracking
Blender - Fingerprinting
Request Policy - HTTP Requests
Site Identity Button Colors/Safe - Awareness
HTTPS-everywhere - Force encrypted transport
HTTPS Finder
Convergence/Monkeysphere - Encryption Verification
clearHTTPStatus


PDF.js - PDF Viewer
WebODF
 
Adblock Plus - EasyPrivacy List (EasyList) web bug fallback for dummies
Collusion

LibreJS/NoScript: Advanced | Secure Cookie Management, ClearClick, LibreJS fallback, ABE, Embeddings, RequestPolicy
Self-Destructing Cookie/Cookie Controller[DOM]/Toggle Cookies

BetterPrivacy/Flash Player: "Block all sites from  storing information on this computer"
Scriptish/Greasemonkey: ViewTube, Linterna Magica instead of Flash/Gnash

TorButton(freezes everything)
DDG Button

PwdHash/ Pwdhash for Android via Fdroid
Stop SOPA

All the best!
Gnewt.
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
Hello,

please consider removing the section about web forgeries and attack sites. Disabling it and going on a rogue website have the potential to be more damagable to your security and privacy vs. disabling it.

Here is how Firefox implement it. As you can see, they care a lot about privacy: https://www.mozilla.org/en-US/legal/privacy/firefox.html (Protection Against Suspected Forgery and Attack Sites Features)
posted by [Old Forum guest] • 5 years and 5 months ago Link
anonymous
Hi there, 

what guys do you think about comodo dragon browser (chromium base) ? http://www.comodo.com/
Is the privacy and security speech trustable ? Or it's the same as google and cie ?
posted by [Old Forum guest] • 5 years and 4 months ago Link
zac
Just tried to look but I can't find the privacy policy for the browser. I see the one at the bottom of the page but it doesn't reference how the browser privacy works.


-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 4 months ago Link
anonymous
On Google Chrome Privacy Manager: https://chrome.google.com/webstore/detail/privacy-manager/giccehglhacakcfemddmfhdkahamfcmd?hl=en-US is a great extension that can clean up cookies, history, etc on startup and it makes it easier to setup your privacy settings in Google Chrome.
posted by [Old Forum guest] • 5 years and 4 months ago Link
anonymous
posted by [Old Forum guest] • 5 years and 4 months ago Link
anonymous
Nicely done page!!

I've been using some of the sites, along with Ghostery, but am not sure how they interrelate or if i'm duplicating efforts.

For Safari (also use FF), i just turned off location services, thus no need to "Prompt for each website once per day".  I'm not sure what allowing location services provides me - for laptop - but this isn't DDGs domain. 

Thank you.

A happy user. 
posted by [Old Forum guest] • 5 years and 4 months ago Link
zac
Thanks!

You can use the symbols at the bottom-right of each add-on to verify if it has overlapping functionality. The section, "Common Ways You're Being Tracked" also shows which symbol is associated with each function.

Location services requested by your browser are for tailoring pages to your specific locale. An example would be similar to visiting craigslist.com and having it default to your city. Although it's convenient, for most browsers, they don't make it clear how this data is handled.

-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 4 months ago Link
anonymous
Hi

Could you please add the Firefox Add-on named Google/Yandex search link fix ?
It prevent Google from redirecting you to google.com/url=example.com... if you click on an organic from example.com.

Please note: It is not preventing Google from tracking you nor preventing them from personalizing your results.

Best regards,
Casper Qvortrup

- DuckDuckGo Forum Moderator.
posted by [Old Forum screapdk] • 5 years and 4 months ago Link
zac
Cool, thanks! Duly noted for the next version : )


-Zac

DuckDuckGo Community Manager
posted by zac Staff5 years and 4 months ago Link
anonymous
I have used DoNotTrackMe along with HTTPS everywhere for a while on chrome but recently i keep getting a bunch of extension errors listing a conflict between the two.  anyone else experience/know a little more about this?
posted by [Old Forum guest] • 5 years and 3 months ago Link
anonymous

This is a nice trial and keep up the good work! Don't sell yourselves as did all others before you! ...and stop smashing Google, may their practices be as outrageous as they are, as it looks like bad character, by which most good-hearted people will be put off! ...and doesn't really help promote the site since it smells a bit like envy.


