In general, extensions reduce privacy. Changing site-visible settings reduces privacy. Deviating from standard content filtering lists reduces privacy. If you use uBlock Origin and you deviate from the standard filters, that can be detected. Sites can enumerate what is blocked.
Conversation
Replying to
I disagree with this take. There is "the site" and there is all the 3rd parties "invited" by "the site". Not connecting to the 3rd parties will significantly lower the data mined & sent to countless 3rd parties -- no way this is a reduction of privacy.
1
2
Replying to
That's a misinterpretation of what I said. I called it a useful, opportunistic privacy improvement falling into the same school as antivirus of enumerating badness. It's not a fundamental privacy improvement. Ultimately, it doesn't really work, and just targets low-hanging fruit.
3
If most of the tracking scum was competent enough to even just read its own webserver logs, why do these companies bother with serving hundreds of kilobytes of bullshit JS tracking code for every single page impression?
1
Google Analytics doesn't use fingerprinting. It doesn't get deployed to sites via middleware. It's not deeply integrated into content. So sure, it's easily blocked. It's also not scary. It's doesn't try to bypass using a VPN + Incognito. It's not aimed at tracking individuals.
1
See, this is the issue. People are worried about being tracked by services that are explicitly stated to be gathering analytics and marked as such. Nothing about this is hidden, and it largely doesn't bother trying to evade blocking. Now, what about all the useful content?
1
Even simply talking about third party assets included on a site, a service doing something like providing comments can and does do just as much tracking. However, you can't just opportunistically strip it out since it's part of the functionality.
2
Well, for most sites, I don't give a shit about user comments, so I block them (using uMatrix), including cancers such as Disqus. Just as for most other 3rd party service. On top of that, I contain sites I regularly use or that I login to into different containers inside Firefox.
1
It's one example. You've also clearly given yourself a very unique fingerprint with extensions and your specific configuration and usage of them. The way you describe how you use the browser doesn't sound like a way that gives you the privacy that you're seeking. It stands out.
2
My fingerprint probably looks more like "curl trying to imitate current Firefox on Windows" than "the guy who googled 'big tits porn' yesterday". And I make sure that fingerprint ends up at as little different parties as possible.
1
Third parties receiving the data and providing code aren't limited to the ones with a presence in the web site's client-side code. For example, with the New York Times, you can happily block Google's client-side assets, but how are you going to block the server-side integration?
You're also always going to show up as the same very unique person even when using a VPN / Tor with a fresh slate in a private browsing session. You made yourself easily tracked, in a way that persists. That's a large part of what I am questioning and criticizing in my posts.
NYT will end up in a container where all referrers are faked, cookies and DOM storage cleared after I close the tab, 1st party isolation in Firefox is enabled, canvas randomized, etc pp.
1
So, as I said, you made yourself stand out from the crowd as incredibly odd and unique to the point that you are guaranteed to receive special attention. I'm sure you also see a lot of extra captchas, etc. across the web. You stand out. You're suspicious. It's a unique signature.
1
1
Show replies


