• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Blocking cookies and adverts for a reasonable level of privacy

streetfighter 2

New Member
Joined
Jul 26, 2010
Messages
1,655 (0.33/day)
Location
Philly
I'm not a particularly paranoid person but I do despise marketers and advertisers. It used to be fairly trivial to block cookies and advertisements but not anymore.

Take a look for yourself:
http://arstechnica.com/web/news/201...he-zombie-cookie-war-by-raising-awareness.ars
http://samy.pl/evercookie/
http://arstechnica.com/security/news/2010/10/it-is-possible-to-kill-the-evercookie.ars

Blocking evercookie in:
Firefox (Ad Block Plus may also work but but I'm not sure and it may conflict with Ad Muncher/hosts file)
Opera
Internet Explorer (just kidding, you're screwed. get a real browser)

Also the FTC Commissioner Jon Leibowitz is somewhat on my side:
http://www.ftc.gov/os/caselist/0710170/071220leib.pdf
Originally Written by Commissioner Jon Leibowitz
Ultimately, if the online industry does not adequately address consumer privacy through
self-regulatory approaches, it may well risk a far greater response from government. To be sure,
the World Wide Web remains an awe-inspiring universe for experimentation and exploration
and, certainly, advertising is integral to expanding the Internet frontier. We just need to ensure
that consumer privacy isn’t trampled in the race to mine data.

What I'm writing about is blocking the tracking attempts of every (yes, every) website I go to. I don't want Amazon.com to recommend a single thing to me. I don't want any other site to log my browsing habits so they can sell them to some other group of jerks. I don't want 10 million flash ads that make noises or otherwise impede using a particular site.

I'm sure someone here is thinking that it's wrong to block advertisements because I'm not paying TPU, arstechnica or other sites I use. You may therefore be startled to learn that in the rare event that I watch TV, I change the channel during the commercials. When driving a car I make a point of ignoring billboards that fill my peripheral vision. Whenever possible I pay in cash so companies can't track my purchases. I don't even like malls.

BTW, I obviously turn off all ad-blockers when I'm on TPU because the advertisements are always relevant and worthy of a good clicking. ;)

There are many ways that advertisers track you on the net but the primary ones are:
1) Flash cookies
2) Cookies
and cookie monster (actually that's just a character from Sesame Street)
3) IP based
4) HTML5 magic

I should note that I also like settings to be transparent, omnipresent and compatible.

Without further ado, a brief discussion of my current methods. Please suggest new information or improvements on my methods wherever you can. Thanks!

-1) A good Firewall Description: If you don't have a firewall you really should be in the process of getting one right now. Some firewalls can block ads and all firewalls will help prevent hacking attempts.

Solution: There are lots of different firewalls available. The good Mr. AsRock recommended Outpost Firewall as a personal firewall/ad blocker/content control. I like ClearOS as a network firewall but it requires significantly more technical expertise and a dedicated machine to set up. Anyway about it you'll probably want something with ad blocking/content control to insure your privacy is protected. You can also augment you firewall protections using a tool like CCleaner which wipes your browser's internet files (cookies, temp files, etc.) though many browsers allow you to tune these features automatically.

Transparency/Omnipresence/Compatibility: If you run a personal firewall like Outpost Firewall it will run on your machine and you'll know it's there. Consequently I like an external firewall because I only need to interact with it to change settings. External firewalls also have the advantage of offering protection for all computers on a network, regardless of OS. When it comes to simplicity though Outpost Firewall seems to be the winner. A good firewall will actually help with all the issues I mention (1 thru 4), though it may be redundant with 0.

0) Null route Description: The first thing to do, and arguably the easiest, is to null route as many known advertising servers as you can. Null routing forces your computer to incorrectly resolve specific addresses. In laymen's terms it pretty much blocks specific sites.

Solution: Thankfully MVPS constantly updates a list of jerks which makes it extraordinarily convenient to block a good chunk of internet advertisers. If you know how to edit your hosts file you can manually update it with the MVPS version . Unfortunately new advertisers pop up every day so this isn't a complete solution but it's a pretty damn good attempt. If you'd like to manage your hosts file yourself you might want to give the excellent utility hostsman a try. On the other hand, if modifying your hosts file is not your cup of tea you can check out Ad Muncher which performs most of the tasks of a good hosts file but through it's own utility.

Transparency/Omnipresence/Compatibility: The reason why I recommend this over traditional browser based advert blockers is because this works for everything on your computer. It even prevents some trojans from calling home and turning your computer into a digital depot. You can use this in conjunction with a browser based ad-blocker if you want the additional features it affords you, but don't skip on the hosts file/Ad Muncher! There are minor compatibility issues and they're usually with sites that are deeply in cahoots with advertisers. Oddly enough I noticed that I couldn't download VMware officially (without disabling my hosts file) because my hosts file was preventing VMware from sending my personal info to marketers :D. A hosts file will actually help with all the issues I mention (1 thru 4).