In order to make this really work and get picked up, I'd suggest following changes:

- Consider changing the BRAND NAME for a two syllable one! My suggestion is "DuckNGo". You'll see the results for yourself soon if you do.

- The "fixtracking" site is very helpful, but most people wouldn't bother to read this much. People who use the internet for search etc. do so because they want what they are looking for fast. Do an easy step-by-step "QuickFix" tutorial for all OS's and all browsers, including brief info on and how to update a hosts file. /You may even want to provide an essentials and pro hosts file download./

- If people could see thumbnails next to the links when searching for videos or images not to mention a button to search for these specifically, the majority who are concerned about their security and privacy but like convenience, would jump over straight away.

- You have a lot of space on the left an right, so you could float some security and privacy related widgets and on the other side a video and image preview bar. Don't be afraid it'd "look like google" etc.! It won't. This is a search engine, where people expect to find stuff, which they expect the site to show them as quick as possible – hence, there will be pictures and videos on your page, either vertically or horizontally, period. That won't make the site look like a copy of other search engines!

Otherwise, I like any type of freedom-preserving initiatives, that enforce people's unalienable rights to absolute privacy.

PS.: If you would offer essential security classes in a “floating” widget box in form of 2-3 minute videos, also including a quick and simple tutorial at a time and maybe issue some funny “certificates” to registered users, the site would pick up tremendously quick! :) ...If I was in charge over your marketing development, I would even suggest you to offer basic email addresses to registered users.

Also, if you ever think of advertising, here's a nice slogan “Find what YOU expected...DuckNGo!” ...the picture would be a small pond with a duck's butt sticking out of the water... :)

posted by [Old Forum goduck] • 5 years and 3 months ago Link
crazedpsyc
- We're not interested in changing the name at this point 

- Isn't that what the fixtracking site accomplishes? There's not much to read-- it gets straight to the point, and is mostly graphics.

- This has been considered in several implementations, but the general consensus seems to be it adds too much clutter (I agree). Adding an option to "expand" the result could be helpful, but then you wouldn't know if there was anything useful until clicking it, which cuts out the usefulness quite a lot.

- Again, clutter. It's not a problem of looking like other search engines exactly, it's just that irrelevant information (yes, pictures and videos are more irrelevant than relevant!) does not belong on the search result pages.

The videos are a nice idea, but production takes a bit too much effort away from working on the search engine itself. Email addresses are also not in the short-term plan -- too much management and physical resources involved, which would again take resources away from the search engine itself.
posted by crazedpsyc 5 years and 3 months ago Link
anonymous
I use "masking agent" to stop user agent data from being sent anywhere. it allows you to replace your user agent with any string you want. great tool.

https://addons.mozilla.org/en-US/firefox/addon/masking-agent/?src=search
posted by [Old Forum guest] • 5 years and 2 months ago Link
anonymous
Great, thanks! : ) I will pass this on to the others on the team. : )

Best regards,
Casper Qvortrup

- DuckDuckGo Forum Moderator.
posted by [Old Forum screapdk] • 5 years and 2 months ago Link
anonymous
YesScript is a good alternative to NoScript, which is bloated apparently.

posted by [Old Forum guest] • 5 years and 2 months ago Link
anonymous
This is a guide on how consumers protect against the producer's tracking.
But often, producers don't even know that they use technology on their website that tracks their users.

I am a "producer", I've got a blog and I'm trying to keep tracking minimal. But that's a hard way, especially when every website recommends tracking services like Google Analytics, AdSense, or Widgets like Facebook's ones.

We do not only need a guide for consumers to protect against tracking, but also for producers to prevent tracking!

Are there any privacy-friendly ad networks, statistics services, social widgets? Through informing the "producers", making it easier to use privacy-friendly services than using tracking services, this is the more effective way. Currently, we wait for those users who have enough of being tracked. But there are dozens of users who aren't even aware that something like "tracking" exists or just don't care. So why don't we communicate with the people who host websites? We must tell them what to do to protect their visitors.
posted by [Old Forum guest] • 5 years and 1 month ago Link
anonymous
posted by [Old Forum guest] • 5 years and 1 month ago Link
anonymous
I can suggest for Firefox:

- (important!) HTTPS Finder with (or alone) HTTPS Everywhere. Reason: HTTPS Finder, test every page you open, HTTPS Everywhere is based on a list. HTTPS Finder can write in HTTPS Everywhere's list.

