Cookies and privacy

Topic

New Reply

Excellent analysis from our own ch100. Hey, I never knew that…. :::::::::::::::::::::::::::::::::::::::: I am raising this issue to start a debate,
[See the full post at: Cookies and privacy]

Reply | Quote

Replies

Brave browser (https://brave.com/) blocks “Tracking Pixels and Tracking Cookies”, according to their website. Brave has a few rough edges, but it may be worth giving a serious look at.

Reply | Quote

Interesting topic. I’ve been using Firefox for many years now. Cookies is something I’ve gone round and round about more than once. In Firefox I’ve done this-
Installed an addon “AskForSanitize”. This addon restores the ‘Clear Private Data’ dialog. Actually It allows deletion of History (browsing, download,search), cookies, cache, Active Logins,site preferences. You decide what you want deleted and it does it when you closr Fx or you can manually delete during a session. Something I do frequently.

There are also Flash-cookies (Local Shared Objects, LSO) are pieces of information placed on your computer by a Flash plug-in. Askforsanatize will delete these also, but I also use “BetterPrivacy” addon which manages and deletes just these Flash cookies.

Settings under Options>Privacy tab are set to store cookies until I close the browser, then everything I selected under AskForSanitize gets deleted (cookies, cache, browsing history, logins.
One last addon is Cookies Manager+. If you want to see who is dropping those sweets into your system this lets you view them,edit, and delete.
Hope that helps someone.

Reply | Quote

You can follow the standard steps provided in all modern browsers to manage cookies if you are concerned about being tracked. Install add-ons/extensions plus things like Easylist and you get more protection than the user who does nothing. Marketers have developed cleverer ways to store the tracking code using so-called “evercookies”, which hide the code in various virtual nooks and crannies that exist in modern web browsers. If a user deletes a cookie, an evercookie script can then recreate it.

The latest variety of evercookie exploits the “canvas” element. A script embedded in a web page draws a hidden image on an invisible canvas. You can read about the mechanisms used to do this on Wikipedia, if you want to know more. I delete flash cookies and DOMs/LSOs using an extension called Better Privacy on Firefox. There are other solutions – depends on your browser of choice. I do not think IE or Edge have a solution.

Reply | Quote

I have been using the cookie blocking settings in IE for years. Internet OptionsPrivacyAdvanced: check “Override automatic cookie handling” and check the boxes to prompt for 1st and 3rd party cookies.

You get a popup with the option of allowing or blocking cookies on a one-time basis or “remember this choice.” It will drive you crazy at first, but you can “always” allow the cookie from the main website, and permanently block cookies from the Doubleclick, adserver, scorecardresearch, etc. The list of allowed and blocked is under the “Sites” button. After a while, you have blocked the “baddies” from most of the sites you regularly visit and the popups rarely bother you. You learn what cookies you need to use the site and which you don’t need.

You can do a similar thing in Firefox, but it’s a little harder. Under PrivacyHistoryUse custom settings. Set “From visited” then under “Exceptions” you can block the same list as IE. Unfortunately, you have to enter them manually.

This is more than the average User is willing to do, but it works well in combination with AdBloc Plus (both IE and Firefox), Disconnect and NoScript (latter two Firefox).

I don’t use Safari that much, even on my Macs.

Reply | Quote

M$ and Google gathering practices tend not to have the customer’s best interest in mind. I block 3rd party and always drop history, cache etc. when any browser is closed. I’d suggest avoid using IE or Google Chrome. Brave is a good choice as well as SW Iron. For the truly privacy conscience and if you understand VMWare workstation use a VM that does not save changes to disk and use all the privacy settings you can (privacy settings are overkill, but it keeps your home IP clean.) Use duckduckgo for your search engine.
M$ and their keylogger practice in WIN10 kills anything you do for privacy. If memory serves me it beams back your typing data every 15 minutes.

Reply | Quote

Consider this article from How-To Geek on web tracking. Pay particular attention to the part towards the end on browser fingerprinting. It’s quite interesting how unique (a relative term, certainly) your browser can be. With all the tools available, all one can hope for is to limit the damage.

http://www.howtogeek.com/115483/htg-explains-learn-how-websites-are-tracking-you-online/

Myself, I allow session cookies, and first party; but otherwise block third party cookies. Panopticlick gives you an amazing amount of info on what your browser divulges about your setup.