1) Flash Cookies Description: Also called Adobe love stains (I just made that up...). Adobe loves you so much that they allow flash to place cookies in several locations on your computer. They also don't do much in the way of advertising a bloody control panel but one does exist.

Solution: The most comprehensive solution I've found thus far is to remove read/write permissions on the folders mentioned here . If you're using firefox you can try BetterPrivacy .

Transparency/Omnipresence/Compatibility: Once it's set it's done and it works in all browsers. Unfortunately removing read/write permissions on the folders mentioned on the wikipedia entry will also cause severe compatibility problems with a lot of sites sporting flash content. The only alternative is to use the poorly advertised Flash Settings Manager and disable as much as you can. It will still be necessary to periodically go into the folders on your computer and manually delete all the accumulated garbage or use BetterPrivacy to automate this process.

2) Vanilla (as in plain-olde) cookies Description: Browser cookies are like horse flies, they bite you and they perpetually follow you. Occasionally they're good, like the one TPU uses to keep me logged in. More often they're just tracking you so advertisers can make money off your browsing habits.

Solution: Only one way out of this unfortunately. Go into your browser setting and disable cookies but add exceptions for sites you like or otherwise need to visit.

Transparency/Omnipresence/Compatibility: Chances are you'll always find another site to add to the list of exceptions. Worse still is that each browser has to be configured separately. Some sites will completely refuse to work unless you enable cookies for them.

3) IP Based Description: Websites with annoying marketing departments will log your IP and record your browsing habits under that IP for the purpose of hawking you and the people around you more crap.

Solution: A good proxy or Tor . If you opt to use Tor I'd recommend JanusVM because it's easy to configure and doesn't require you to manually enter a proxy in different browsers. I've found xroxy and hidemyass provide decent lists of public proxy servers.

Transparency/Omnipresence/Compatibility: Unfortunately you're not going to want to run your internet through a proxy or Tor all the time (unless you have to). Additionally setting up a proxy/Tor is often a per browser setting and can occasionally be a pain in the neck to set up. Tor does have some compatibility issues but they're quite tolerable in my opinion. If you use a good socks5 proxy server you shouldn't have too many problems.

4) HTML5 Description: I hate it, I hate it, I hate it... But it's so useful. Reminds me of the .NET framework. It has more holes than a colander thats been hit with 20 birdshot shells.

Solution: Turn off JavaScript except on sites that you trust.

Transparency/Omnipresence/Compatibility: Most every site has JavaScript these days so turning it off is going to be a shitstorm.

A note about the numbering of the methods
You may have noticed that the methods start at -1, this is a bit like the rules of thermodynamics. The first two methods are so fundamental that they shouldn't need to be stated but I do anyway to insure that the list is comprehensive.

Any suggestions for improving my list would be great!
 
Last edited:
Joined
Apr 19, 2007
Messages
378 (0.06/day)
System Name The Monolith
Processor Core i7 3770k
Motherboard Asus P8Z77-V Pro
Cooling Stock
Memory 4gb 1333 Upgrading to G-Skill Sniper 2x 8gb 2133
Video Card(s) EVGA GTX 680 FTW 4gb
Storage OCZ Revo 3 120gb / 1tb WD Caviar Black
Display(s) Westinghouse LVM37 W-3 37"1080p
Case Corsair Obsidian 650D
Audio Device(s) M-Audio Firewire Solo
Power Supply Corsair HX 1050
Software Windows 7 Ultimate x64
I use firefox and some good add-ons. Get Ad Block Plus, it is good at blocking ads and will help speed up web page loading times. I also use Noscript, it blocks all incoming scripts until you allow them to be loaded. Those are my two main add-ons I use and they work great. In firefox in the options under the privacy tab you can configure how cookies are handled. Hope this helps.
 

streetfighter 2

New Member
Joined
Jul 26, 2010
Messages
1,655 (0.33/day)
Location
Philly
I appreciate the suggestion.

I like some of the features in Noscript but I don't want to be limited to having those features in Firefox and also having to modify them a lot. On the other hand I might not have an alternative... For the time being I'm looking into abstracting some of the ideas of Noscript to fit a more general case which is loosely defined by my notion of transparency, omnipresence and compatibility.

Specifically I'd like to find a way to block (yet provide exceptions for):
<canvas>
all HTML5 storage APIs
Cross-Site Scripting (XSS)

EDIT: Now that I think about it I might as well just turn off JavaScript then add exceptions for the sites I use most often... It would be nice to block only those things I mentioned though.

Firefox's Ad Block Plus just doesn't cut the cheddar when compared to the MVPS host file. The hosts file is much more robust.
 