- RefControl to block Referrer Tracking.

- (optional) Collusion show you, who are tracking you.
posted by [Old Forum guest] • 5 years and 1 month ago Link
anonymous
Sorry to sound like a spam email (quite ironic, because I'm talking about spam-blocking software), but I have another plugin to be put onto FixTracking.com. It's called MaskMe, and it gives sites a different email every time they ask for one. Here's a link: https://abine.com/maskme/
posted by [Old Forum guest] • 5 years and 1 month ago Link
zac
Noted, thanks!


-Zac

DuckDuckGo
posted by zac Staff5 years and 1 month ago Link
anonymous
I love this site. It would be handy to have some information for mobile users too. For example, I am using Firefox for Android but I don't know what I could do to prevent tracking, or if that's even the browser I should be using for my phone. 
posted by [Old Forum guest] • 5 years and 1 month ago Link
anonymous
You can install all those addons also in the mobile version of Firefox as far as I know.
For the two options to disable:
  • Block reported attack sites
  • Block reported web forgeries
you can go on the about:config page and set to false these two values:
browser.safebrowsing.enabled
browser.safebrowsing.malware.enabled

posted by [Old Forum guest] • 5 years and 1 month ago Link
anonymous
Right now Ghostery has only the "Web-Bugs" attribute even though it blocks tracking cookies, too. I think that should be fixed.
posted by [Old Forum guest] • 5 years and 1 month ago Link
anonymous
That's noted for the next version, thanks! : )

Best regards,
Casper Qvortrup

- DuckDuckGo Forum Moderator.
posted by [Old Forum screapdk] • 5 years and 1 month ago Link
anonymous
I think of personal privacy as a human right that can't be bought,sold or traded.Some day it will be a crime to track people on line without their permission.The new breakthrough for the internet will be the search engine that can provide the security of privacy and that search engine will be the new Google.People will flock to that search engine for everything they want and will make that search engine the dominant one for the internent.It's impossible for the major search engines like Google to do this because their reputation is in shatters when it comes to protecting our privacy.It's not a matter of if this will happen, it's a matter of when.
posted by [Old Forum guest] • 5 years and 1 month ago Link
x.15a2
Apparently you don't understand how much money there is in data mining.



x-15a2
Forum Moderator
posted by x.15a2 Community Leader5 years and 1 month ago Link
anonymous
So, I really, really appreciate what you've done with Fixtracking.com, and I also use DuckDuckGo daily. It has almost entirely replaced my google search usage now.

Omm, have you considered adding RequestPolicy to your page of addons?
https://requestpolicy.com/faq.html

It really deals with several issues right at the core, much like NoScript does. IMO it relieves the risk of many potential pitfalls to privacy before they can even happen (though with a bit of a management cost upfront, in a similar fashion as NoScript).

Anyway, thanks again for your great efforts in this arena, I hope you receive blessings for it. <3

Lemony Minitx

posted by [Old Forum guest] • 5 years and 25 days ago Link
anonymous
Please make the site usable with javascript disabled.
posted by [Old Forum guest] • 5 years and 25 days ago Link
anonymous
Like suggested earlier, I would highly recommend ScriptSafe [1] for Google Chrome. Also I would recommend AdBlock [2] over AdBlock Plus [3].

This is due to AdBlock Plus' shady dealings with corporations to whitelist ads and due to their URL-typo-correction. The later can result in overwriting the referrer to theirs on Amazon so that they earn money without referring anything. If you speak German, you can read more about it here [4]. There is also a statement by Till Faida [5] to this article (German again). The links he provided to show that the whitelisting is one hundred percent understandable and community-based, speak for themselves: Whitelisting-rules get pushed through if there is one user saying, that it's ok for him/her. And most of the time, it is someone with just one post ever made. Quite suspicious. The same goes for the change of their guidelines. These have been altered to get certain advertisers on the whitelist.

