If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
[OT] privacy Tools
|
Ads |
#2
|
|||
|
|||
[OT] privacy Tools
On 8/6/2016 7:04 PM, /less wrote:
A friendly reminder for those who value privacy... https://www.privacytools.io/ Mark your cookies file (e.g., cookies.sqlite for Mozilla-based browsers) as read-only. Web servers will think they are setting cookies, but those cookies disappear as soon as you terminate your browser. For Mozilla-based browsers, install the Secret Agent extension from https://www.dephormation.org.uk/index.php?page=81. By changing your outgoing HTTP headers on each request to Web servers, this confuses attempts to track your browser. -- David E. Ross Perhaps it was a smart decision for Hillary Clinton to use her private E-mail server while Secretary of State. According to current Secretary of State John Kerry, we know that the Russians and Chinese have hacked the State Department's servers. In the meantime, a claim by the Romanian hacker known as Guccifer (Marcel Lehel Lazar) that he hacked into Clinton's E-mail server proved false. |
#3
|
|||
|
|||
[OT] privacy Tools
On 08/06/2016 09:28 PM, David E. Ross wrote:
[snip] Mark your cookies file (e.g., cookies.sqlite for Mozilla-based browsers) as read-only. Web servers will think they are setting cookies, but those cookies disappear as soon as you terminate your browser. In Firefox, is this any better than the GUI option (privacy tab, "keep until I close Firefox")? It seems worse (unable to set exceptions). [snip] -- Mark Lloyd http://notstupid.us/ "Atheist: A person who believes in one less god than you do." [Rev. Donald Morgan, Atheologist] |
#4
|
|||
|
|||
[OT] privacy Tools
On 8/6/2016 7:36 PM, Mark Lloyd wrote:
On 08/06/2016 09:28 PM, David E. Ross wrote: [snip] Mark your cookies file (e.g., cookies.sqlite for Mozilla-based browsers) as read-only. Web servers will think they are setting cookies, but those cookies disappear as soon as you terminate your browser. In Firefox, is this any better than the GUI option (privacy tab, "keep until I close Firefox")? It seems worse (unable to set exceptions). [snip] Yes, having exceptional cookies retained requires some work. The following is the same for Firefox and my SeaMonkey. My home page is the export of my bookmarks into an HTML file. 1. I terminate SeaMonkey. 2. I mark cookies.sqlite for read-write. 3. I launch SeaMonkey. 4. I visit the site whose cookies I wish to retain, navigating through a number of that site's Web pages. 5. I return to my home page, which sets no cookies. 6. I launch the Cookie Manager via a PrefBar button imported from http://prefbar.tuxfamily.org/buttons.html#permissionsmenu and delete those cookies from the visited Web site that I do not want to keep. 7. I terminate SeaMonkey. 8. I mark cookies.sqlite for read-only. This also requires periodically using the Cookie Manager to see if cookies.sqlite contains any cookies that have expired. If there are expired cookies, I repeat steps 1-3 and 6-8, using the Cookie Manager to delete the expired cookies. I know by this process that I have only those cookies that I really want. -- David E. Ross Perhaps it was a smart decision for Hillary Clinton to use her private E-mail server while Secretary of State. According to current Secretary of State John Kerry, we know that the Russians and Chinese have hacked the State Department's servers. In the meantime, a claim by the Romanian hacker known as Guccifer (Marcel Lehel Lazar) that he hacked into Clinton's E-mail server proved false. |
#5
|
|||
|
|||
[OT] privacy Tools
On Sun, 7 Aug 2016 09:04:32 +0700, /less wrote:
A friendly reminder for those who value privacy... https://www.privacytools.io/ Were I running NSA or CIA or more-secret activity, I would certainly operate VPN privacy groups. |
#6
|
|||
|
|||
[OT] privacy Tools
On Sat, 6 Aug 2016 19:28:38 -0700, "David E. Ross"
wrote: On 8/6/2016 7:04 PM, /less wrote: A friendly reminder for those who value privacy... https://www.privacytools.io/ Mark your cookies file (e.g., cookies.sqlite for Mozilla-based browsers) as read-only. Web servers will think they are setting cookies, but those cookies disappear as soon as you terminate your browser. For Mozilla-based browsers, install the Secret Agent extension from https://www.dephormation.org.uk/index.php?page=81. By changing your outgoing HTTP headers on each request to Web servers, this confuses attempts to track your browser. Am I alone in the practice of deleting all cookies frequently? What have I been missing by doing so? (better-directed ads?) |
#7
|
|||
|
|||
[OT] privacy Tools
On 08/06/2016 10:28 PM, David E. Ross wrote:
On 8/6/2016 7:04 PM, /less wrote: A friendly reminder for those who value privacy... https://www.privacytools.io/ Mark your cookies file (e.g., cookies.sqlite for Mozilla-based browsers) as read-only. Web servers will think they are setting cookies, but those cookies disappear as soon as you terminate your browser. For Mozilla-based browsers, install the Secret Agent extension from https://www.dephormation.org.uk/index.php?page=81. By changing your outgoing HTTP headers on each request to Web servers, this confuses attempts to track your browser. Secret Agent won't work with FF48 on. -- Caver1 |