Reply | Quote

I avoid third-party add-ons for configuring settings which are readily available in the main product, which allows me to maintain more control and also learn something which may be useful.
I should have specified that my original post is related to HTTP Cookies. https://en.wikipedia.org/wiki/HTTP_cookie
As you mentioned in your reply, there are other types of cookies, like Flash cookies.
Removing the history at browse close is a way of getting rid of persistent cookies. Each user has a preference for this behaviour and not everyone likes to lose first-party persistent cookies which as I said preserve login and form information from one session to another. For others, it is a security/privacy concern and prefer to remove them at browser close. This should certainly happen on public computers.
I should mention that there is a specific situation created by IE10 and IE11 with Remote Desktop or Citrix XenApp and Roaming Profiles, where for technical reasons it is almost impossible to keep persistence for any cookies at log off, but this affects generally enterprise users. The effect is similar to deleting IE history at log off.

Reply | Quote

This is quite interesting!

Reply | Quote

You don’t have a functional browser if you are getting prompts for every cookie. It is too much overhead!

Reply | Quote

Do you mean the keylogger branded Cortana in Windows 10, or is there another implementation on top of Cortana?
If it is Cortana, how is it different than Siri or similar offerings?

Reply | Quote

You can also try
http://www.whatsmyip.org/
http://www.whatsmyip.org/more-info-about-you/

Reply | Quote

I use an add on called Self Destructing Cookies in Firefox.

This allows cookies until you either close the tab, close the browser or never (never is obviously for sites you trust and want to stay logged in like forums, for example). Third party cookies are disabled by default.

I used to use another add on for Firefox a few years ago that blocked cookies completely (can’t remember the name) but there’s quite a few sites these days – some news sites for example – that won’t let you in with cookies disabled.

Reply | Quote

Cookies. Somewhere, Oscar the Grouch is happy.

I like addons that let me disable all cookies and then I go turn them on for individual sites (keep until I close the browser is another setting I use). Pain for me? Sure, but my info, my control.
At least until disabling cookies is a Federal offense.

Reply | Quote

Check out Epic Privacy Browser.

Reply | Quote

If I accept scripts then these sites will work as intended but, I don’t unless absolutely necessary.

Only been accepting 1st party cookies for years and even then, they are deleted on browser close.
Always been a privacy sceptic, especially when new OS/ Programs or technology is involved

Reply | Quote

I hardly see them anymore, b/c I used the “Always Block” option. Once you do that, you don’t get the popup for that site again no matter where you browse.

Reply | Quote

SeaMonkey allows cookie management per site; Firefox requires an add-on.
Privacy Badger add-on will block third-party cookies until you white-list them.

Reply | Quote

HTLM5 local storage as practiced by some websites is even more pernicious than traditional cookies and more difficult to clear.

Reply | Quote

@ Woody, ch100, PKCano & others: I need suggestions on the best privacy browser to install? I shut off IE11 and been using Google for at least 3 years. Consensus dictates that Google (Chrome) is just another IE. So which do I use for the least loose of privacy. Am running Win 7 SP1 x64 Home Premium, on a HP p6520y, 1 TB, 6G Ram desktop computer (Install 2009). So far I have been keeping up with you gu8ys and gals, but now that we are down to the wire on this I am starting to get confused. If possible unconfuse me please.

Reply | Quote

Best of the four big name browsers, for privacy, is Firefox.

It isn’t squeaky clean, but if you use Firefox and duckduckgo to search, you’ll be reasonably well protected.

Reply | Quote

I also use Self Destructing Cookies in Firefox. I just looked to see how many cookies are stored on my system, 5 and they are sites I use. I too tried different solutions in the past and this one is the most effective and trouble free.

Reply | Quote

@ Woody Thanks a million!!!