For the same reason, I would not recommend AdBlock Plus for Firefox but AdBlock Edge [6].

With best regards,
Onse.


[4]=http://www.mobilegeeks.de/adblock-plus-undercover-einblicke-in-ein-mafioeses-werbenetzwerk/ - Sascha Pallenberg, Adblock Plus Undercover – Einblicke in ein mafioeses Werbenetzwerk, 2013
[5]=http://www.giga.de/downloads/adblock-plus/news/adblock-plus-im-fokus-werbenetzwerke-und-abkassierer/ - Flavio Trillo, Adblock Plus im Fokus: Werbenetzwerke und Abkassierer [Update], 2013
[6]=https://addons.mozilla.org/en-us/firefox/addon/adblock-edge/ - AdBlock Edge, Addons for Firefox
posted by [Old Forum guest] • 5 years and 16 days ago Link
anonymous
Is Adblock Edge compatible with Adblock Plus Pop-up add-on ?
posted by [Old Forum guest] • 5 years and 15 days ago Link
anonymous
Both "acceptable ads" and URL typo correction can be disabled in ABP settings.
posted by [Old Forum guest] • 5 years and 16 days ago Link
anonymous
ccleaner.com

  really helps a lot
as well as 

superantispyware.com

better privacy add on in mozilla
 easy enough to set up and use

 i also suggest  using
tweekhound.com

  to run through your hardware and software,  it  will save you thousands of hours of grief  and a lot of money

posted by [Old Forum guest] • 5 years and 15 days ago Link
zac
I love CCleaner. Just sayin' : ) 


-Zac

DuckDuckGo
posted by zac Staff5 years and 15 days ago Link
anonymous
Author of ScriptSafe (for Chrome) here. I've just updated it with a slew of fixes, with an update notice mentioning PRISM and a link to FixTracking.com: https://chrome.google.com/webstore/detail/scriptsafe/oiigbmnaadbkfbmpbfijlflahbdbdgdf

Not to be biased or anything, but NotScripts hasn't been updated in ~2-3 years!
posted by [Old Forum guest] • 5 years and 13 days ago Link
zac
Thanks much! I wasn't aware of this addon but I've added it to our notes for v2 of fixtracking.com 


--also started using it  :)



-Zac

DuckDuckGo
posted by zac Staff5 years and 13 days ago Link
anonymous
Since Opera 15, Fixtracking have been recommending me Chrome add-ons (and I have to manually select Opera) - perhaps at least partially due to Opera switching rendering engine to Blink, and not even mentioning "Opera" in its UA string "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.52 Safari/537.36 OPR/15.0.1147.130" (an abbreviation "OPR" is there though) - which is less than optimal, since Chrome's add-ons cannot be installed (nor can older Opera extensions, for example the NotScripts and DuckDuckGo addons, they only work on Opera 12 and below - AdBlockPlus and Ghostery do install on both Opera 12 and 15, and Disconnect only installs on Opera 15).

-Maighstir
2013-07-03
posted by [Old Forum guest] • 5 years and 12 days ago Link
zac
That's correct! We're planning an update to that.


-Zac

DuckDuckGo
posted by zac Staff5 years and 10 days ago Link
anonymous
thread on adBlock Plus and Google'spaid ads  vs. adblock Edge

https://news.ycombinator.com/item?id=5995140
posted by [Old Forum guest] • 5 years and 10 days ago Link
anonymous
As I said before, you can easily disable "acceptable ads" in ABP options menu.
posted by [Old Forum guest] • 5 years and 9 days ago Link
anonymous
Your page says referrer tracking an issue, but there's no tool on the page to fix it. You should add RefControl + block/forge 3rd party.

Years ago you needed BetterPrivacy but then Firefox added the capability of handling flash cookies to the browser and then BetterPrivacy became nothing more than an unneeded fancy cookie manager.