#8
|
|||
|
|||
[OT] privacy Tools
On Sat, 6 Aug 2016 19:28:38 -0700, David E. Ross wrote:
... By changing your outgoing HTTP headers on each request to Web servers, this confuses attempts to track your browser. This is a clever method, but won't it invalidate session IDs? For example, the Google search PREF cookie which contains search settings including session ID (even when not logged in). IME, the settings are bound to the session ID, and the session ID is bound to the client characteristics (e.g. IP address, User-Agent, etc.) If the characteristic is different, the session ID as well as the settings will become invalid. The session ID will be replaced by a new one and the settings will be reset back to default values. So, there's no way to save the search settings. |
#9
|
|||
|
|||
[OT] privacy Tools
| Am I alone in the practice of deleting all cookies frequently?
| What have I been missing by doing so? (better-directed ads?) The only notable thing I can think of that you might miss by deleting cookies is the ability to not have to log in repeatedly to websites where you use a service. You can set cookies to delete at browser close in Firefox. You can also block 3rd-party cookies. That gives you all of the convenience with very little privacy intrusion, and you don't need to remember to delete them. You also don't need to set them read-only or do any other special actions. There's never been any excuse for 3rd-party cookies. The whole system was originally designed to make sure 3rd-parties couldn't access cookies. Companies like Google get around that by having their files linked from webpages. So they can't actually access the cookie you get at somewhere.com, but since their ads/fonts/analytics/javascript libraries are linked from nearly all commercial websites, they can follow you around the Internet, watching all of your movements. In many cases they can even track how far down a webpage you read. There was actually an article this past week about an attack that allows stealing data from an https webpage. As usual, the attack requires javascript enabled. But it also happens to require 3rd-party cookies enabled, which is unusual: http://arstechnica.com/security/2016...m-https-pages/ It's another case of the increasing problem of malware launched via 3rd-party ads that can be posted on any legitimate website, because large, commercial sites are subcontracting their ad business to massive ad servers that sell ad space to advertisers. All of it is done automatically, with no human contact or human relationships, so it's easy for malware writers to get access to mainstream sites simply by buying ad space. They're literally paying sites like Yahoo, NYT, etc for space to plant their malware installer, while those sites wash their hands of both the privacy and security problems. They're too busy stuffing their sites with any old content... written by young, underpaid, semi-literate interns... so that they can host more ads... to worry about how the online ad business works. |
#10
|
|||
|
|||
[OT] privacy Tools
| This is a clever method, but won't it invalidate session IDs? For example,
| the Google search PREF cookie which contains search settings including | session ID (even when not logged in). | Do you mean current search parameters or search preferences? I search Google with script and cookies completely disabled. It remembers the current search parameters, presumably because there's a session ID in the URL. On the other hand, if you want Google to remember your personal preferences then you're *asking* them to track you. If you allow Google cookies you're asking them to track you. In that case there's no point thinking about thwarting being tracked. That would be like using a "loyalty card" at the supermarket while refusing to tell them your name. With the loyalty card they already know your name, address, phone number and shopping history. |
#11
|
|||
|
|||
[OT] privacy Tools
Mayayana wrote:
You can set cookies to delete at browser close in Firefox. You can also block 3rd-party cookies. That's what I do, plus a *very* small number of permanent cookies of sites that insist and which I consider worthwhile. That gives you all of the convenience with very little privacy intrusion You do on the other hand get a metric shedload of "EU cookie popups" after every browser restart, I'm slowly building a list of adblock element hiding rules to banish those. |
#12
|
|||
|
|||
[OT] privacy Tools
On 8/6/2016 11:21 PM, masonc wrote:
On Sat, 6 Aug 2016 19:28:38 -0700, "David E. Ross" wrote: On 8/6/2016 7:04 PM, /less wrote: A friendly reminder for those who value privacy... https://www.privacytools.io/ Mark your cookies file (e.g., cookies.sqlite for Mozilla-based browsers) as read-only. Web servers will think they are setting cookies, but those cookies disappear as soon as you terminate your browser. For Mozilla-based browsers, install the Secret Agent extension from https://www.dephormation.org.uk/index.php?page=81. By changing your outgoing HTTP headers on each request to Web servers, this confuses attempts to track your browser. Am I alone in the practice of deleting all cookies frequently? What have I been missing by doing so? (better-directed ads?) Twice each week, I visit a Web site to view a report on open bugs against Mozilla products. If I deleted all cookies, I would then have to enter which columns of the report I want to see and in which order those columns would appear. As a subscriber to the hard-copy print edition of the Los Angeles Times, I get free access to all of the LA Times Web edition, which otherwise requires paid access. If I deleted all cookies, I would have to go through the process of reconfirming that I am supposed to have that free access to the Web edition. For four financial institutions, retained cookies allow me access to my accounts by logging-in without having to wait for a phone call or E-mail message with an access code. -- David E. Ross Perhaps it was a smart decision for Hillary Clinton to use her private E-mail server while Secretary of State. According to current Secretary of State John Kerry, we know that the Russians and Chinese have hacked the State Department's servers. In the meantime, a claim by the Romanian hacker known as Guccifer (Marcel Lehel Lazar) that he hacked into Clinton's E-mail server proved false. |
#13
|
|||
|
|||
[OT] privacy Tools
On 8/7/2016 2:52 AM, Caver1 wrote:
On 08/06/2016 10:28 PM, David E. Ross wrote: On 8/6/2016 7:04 PM, /less wrote: A friendly reminder for those who value privacy... https://www.privacytools.io/ Mark your cookies file (e.g., cookies.sqlite for Mozilla-based browsers) as read-only. Web servers will think they are setting cookies, but those cookies disappear as soon as you terminate your browser. For Mozilla-based browsers, install the Secret Agent extension from https://www.dephormation.org.uk/index.php?page=81. By changing your outgoing HTTP headers on each request to Web servers, this confuses attempts to track your browser. Secret Agent won't work with FF48 on. Switch to SeaMonkey. It has a better user interface than Firefox and less frequent updates while still using the same Gecko rendering engine as Firefox. SeaMonkey will NOT mandate that all extensions you want to install must be signed. SeaMonkey is for experienced users who do not need their browser dumbed-down. SeaMonkey is NOT evolving to look like Chrome because most users, if they wanted Chrome, would install and use Chrome. -- David E. Ross Perhaps it was a smart decision for Hillary Clinton to use her private E-mail server while Secretary of State. According to current Secretary of State John Kerry, we know that the Russians and Chinese have hacked the State Department's servers. In the meantime, a claim by the Romanian hacker known as Guccifer (Marcel Lehel Lazar) that he hacked into Clinton's E-mail server proved false. |
#14
|
|||
|
|||
[OT] privacy Tools
On 8/7/2016 6:27 AM, Mayayana wrote:
| This is a clever method, but won't it invalidate session IDs? For example, | the Google search PREF cookie which contains search settings including | session ID (even when not logged in). | Do you mean current search parameters or search preferences? I search Google with script and cookies completely disabled. It remembers the current search parameters, presumably because there's a session ID in the URL. On the other hand, if you want Google to remember your personal preferences then you're *asking* them to track you. If you allow Google cookies you're asking them to track you. In that case there's no point thinking about thwarting being tracked. That would be like using a "loyalty card" at the supermarket while refusing to tell them your name. With the loyalty card they already know your name, address, phone number and shopping history. That's what I do. I get discounts for presenting the card. The fact that it's a fake identity is of no consequence. They know SOMEONE is buying stuff, they just can't connect it to me. |
#15
|
|||
|
|||
[OT] privacy Tools
En el artículo , Andy Burns
escribió: You do on the other hand get a metric shedload of "EU cookie popups" after every browser restart +1. Really irritating. I just go through the cookies manually once in a while and delete the ones I don't want. A cookie poisoner plugin would be an idea - fill intrusive tracking cookies with false information to poison the ad-flinger's databases. No idea if such a thing exists. -- (\_/) (='.'=) systemd: the Linux version of Windows 10 (")_(") |
|
Thread Tools | |
Display Modes | Rate This Thread |
|
|