notkshitij/Betterfox
1
0
Fork 0
mirror of https://github.com/yokoffing/Betterfox.git synced 2026-06-12 07:30:47 +05:30
Code Issues Releases Wiki Activity

Updated Ghostery (markdown)

yokoffing
2020-08-08 16:52:21 -04:00
parent bce2680036
commit 3045046466
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Ghostery.md
+4 -1
@@ -79,12 +79,15 @@ It's great to offer customization options, but this does not automatically trans
To summarize, I agree that uBlock Origin gives more customization options, but I don't think this is necessarily the most relevant metric to compare extensions. I would rather focus on the privacy protection offered (especially out of the box, since most users will likely not change the settings). [^4]
Be sure to [check out](https://github.com/yokoffing/Better-Fox/wiki/Ghostery#my-recommended-build) the Betterfox recommended setup for Ghostery!
### Limitations of conventional content blockers
How can you be sure that all trackers are blocked by static lists? How long does it take to create a filter when a new tracker domain is created? As far as I can see, there are a lot of exception filters to unbreak sites, what happens if these request send unsafe datapoints which can track users?
Take some random domains and look for cases of requests containing unsafe data being sent while having uBlock Origin enabled (default settings). Check lesnumeriques.com, visit a few pages and look for ultimedia.com: it tries to set a tracking cookie. Same for economist.com (check tinypass, not blocked but sets a tracking cookie, Ghostery removes the cookie from request), same on msn.com, visit a few pages and check platform.twitter, tries to send tracking cookie (blocked by Ghostery but not uBlock Origin), etc. Of course you could arbitrarily harden the settings of your content blocker, block third-party cookies, etc. but this comes with breakage, and unless you block everything, you will never be sure that all trackers are blocked.
Take some random domains and look for cases of requests containing unsafe data being sent while having uBlock Origin enabled (default settings). Check `lesnumeriques.com`, visit a few pages and look for `ultimedia.com`: it tries to set a tracking cookie. Same for `economist.com` (check `tinypass`, not blocked but sets a tracking cookie, Ghostery removes the cookie from request), same on `msn.com`, visit a few pages and check `platform.twitter`, tries to send tracking cookie (blocked by Ghostery but not uBlock Origin), etc. Of course, **you could arbitrarily harden the settings of your content blocker, block third-party cookies, etc. but this comes with breakage, and unless you block everything, you will never be sure that all trackers are blocked**.
My point is not that uBlock Origin is doing a bad job; in fact, I think that this is an amazing content blocker. But there are some fundamental limitations to content blocking which prevent it from being able to perfectly protect privacy, for few reasons:
* Not all requests can be blocked (or you break websites, login workflows, etc.), so you need to create exceptions and whitelist requests, which leaves privacy of users at risk.
* It can take time for maintainers to create rules for new trackers. For some less known websites, rules might not even exist (yet).
* It is not necessarily possible to identify what a tracker even is by just looking at requests, without having a way to know if the values sent (e.g. cookies, query params, etc.) are unique to a specific users or shared by many. [^5]