In general, a lot of these guides are written by idiots. They'll start off by saying blocking advertising junk will some how disrupt the NSA, and then they'll go on to tell the reader to install multiple tools that do the exact same thing. You don't need to install Ghostery, ABP's EasyPrivacy list, DoNotTrackMe, and Disconnect.me. Pick one! This guide is one of the better ones.
posted by [Old Forum guest] • 5 years and 3 days ago Link
zac
Thanks for that! Duly noted for the next iteration.


-Zac

DuckDuckGo
posted by zac Staff5 years and 3 days ago Link
anonymous
I use maxthon any suggestions .
posted by [Old Forum guest] • 5 years and 2 days ago Link
anonymous
Great site, 

Recommendation: Undisclosed Privacy risks for your 'minimum' suggested extensions

There's many Extensions for Chrome you suggest here, as the 'minimum' however if a user
just blindly installs all of the main ones, which I believe is the common behaviour because
of the implicit trust you intend to create from this site. This is done without offering details
about the information each of these extensions can collect! most have active access to
all websites and browser data. Even if these are safe extensions, I think it would be prudent
to make this information clear.


posted by [Old Forum guest] • 5 years and 2 days ago Link
anonymous
It all sounds great, but where is the "Search" box, line, whatever?  :)
posted by [Old Forum guest] • 4 years and 11 months ago Link
anonymous
plz ad a page for the seamonkey browser as well i use it and know a lot of people who like me care about their privacy use it as well
posted by [Old Forum guest] • 4 years and 11 months ago Link
anonymous
Normally the Firefox addons should work.
posted by [Old Forum guest] • 4 years and 10 months ago Link
anonymous
I use ClickToPlugin Safari Extension, but i don't know if this is pertinent for fixtracking. 

ClickToPlugin prevents Safari from launching plug-ins and replaces every plug-in object by a placeholder labeled by the name of the blocked plug-in. Clicking this placeholder loads the original plug-in object. Which plug-ins are blocked can be specified in the preferences. In addition, ClickToPlugin features several control lists to specify objects that should never be blocked or that should be hidden from view instantly. Check the Settings section for complete details on customizing ClickToPlugin.
posted by [Old Forum guest] • 4 years and 10 months ago Link
anonymous
Seems odd that the hyperlinks for the Firefox extension contains query strings.

https://addons.mozilla.org/en-US/firefox/addon/ghostery/?src=cb-dl-mostpopular
posted by [Old Forum guest] • 4 years and 10 months ago Link
anonymous
You should recommend Adblock instead of Adblock Plus, since Adblock Plus has some questionable deals going on with advertisement companies.
posted by [Old Forum guest] • 4 years and 10 months ago Link
zac
Would probably go w/ Adblock Edge but can't find a similar implementation for non-Firefox browsers. Any suggestions on that front?


-Zac

DuckDuckGo
posted by zac Staff4 years and 10 months ago Link
anonymous
Has "Adblock" been contacted about this? If they are acting fast and loose with privacy, it should be known. But if this is NOT the case, as a former business owner, you can be damn sure THEY want to know that.
posted by [Old Forum guest] • 4 years and 9 months ago Link
anonymous
"Ghostery: A Web tracking blocker that actually helps the ad industry"
I suggest you add to fixtracking.com about Ghostry that you recommend users to disable “GhostRank” in the settings.
posted by [Old Forum prepert] • 4 years and 9 months ago Link
zac
Is it enabled by default now?


-Zac

DuckDuckGo
posted by zac Staff4 years and 9 months ago Link
anonymous
Not sure, but you have to be aware.
posted by [Old Forum prepert] • 4 years and 9 months ago Link
anonymous
https://addons.mozilla.org/en-us/firefox/addon/adblock-edge/

I would recommend AdBlock Edge, not AdBlock Plus.
posted by [Old Forum guest] • 4 years and 8 months ago Link
anonymous
how do I get rid of that long google message which appears when I attempt to use the ddc search engine. I have stoped using the ddc search function because if that google message  you put on your web page.
posted by [Old Forum guest] • 4 years and 8 months ago Link
x.15a2
I'm confused, can you please be more specific? What environment are you using where you see this? I assume that by ddc you mean DDG, is that correct? I've never seen the message that you are referring to, so any detail will be most helpful.