Reply | Quote

I’m not sure how much scripts play into the cookie situation, but I run Firefox with the NoScript add-in. I start out by removing as much as possible from the default whitelist. I then carefully and thoughtfully whitelist as little as possible while I surf, so as to allow the minimum activity necessary in order to have a satisfactory browsing experience. Over time you will get NoScript fine-tuned to where your browsing is a lot faster, and where a lot less activity goes on behind the scenes.

My instinct tells me that by doing this I am preventing a lot of unnecessary cookies, but I can’t say for sure that that is what is happening.

Reply | Quote

@ Woody Haven’t changed browser in years and I WILL get FoxFire set up right before I start mega “browsering”. By the way, I have Windows update turned off right now until downlo0ad/install word is given AND I am getting downloads of security updates to MSE at least (2) a night, and they install themselves. What gives? AND now MS probably has signaled my computer that it is to use Norton or MSE but not both together(like I have been doing all summer. Suddenly one or the other is turned off.

Reply | Quote

MSE can and should update itself. No problem.

Reply | Quote

For years I have used the Firefox add-on called “Cookie Monster”, which works beautifully for handling regular cookies, session cookies, and 3rd party cookies. You can enable cookies temporarily if need be, although I have found that allowing session cookies works in many instances. The author of this add-on has kept it up to date as changing Firefox rules have required changes in add-ons.

https://addons.mozilla.org/en-US/firefox/addon/cookie-monster/

Reply | Quote

I have third-party cookies disabled, first-party cookies enabled but cleared when browser closes. The only exception I have is for feedly, If you save google, facebook or yahoo cookies there is no point in worrying about privacy, you have none. The same thing goes for using Google DNS. I personally use OpenNIC. One thing I didn’t see mentioned is HSTS which can supposedly be abused. http://www.ghacks.net/2015/10/28/new-browser-security-features-have-tracking-side-effects/

I agree with Woody that FF is one of the best of the big name browsers for privacy. Potentially. Unfortunately, most browsers have some of the most important settings hidden. In FF they can be accessed by entering about:config in the address bar. Chromium based browsers use chrome://flags for the hidden settings. I’ve been using FF since the day version 3 was released but I’m not going to get into a long dissertation on what settings should be changed. We will all have different opinions on the changes needed. Martin at ghacks has a very good list of all the possible settings. http://www.ghacks.net/2015/08/18/a-comprehensive-list-of-firefox-privacy-and-security-settings/

My primary browser which I’ve been using for a few years is Pale Moon which originally started as a simple, slightly modified fork of FF. I usually only recommend it to those already familiar with FF, some addons require an older version of the addon to work properly. https://addons.palemoon.org/ It has a built-in XSS (cross-site scripting) filter which can be enabled, has the option to disable HSTS (hidden preference) and the ability to poison data used for canvas fingerprinting (hidden preference). https://forum.palemoon.org/viewtopic.php?t=3357

As for chromium based browsers I have Comodo Dragon installed. It’s usually one or two versions behind Chrome stable. Right now it is using the 52 base and as far as I know there is no 64 bit version available. You can use google sync to get your bookmarks, passwords, settings and other info. It has options available in the settings that Chrome does not. Cache, history, cookies and anything else that can be manually cleared in Chrome can be cleared in CD automatically when closing the browser. Can disable the referrer header (can/will break some websites) and WebRTC from the settings menu. You can also enable Comodo Secure DNS if you don’t want to use the domain name server provided by your ISP. Two settings in chrome://flags I would change would be to disable “hyperlink auditing” and enable “Reduce default ‘referer’ header granularity,” which will eliminate the specific page visited from the referer but still sends the website info. It annoyingly comes with pre-installed extensions that I uninstalled and uses their own theme which I changed to the same one I use for Chrome, https://chrome.google.com/webstore/detail/fade-to-bright-aero-skin/iniphhdbdangomdllnbbhhkofoggidgc?hl=en. I also changed the shortcut icon to the chromium icon. CD will not play all the video formats that Chrome can so flash will need to be installed. For me using flash is a non-issue if you use an ad blocker and/or click to play, just my opinion. I use an ad blocker and click to play in all browsers.

