Earlier this month EFF released
Privacy Badger 1.0 [1]; a browser add-on that stops advertisers and other 3rd
party trackers.
So do we need yet another cookie
blocker?
EFF admit that Badger is similar
to Adblock Plus (Badger is actually based on ABP code), Ghostery, Disconnect
and other cookie blockers [2]. However, Badger is slightly different in some
much as rather than block all cookies, it focuses on enforcing Do Not Track (DNT)
settings. When DNT is enabled in a browser, information is sent in the HTTP
header to inform companies that you do not consent to being tracked and want to
opt out of tracking for purposes such as behavioural advertising. The problem
with DNT is it is voluntary; meaning data harvesting companies can legally (?)
ignore a DNT request. Additionally DNT has suffered some adversity, such
as from Yahoo in 2014 [3]. Because self-regulation of DNT has not been effective, EFF
have developed Badger in order to block repeat DNT offenders.
EFF researchers found that
blocker add-ons such as Ghostery and ABP require some user configuration in
order for non-consensual tracking to be blocked effectively, stating that, in their
default settings, Ghostery does not block anything and ABP is not set to block
invisible trackers [2]. So even if you already run cookie blockers, Badger should
complement your online privacy.
A key design feature of HyperText
is it allows web pages to interact with other third party sites for a richer
browsing experience; such as news feeds, maps, comment boards etc. Unfortunately
the majority of these 3rd party sites are advertisers who download a
tracking cookie to your browser [4]. As the 1st party site does not
need to declare 3rd parties, this has become a serious privacy
issue. With ZAP running, downloading a website will display a whole bunch of
connections to other 3rd party sites for information. FireFox
developed Lightbeam [5] to provide a real-time perspective of just how many 3rd
parties 1st party sites interact with. Ad targeters such as Google
AdWords, hold a mini auction to sell your web space to the highest bidder
before a webpage loads [6].
So why not just run Ghostery and
tell it to block ALL cookies? In some cases 3rd party domains can
provide additional “useful” information to support a web page, such as style
sheets, maps, images. In this instance Badger allows connections to 3rd
parties, but blocks tracker cookies and referrers [2]. Some cookies are used to
hold website preferences such as which language the website should be presented
in. Carte blanche blocking of all cookies may impede the browsing experience. Where
ABP works on a blacklist of known unwanted domains, Badger works by observing
the trackers behaviour over time rather than blocking everything out right. Because Badger blocks visible and
hidden 3rd party trackers, it also unintentionally blocks some, but
not all, ads. These blocked ads are non-consensual ads that abuse DNT, invading
privacy. EFF states that Badger is not intended to be used as an ad-blocker, suggesting that if you
want to block ALL ads you should also run an ad-blocker app. However, installing
an ad-blocker and setting it to block all cookies, might make badger partially
redundant.
Badger does have its limits. It
can block cookies as well as locally stored super cookies (persistent cookies
which cannot be stopped by “private” or “incognito” mode [7]). However blocking
sites that identify users through browser fingerprinting is more difficult. Badger can
block canvas based fingerprinting [8] but not other fingerprinting methods [9]. EFF
does have future plans to address 1st party DNT abusers. Blocking
DNT on 1st parties is more complicated as many are only able to offer free web
services because they are funded by advertising. EFF theorises that visiting
a 1st party site means you must have some sort of relationship (or
interest) with them whereas you do NOT have a relationship with 3rd
party sites which may be abusing DNT.
Badger is currently only
available for FireFox and Chrome, but EFF have made Badger’s code available on
github [10] for use by developers and other browsers.
So again, do we need yet another
cookie blocker? If you want to block as many 3rd party trackers as
possible and have tweaked the default settings of Ghostery, ABP, etc, then you
might not see a great deal of value from Badger. However, if you want to block 3rd
party trackers and run Ghostery, ABP, etc, out of the box then Badger should
enhance your online privacy.
I love your article.You can visit my website: how to install spotify premium apk
ReplyDelete