Thanks!

x-15a2
Forum Moderator
posted by x.15a2 Community Leader4 years and 8 months ago Link
anonymous
posted by [Old Forum guest] • 4 years and 8 months ago Link
anonymous
It seems like DoNotTrackMe, Ghostery, and Disconnect all do the same thing. Isn't it redundant and a waste of resources to install all of them?
posted by <hidden> • 4 years and 8 months ago Link
zac
They have some overlapping functionality, which is why we try to distinguish them by saying, "at minimum, we recommend" and then provide a section for Other tools to consider.
It's been a while since the page was updated (open source here) so if you know the features they've added that are overlapping, it would be great to update.
posted by zac Staff4 years and 8 months ago Link
anonymous
Funny that to read about scripts in the Common Tracking Methods Section you need to have Javascript enabled. :)
posted by <hidden> • 4 years and 8 months ago Link
sdougbrown
That is kind of an amusing irony, yeah. :)

I've been wanting to play with some css-only tabbed navigation tricks so I might replace that JS stuff a little later on.
posted by sdougbrown 4 years and 8 months ago Link
anonymous
Suggestion:

ZenMate for Google Chrome.
Free lightweight VPN, 5 locations.

https://chrome.google.com/webstore/detai...
posted by <hidden> • 4 years and 4 months ago Link
Veeshush
I mentioned this in another thread too but:
https://browsercheck.qualys.com/ is an extension which scans your browser for any outdated plugins and the like. Very handy to sanely keep track of updates, especially when it comes to security updates.

There is little point of any of the "fixtracking" methods if your browser, plugins, or OS is outdated and exposed to security holes.
posted by Veeshush 4 years and 4 months ago Link
anonymous
I'm liking Maxthon browser and suggest you include it. Thanks
posted by <hidden> • 4 years and 4 months ago Link
anonymous
"Private mode also tracks you"
No, Private Browsing isn't detrimental to your privacy. It should be changed to "You're also tracked in private mode."

Safari
* Adblock Plus is available for Safari.

Internet Explorer
* Adblock Plus is available for Internet Explorer.
* Tracking Protection Lists have been available since Internet Explorer 9.
http://ie.microsoft.com/testdrive/Browse...
posted by <hidden> • 4 years and 3 months ago Link
anonymous
Firefox

You say this site is aimed at novice users, yet you recommend disabling the malware and phishing protection. For novice users, the likelihood of ending up on malicious sites is high, while the benefit of disabling those features is slim at best.
* The sites you visit are checked locally against a list downloaded from Google. I cannot stress this enough. Unlike other browsers, Firefox doesn't send every page you visit to anyone.
* When you hit a site that's on the blacklist, Firefox will double-check with Google to see if the site is still blacklisted.
* When downloading the list (every 20–30 minutes), Google gets the usual HTTP(S) connection information like IP address and user agent string, as well as some URL parameters that mark the browser as Firefox. If you accept cookies from google.com (the default setting), then Google will get additional information out of that cookie, like a unique identifier. Look up Google PREF cookie for details on what they put in there; there's a unique identifier, the time the cookie was set, the time it was last modified, and what appears to be a checksum.

https://support.mozilla.org/kb/how-does-...
http://code.google.com/p/google-safe-bro...

As you can see from the support article, Mozilla made Google totally pinky swear not to use any collected data for anything besides improving the malware and phishing protection feature.

Adblock Plus isn't just for blocking ads. It can prevent tracking, same as the Disconnect add-on you have prominently listed at the top. Although this behavior isn't the default, new users are presented with a first run page that allows them to enable the feature.
https://adblockplus.org/en/features
https://adblockplus.org/en/subscriptions

RefControl can prevent the referrer from being sent by default. It can either send it for first-party requests only, or it can send it only to sites on a user-defined list.
https://addons.mozilla.org/firefox/addon...