Browsers installed: Comodo Dragon, Chrome Beta x64, FF ESR x64 (got tired of the frequent changes and added ‘features’ of FF stable) and Pale Moon (primary). I also have Opera Beta x64 that I installed to be able to stream the CBC Olympics coverage from the U.S. but I have security/privacy concerns relating to their acquisition from a Chinese consortium that includes Qihoo. And then… coincidentally, right after the acquisition their web sync service was hacked. http://www.pcworld.com/article/2919554/tencent-qihoo-antimalware-firms-are-accused-of-cheating-stripped-of-rankings-in-antivirus-tests.html http://www.zdnet.com/article/opera-resets-passwords-after-server-hack/

I know, TL;DR

Reply | Quote

Re:

LL “The latest variety of evercookie exploits the “canvas” element.”

GHacks; How to modify your browsers fingerprint…
http://www.ghacks.net/2013/08/01/how-to-modify-your-browsers-fingerprint-so-that-it-is-no-longer-unique/

Just ran the Panopticlick test from EFF with surprisingly good rating except on the fingerprinting.

https://panopticlick.eff.org/results?&dnt=111

Reply | Quote

I have found that if a Win7 computer is experiencing slow scans, MSE may not update itself. If WU is turned off (never check), there is no problem; however, if WU is set to check for updates (notify only, automatically install, etc.), MSE may go for days without updating.

I have seen this behavior on half a dozen Win7 machines.

Reply | Quote

Would deleting history at exit, which is a Firefox setting have the same effect?

Reply | Quote

I understand the concept, it is very much like those building a hosts file list for blocking undesired sites, only using a different method.
I am not convinced it is worth the effort, as there will always be something missed.

Reply | Quote

Interesting and useful article. Thank you.

Reply | Quote

That is probably the case. Any possible solution?

Reply | Quote

There is a theory in aerospace engineering which says that the fighter jets are a lot more functional and flexible than passenger planes, but not as secure and this is by design. This is true with everything in life as far as I can tell. Chrome is a fantastic browser for functionality, but it comes at a price. Many people use Firefox with NoScript add-on, but I found that combination hardly functional. You have to find a balance and it is likely that Firefox offers most options if you find the right add-on(s) which suit your preferences.
I prefer, in this order, Firefox and next IE.

Reply | Quote

The four big name browsers are five

Reply | Quote

I use Firefox with AdBloc Plus, Disconnect, NoScript and Better Privacy. I do not save passwords and form data to the computer/browser. I usually clean out after each browsing session with CCleaner (moving the necessary cookies to the “save” side under options).

Reply | Quote

This is a known problem. If you have multiple antivirus products scanning at the same time, they get into conflict. You have to make a decision between Norton and MSE.

Reply | Quote

You shouldn’t run two antivirus programs in the background at the same time. Norton (and other big-name virus programs) will usually turn off the MS program.

If you feel you need added protection, choose programs that do on-demand scanning – they run when you tell them to then turn off when you close them.

Reply | Quote

Yes sure if u trust ms not to exploit that for other purposes and who in right mind does that.

Reply | Quote

Bizarre!

Reply | Quote

I think what happens is that MSE has as primary mechanism Windows Update and as fallback updating directly.
If Windows Update is slow, it is still seen as working in which case the fallback mechanism is never triggered.
Inspecting the registry keys under
HKEY_LOCAL_MACHINESOFTWAREMicrosoftMicrosoft AntimalwareSignature Updates
gives away some clues.
In particular the String value FallbackOrder and DWORD value ForceUpdateFromMU

Reply | Quote

Actually, I don’t find it bizarre. Windows Update often presents MSE definition updates, so there’s clearly a tie-in between WU and MSE.

Reply | Quote

Dear Woody and cm100!
It is nice to see that you are worried about cookie based tracking. Visit https://panopticlick.eff.org/ and https://www.browserleaks.com/ then start worry about the other methods.

Cookies are just one thing. To actually block all third-party requests you may try the RequestPolicy add-on for Firefox, or the uMatrix/ublock add-on in Chromium base browsers. You can then see how many websites rely for example on ajax.googleapis.com, and because of that how many you can’t even use without accepting the full Google Terms of Service and Privacy Policy.

