-
Notifications
You must be signed in to change notification settings - Fork 3.2k
Privacy stuff
If you really care very much about your privacy (not being tracked, data mined, etc.), µBlock is a crutch (a good one though), even with EasyPrivacy enabled (this is true for any "ad blocker"). If you want more than a good crutch, HTTP Switchboard is the way to go: it gives you full disclosure and full control of what web pages do.
Unlike HTTP Switchboard, µBlock can't foil cookie headers. I strongly suggest privacy-minded users to...
- Enable "Block third-party cookies and site data" in "Content settings" / "Cookies".
- It works very well: see "Outbound cookies" in this benchmark results.
- But this may break some sites. For instance, you won't be able to enter comments on Youtube.
- Useful to know: the block also applies to local storages, not just cookies.
- Enable "Click to play" in "Content settings" / "Plug-ins".
I personally use these command line switches (Chromium on Linux):
-
--disable-component-extensions-with-background-pages
- "Disable default component extensions with background pages" (ref)
- I believe this prevent Hangout Services to be launched by the browser as a background process. I wasn't too happy to find out there was such a process launched even though I do not use Google's Hangout.
- With other Chromium-based browsers, maybe more stuff would be disabled, you decide whether this is good or bad.
-
--disable-background-networking
- "Disable several subsystems which run network requests in the background" (ref)
- [add more switch of interests whenever new ones are found]
Another powerful command line switch is:
-
--host-rules="MAP *.google-analytics.com 0.0.0.0","MAP *.googleadservices.com 0.0.0.0","MAP *.doubleclick.net 0.0.0.0","MAP *.googletagservices.com 0.0.0.0"
- This switch maps those hostnames (or any other ones) to the IP address 0.0.0.0 (ref) and hence blocks them effectively (even on the Chrome webstore where extensions like µBlock are disabled).
- However, note that blocking those hostnames with that switch might break some websites. That's why blocking them with HTTP Switchboard is preferable since you can whitelist them as exceptions for those websites which won't work without them. Alternatively, you could use the
important
filter option mentioned below.
In case you were not aware, using EasyPrivacy doesn't protect completely against Google Analytics. So if you were using Adblock Plus with EasyPrivacy (as recommended by the EFF), you might have thought you were protected against Google Analytics. This is not necessarily the case.
If you are using µBlock, it protects you more against Google Analytics out of the box -- via "Peter Lowe's Ad server" list. Yet, given that an exception filter may exist somewhere in one of the many lists, I can't guarantee the protection is 100%.
However, in µBlock 0.5.5.0 a new filter option important
was introduced with the consequence that corresponding exception rules are ignored. Example:
||google-analytics.com^$important
blocks Google Analytics regardless of existing exception rules. You can restrict this rule to specific domains like
||google-analytics.com^$important,domain=example1.com|example2.com
or you could exclude specific domains from this rule:
||google-analytics.com^$important,domain=~example1.com|~example2.com
Thus, this option is much more flexible than the above mentioned --host-rules
command line switch.
I don't know why this one is not blocked by Fanboy Annoyance, as the list already blocks many other twitter widget-related stuff. So if you use above list, you may want to add the following to your filters:
||platform.twitter.com/widgets.js$third-party
Each time you visit a site which pull cute little avatar images aside (typically) a commenter's name, there is a corresponding request to Gravatar's web site, and the HTTP referer
header contains the site you are visiting. The tracking potential is too much for me, so I block all these requests:
||gravatar.com^$third-party
I don't know if, and how much this breaks things. But for now I am happy to not have my browsing habits disclosed to gravatar.com. I can live without these cute thumbnails.
But this applies to any domain which is ubiquitous enough, gravatar.com
is just one example among so many.
To deal with this easily, I find HTTP Switchboard to be the best tool, as to blacklist a ubiquitous domain with 100% certainty is simply a matter of point and click.
uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.
- Wiki home
- About the Wiki documentation
- Permissions
- Privacy policy
- Info:
- The toolbar icon
- The popup user interface
- The context menu
-
Dashboard
- Settings pane
- Filter lists pane
- My filters pane
- My rules pane
- Trusted sites pane
- Keyboard shortcuts
- The logger
- Element picker
- Element zapper
-
Blocking mode
- Very easy mode
- Easy mode (default)
- Medium mode (optimal for advanced users)
- Hard mode
- Nightmare mode
- Strict blocking
- Few words about re-design of uBO's user interface
- Reference answers to various topics seen in the wild
- Overview of uBlock's network filtering engine
- uBlock's blocking and protection effectiveness:
- uBlock's resource usage and efficiency:
- Memory footprint: what happens inside uBlock after installation
- uBlock vs. ABP: efficiency compared
- Counterpoint: Who cares about efficiency, I have 8 GB RAM and|or a quad core CPU
- Debunking "uBlock Origin is less efficient than Adguard" claims
- Myth: uBlock consumes over 80MB
- Myth: uBlock is just slightly less resource intensive than Adblock Plus
- Myth: uBlock consumes several or several dozen GB of RAM
- Various videos showing side by side comparison of the load speed of complex sites
- Own memory usage: benchmarks over time
- Contributed memory usage: benchmarks over time
- Can uBO crash a browser?
- Tools, tests
- Deploying uBlock Origin
- Proposal for integration/unit testing
- uBlock Origin Core (Node.js):
- Troubleshooting:
- Good external guides:
- Scientific papers