The Firefox logo was changed last year. The old logo makes your site look outdated.
https://blog.mozilla.org/creative/2013/0...
posted by <hidden> • 4 years and 3 months ago Link
Choca
Add info the ios safari
posted by Choca 4 years and 3 months ago Link
Superluigi6
You should also add Ghostery to the page.
posted by Superluigi6 4 years and 2 months ago Link
TNTxplodr2612
IE 11 now allows DNT. You guys should include it. It's under Settings>Privacy>Do Not Track.
posted by TNTxplodr2612 4 years and 20 days ago Link
anonymous
I think you should add EFF's Privacy Badger as an option for Firefox and Chrome users.
posted by <hidden> • 3 years and 11 months ago Link
anonymous
Second the suggestion of Privacy Badger. The only thing I had issue with was Google Hangout because of the crazy authentication mechanism they use to make it work as a plugin. This isn't an issue obviously on Firefox.
posted by <hidden> • 3 years and 10 months ago Link
anonymous
AdBlock is listed under Safari, yet it tracks you. I would suggest changing it to Adblock Plus.
https://palant.de/2014/07/29/which-is-be...
posted by <hidden> • 3 years and 9 months ago Link
junecykim
I think the MVPS Hosts file should definitely be on fixtracking.com (as well as donttrack.us)
While it's not as simple as installing an extension, it has the benefit that you can use it with niche browsers (e.g., accessibility, terminal, etc) and works in PC/Mac/Linux as well as Android/iPhone. If you're afraid it's too difficult to install for the average user, you could create a separate "Advanced users" section at the bottom of the page.

EFF.org Privacy Badger extension is also pretty good too but isn't listed. How come?
posted by junecykim 3 years and 8 months ago Link
junecykim
You might also want to mention browsing in Chrome while signed in (as well as syncing). It's obvious to us but might not be obvious to some novice users.
posted by junecykim 3 years and 8 months ago Link
junecykim
(Obviously what I mean is that you can have all sorts of extensions installed to protect your privacy, but if your browser is syncing, then Google still has all your info)
posted by junecykim 3 years and 8 months ago Link
junecykim
I think "Common Tracking Methods" should be at the top of the page before the add-on recommendations, atleast if the idea is to educate people about privacy. The browser-specific instructions should come next. Leave the add-on suggestions for last.

If you list add-ons right away a lot of people would be skeptic and distrust you innitially because it comes accross as if you're trying to push people to install add-ons, and we're all taught that we shouldn't install random software we see online. If you educate first and then give low-risk small steps they can take (browser-specific instructions), it gives a better impression and they might be more willing to try the add-ons.

posted by junecykim 3 years and 7 months ago Link
This comment has been removed for violation of our forum rules.
posted by <hidden> • 3 years and 7 months ago
This comment has been removed for violation of our forum rules.
posted by <hidden> • 3 years and 7 months ago
This comment has been removed for violation of our forum rules.
posted by <hidden> • 3 years and 7 months ago
This comment has been removed for violation of our forum rules.
posted by <hidden> • 3 years and 7 months ago
CloudUchiha
You can to add the Lightbeam add-ons
posted by CloudUchiha 3 years and 7 months ago Link
Choca
Disconnect now costs and has its own search. If you want to promote dgg you should recommend ghostly or direct to here: https://disconnect.me/disconnect
posted by Choca 3 years and 7 months ago Link
anonymous
I still see it free to download...
posted by <hidden> • 3 years and 7 months ago Link
Mallart
Any chance that the site will be updated in the future in terms of 'other tools to consider'?
http://fixtracking.com/

It has been a year and while new tools had arrived, some of old ones ceased to exist.
Examples:
-'Do Not Track Me' no longer exist for IE. It seemed to have been replaced by 'Blur'.
-'NotScripts' are not available for the current version of Opera (25). It only available for version 17 and below.
-etc
posted by Mallart 3 years and 7 months ago Link
DilaudidKing
For Internet Explorer users, your browser's privacy setting for handling cookies in internet options is one thing that can aid in tracking avoidance by choosing 'block third-party cookies' by default.

Just open 'internet settings', open 'privacy' tab, then click 'advanced'-- check mark the box to 'override automatic cookie handling' & choose 'block under 3rd party cookies'. You can also choose to be prompted for even first party cookies so you can choose only important cookies that you want to keep. Remeber though, some websites' features or even homepage will not show up or work properly unless you accept the first party cookie.
posted by DilaudidKing 3 years and 4 months ago Link