Reply | Quote

Dear Jim (#102897) !
NoScript does not block any cookies. And cookie placing is not related to JavaScript either.

However if you use the ‘Forbid ‘ option in NoScript, it will protect you from loading some external sites and therefore their cookies, and their third-party cookies.

IFrames are the thing you use to embed another webpage into yours. For example embedded the Youtube videos and Facebook/Twitter widgets use IFrames.

Reply | Quote

*hey woody it would be ‘Forbid IFRAME’ with the html tags, but your site blocks that. You should use CDATA for the comment section so you don’t have to filter anything.

Reply | Quote

I’m at the mercy of the folks who wrote WordPress and this specific theme.

Reply | Quote

OK Marty, I installed Cookie Monster. There is another cookies management add-on mentioned here which is Self-Destructing Cookies and seems to be more popular based on the number of downloads, but I am certainly not interested in something that does not allow me to use the full functionality of the browser. I still have to get familiar with it. Self-Destructing Cookies lived only 5 minutes on my Firefox as it already deleted my stored user name and email on Woody’s site without warning and this is unacceptable.

Reply | Quote

Not worried at all, just discussing the subject. Having advertisements displayed on screen is not a reason to be worried, only annoyed. The TV is far worse and this is why I spend a lot more time in front of a computer screen than in front of a TV.

Reply | Quote

Yesterday I saw a New York Times article about blocking/avoiding emails that have hidden tracking pixels in them (apparently something like 25% of emails do have those, now) as well as programs that let you insert such pixels into emails that you send (which let you see if they are opened and when),

and that led me to another NYT article from earlier this year that compared 4 ad/tracker-blocking programs such as Ghostery and such [none of them work on IE, which I use (which is why I have my own privacy/safety setup that includes Peerblock), but I was just reading it out of interest],
and their testing showed that none of the 4 do a great job — most only blocked 9 out of 40 possible, or something like that.

(Just now, I tried to go back to the article and check the accuracy of my recollection that it was 9 out of 40, but ironically something tonight is stopping me from seeing the article at all, and the error message from the NYT tells me “to view our site you have to allow cookies”!
I’ve never seen that warning before from the NYT. I normally view their articles with no problem or hassles at all – at least the first 9 or 10 articles before their paywall comes down on that particular internet session.)

Anyway, assuming other people will still be able to see the article, the url of the NYT article about the different free ad/tracker programs is:
http://www.nytimes.com/2016/02/18/technology/personaltech/free-tools-to-keep-those-creepy-online-ads-from-watching-you

in that article, they mentioned one as being the most effective but the most limiting in terms of the user’s internet browsing experience, and I’d never heard of it, so I had a look at its website. RedMorph is the name.

RedMorph is quite doom-mongering about some privacy/security issues, and i think they probably exaggerate some issues (such as saying that potential employers are in the position to pay external companies for people’s private search histories and to turn down job applicants based on their past search histories), but it’s interesting to see what they are flagging up as important to know about.

here are some pages from the RedMorph website:

“The tracking ecosystem – who, how, why”
https://redmorph.com/articles/trackingEcosystem.html
the iceberg graphic is interesting – i’m figuring out at which areas of the iceberg i’m unprotected.

“Awareness blog”
with many topics covered – this is where they can get a bit doom-y
https://redmorph.com/blog.html

one of their topics on that page is:
“When the cookies crumbled, so did your web anonymity”
https://redmorph.com/articles/web-anonymity.html
and clicking on that leads to a Guardian article about the subject:
https://www.theguardian.com/technology/2014/oct/05/cookies-crumbled-internet-anonymity

Reply | Quote

In IE,

you can go to “Tools” and delete browsing history,

I am pretty sure you can also set it up to delete cookies and the other stuff in the browsing history upon every exit from the browser (mine does that, but I forget how I told it to do that),

you can turn off DOM storage in Tools – Internet Options – Advanced,

you can go to the Flash settings in your programs and set it to have no space to save anything, and set up several other things that keep it hidebound (strangely enough, even though one’s Flash settings were put “in” the computer a couple of years ago and are not online with the Flash site, when I looked at my Flash settings the old fashioned way about a year ago, via the online interface from the Flash site, it had things that my computer-based settings didn’t, but I forget the details now)

and even with all that,
plus a low tolerance for accepting cookies in the first place – the settings are the most limited that I could have without having to approve each first-party one separately –
when I log out of IE (and I wait a minute to let it do its deleting of the history), when I then run the CCleaner program, it still finds plenty of other stuff to delete from that internet session.
I recommend CCleaner for cleaning (but I select nothing in the ‘registry’ cleaning area, and just select half of the options in the ‘cleaner’ cleaning area – the safer half of those options),
as well as for help on keeping track of installed programs, system restore points, startup programs etc. It also has a drive wiper and lots of other features.

I also use Peerblock to totally block Facebook and Google IPs (all their tracking of us across the internet, what we look at, what we search for, even if we aren’t logged in to them, even if we don’t have an account with them, etc.) and I have a few rules set up in my Norton Security firewall also to block Facebook and Google because I found that they were sometimes getting through Peerblock.

I block about 800 million other IP addresses with Peerblock, in the form of pre-made blocklists and personally-created blocklists – not exaggerating about the number of IPs that I block. That free, abandoned program has been great for my purposes and I will miss it when I am wrenched away unwillingly from using Windows 7.

By the way, a couple of days ago on a large retailer’s website they were having a sale on 5-device 1-year Norton Security “deluxe” or whatever it’s called, plus there was a coupon code for another $20 off, so I got it for the final price of $19.99 for my next year’s subscription of Norton, which is a good price for the 5-devices version.
This sort of price, or lower, comes around every once in a while. I saw another sale on the same thing on the same day at a different retailer that was for only $9.99, but you had to have a discount code from that store’s previously-distributed newsletter, which I didn’t have.
(By the way, if you renew your Norton Security subscription via buying it from a retailer instead of through your existing Norton account, do not put in the code for the next 12 months’ of service until the very day that your old subscription expires, because Norton does not allow you to keep the days that you have left on your current subscription if you enter in a code bought elsewhere while your current sub is still active. If you extend your Norton Security subscription through your Norton account, which often charges a much higher price for the annual subscription, perhaps $70 or more, they *will* extend the new sub by the number days you have left in your old sub.)

Reply | Quote

Woops! The book above was meant as a reply @Brian asking for browser recommendations. SMH

Reply | Quote

You mention the NYT article “that compared 4 ad/tracker-blocking programs” and I’m surprised that there was no mention of the EasyPrivacy list which has been recommended by the Eff for a long time now. https://www.eff.org/deeplinks/2012/04/4-simple-changes-protect-your-privacy-online By the way, your link for the NYT article is not working but if you add .html to the end of the link it will work.

I haven’t looked in a long time so out of curiosity I checked to see how many entries are in the EasyPrivacy list and there are about 12,000. I did see some entries for gifs at the top of the list. Email tracking? EasyPrivacy Tracking Protection List is available for IE, I’m on Win 7 but I assume that Edge also has the ability to use tracking protection lists. I haven’t used RedMorph and it’s been quite some time since I used Disconnect and Privacy Badger but I do have Ghostery installed. Ghostery shows five categories of trackers: advertising, analytics, beacons, privacy and widgets. With all beacons and privacy trackers blocked (539 trackers) I saw zero reduction of network requests using the web developer tools in Pale Moon when compared to only using uBlock with EasyList, EasyPrivacy and Fanboy’s Annoyance lists. I used android central dot com as my test website because they are not bashful about using a ton of trackers. Normally I leave Ghostery disabled, reason being it by far uses the most cpu/memory of all my 20+ add-ons in Pale Moon and FF ESR. Even more than greasemonkey, which is #2 in memory use, the horror.

In case you weren’t already aware Adblock Plus for IE works very well, it’s available for Edge also. It has to be installed as a separate program. The program folder for ABP for IE is less than half the size of CCleaner on my desktop. Unfortunately you can only use one filter and EasyList is the one to use. I rarely use IE 11 but I have ABP for IE and the EasyPrivacy Tracking Protection List installed in it. If you don’t want to install ABP as a separate program you can always use EasyList as a Tracking Protection List but you loose the element hiding rules.
https://adblockplus.org/releases/adblock-plus-15-for-ie-released

Reply | Quote

@poohsticks: The link you provided to the NYT article was missing the “.html” at the end. The correct link is this: http://www.nytimes.com/2016/02/18/technology/personaltech/free-tools-to-keep-those-creepy-online-ads-from-watching-you.html

Reply | Quote

@Marty,
Thank you for providing the correct link!

Reply | Quote

@Richard Allen,

Thank you for the additional information, I’m sure it will help people!

AdBlock Plus has default whitelists of selected advertisers whose ads they do not block,
and it’s a topic that they have been accused of being sneaky about and secretly earning money from: https://en.wikipedia.org/wiki/Adblock_Plus#Controversy_over_ad_filtering_and_ad_whitelisting

For those reasons, I have not used it.

For now, I am happy using Peerblock as my ad/tracker blocker, but that’s an unusual solution it seems;
for most people using IE, I expect that using AdBlock Plus would be better than nothing.

Reply | Quote

You’re welcome! I for one have learned a lot over the years from Woody and others. If I can contribute Anything useful that’s a huge accomplishment for me.

As far as ABP goes I can’t agree with the assertion that they are being sneaky and secretly earning money. I knew about the acceptable ads whitelist before it was even implemented. I’ve been using uBlock for a couple years but I did use ABP for a long time before and after the acceptable ads fiasco. Just uncheck the box for the whitelist and it’s all good. Personally, I think it was a brilliant strategy on their part and for me it was just another non-issue because it had no affect on how ABP worked (box unchecked).

Peerblock? I’m surprised that I’ve never heard of anyone using it like you are. Only ever heard of it being used in a bittorrent client. Does it work like a hosts file? I’m thinking it does. With an adblocker there are No network requests made by the browser for whatever junk the website wants. With a hosts file, and with PeerBlock, the browser makes All of the network requests that the website wants and Then those requests are terminated before they leave your system. Also, some of those requests, for various reasons, will be made more than once. The higher the number of requests the longer the page load time. All that said there is not a ‘huge’ difference between an adblocker and a hosts file as far as page load times go. I’m going to optimistically say anywhere from a quarter of a second (not likely) to maybe 3 seconds difference, could be more, depends on the website, browser configuration, available bandwidth and hardware being used. I’m willing to bet when using PeerBlock page load times will always be slower compared to using the EasyList and EasyPrivacy Tracking Protection Lists. No ABP for IE installed. And I would consider the two tracking protection lists more than adequate protection with a properly configured browser. JMHO!

My goal has forever been to maximize security, privacy and performance without breaking website functionality. Not worried about total anonymity, I just want to limit and make any info available hard to access. I’m sure that most if not all websites and trackers are very annoyed with me! Mission accomplished!

Page load times, network requests and bandwidth used can quickly and easily be seen with the Developer Tools (Network tab) accessed from the Tools menu or use F12, then refresh the page. Peace!

Reply | Quote

There is an additional setting in Firefox which can be useful for those not using third-party add-on cookie managers like Cookie Monster. This setting is not presented in the user interface, but it is in the about:config page. If you are not familiar with those settings, do not mess with them. They are the equivalent of registry configuration in Windows or the old .ini files which are used by some applications instead of registry configuration.
All cookie settings in Mozilla Firefox are here:
https://developer.mozilla.org/en/docs/Cookies_Preferences_in_Mozilla
The setting which is of interest is:
network.cookie.thirdparty.sessionOnly configured as “true”.
The GUI under Options/Privacy should be configured on default.

Reply | Quote

This is equivalent in IE in the Advanced Privacy Settings with the configuration:
Override automatic cookie handling – Checked
First-party Cookies – Accept
Third-party Cookies – Block
Always allow session cookies – Checked

The last setting has the meaning that it would allow:
First-party Cookies as instructed by the web site, Session or Persistent
Third-party Cookies – Allowed only during the session, never persistent between sessions, i.e discarded at browser close. Overrides the generic Block Third-party cookies, but only for the duration of the existing session.

Reply | Quote