Last edited:
Joined
Apr 19, 2007
Messages
378 (0.06/day)
System Name The Monolith
Processor Core i7 3770k
Motherboard Asus P8Z77-V Pro
Cooling Stock
Memory 4gb 1333 Upgrading to G-Skill Sniper 2x 8gb 2133
Video Card(s) EVGA GTX 680 FTW 4gb
Storage OCZ Revo 3 120gb / 1tb WD Caviar Black
Display(s) Westinghouse LVM37 W-3 37"1080p
Case Corsair Obsidian 650D
Audio Device(s) M-Audio Firewire Solo
Power Supply Corsair HX 1050
Software Windows 7 Ultimate x64
I appreciate the suggestion.

I like some of the features in Noscript but I don't want to be limited to having those features in Firefox and also having to modify them a lot. On the other hand I might not have an alternative... For the time being I'm looking into abstracting some of the ideas of Noscript to fit a more general case which is loosely defined by my notion of transparency, omnipresence and compatibility.

Specifically I'd like to find a way to block (yet provide exceptions for):
<canvas>
all HTML5 storage APIs
Cross-Site Scripting (XSS)

EDIT: Now that I think about it I might as well just turn off JavaScript then add exceptions for the sites I use most often... It would be nice to block only those things I mentioned though.

Firefox's Ad Block Plus just doesn't cut the cheddar when compared to the MVPS host file. The hosts file is much more robust.

Cool I'm going to try that. I'm a bit of a novice though, LOL, well novice compared to most people in the forums here.
 

AsRock

TPU addict
Joined
Jun 23, 2007
Messages
18,851 (3.08/day)
Location
UK\USA
Processor AMD 3900X \ AMD 7700X
Motherboard ASRock AM4 X570 Pro 4 \ ASUS X670Xe TUF
Cooling D15
Memory Patriot 2x16GB PVS432G320C6K \ G.Skill Flare X5 F5-6000J3238F 2x16GB
Video Card(s) eVga GTX1060 SSC \ XFX RX 6950XT RX-695XATBD9
Storage Sammy 860, MX500, Sabrent Rocket 4 Sammy Evo 980 \ 1xSabrent Rocket 4+, Sammy 2x990 Pro
Display(s) Samsung 1080P \ LG 43UN700
Case Fractal Design Pop Air 2x140mm fans from Torrent \ Fractal Design Torrent 2 SilverStone FHP141x2
Audio Device(s) Yamaha RX-V677 \ Yamaha CX-830+Yamaha MX-630 Infinity RS4000\Paradigm P Studio 20, Blue Yeti
Power Supply Seasonic Prime TX-750 \ Corsair RM1000X Shift
Mouse Steelseries Sensei wireless \ Steelseries Sensei wireless
Keyboard Logitech K120 \ Wooting Two HE
Benchmark Scores Meh benchmarks.

Completely Bonkers

New Member
Joined
Feb 6, 2007
Messages
2,576 (0.41/day)
Processor Mysterious Engineering Prototype
Motherboard Intel 865
Cooling Custom block made in workshop
Memory Corsair XMS 2GB
Video Card(s) FireGL X3-256
Display(s) 1600x1200 SyncMaster x 2 = 3200x1200
Software Windows 2003
great stuff!

also suggest hostman, ccleaner, admuncher
 

streetfighter 2

New Member
Joined
Jul 26, 2010
Messages
1,655 (0.33/day)
Location
Philly
Cool I'm going to try that. I'm a bit of a novice though, LOL, well novice compared to most people in the forums here.

I'd definitely recommend it. If you want you can use Ad Block Plus in conjunction with the MVPS host file. The only reason why this might be an issue is if you went to a website that wasn't working properly you might end up having to disable both your hosts file and Ad Block Plus to get the site to work.

I just use Outpost Firewall it will block what ever you like.

http://www.agnitum.com/products/

I can't believe I forgot to mention firewall on my list! That'd be like the -1th method because it's so obvious that I forgot to mention it. Thanks.

I've never even heard of Outpost Firewall before but I read up on it and it seems like a really solid personal firewall.

I rarely move my desktops outside my LAN so I've focused on firewalling the LAN and I just use the stock Windows/linux/OSX firewall for the individual computers. I currently have a router connected to my WAN, and a dedicated box running ClearOS and JanusVM connected to the router. All the computers on the LAN are connected to a switch which is connected to the ClearOS/JanusVM box. That way I get 3 layers of firewall and an optional VPN for anonymous browsing (method 3). (I made a thread on how I was able to virtualize ClearOS for testing before I deployed it if you're interested.)

great stuff!

also suggest hostman, ccleaner, admuncher

By hostman you mean HostsMan right? That looks like a really excellent little program. I'm definitely going to give it a try. Thanks.

I always thought ccleaner was just for fixing up the registry. I see now it cleans up for browsers too. Do you know if it deletes flash cookies as well?

Admuncher looks like a really great program. It appears to be a really customizable front-end with core-functionality akin to a good hosts file. I was reading the FAQ and it mentions "Protects your privacy by blocking common third-party tracking systems", I'm curious to how it does this and to what extent. I think I'll fiddle with Admuncher in a VM when I get some spare time.
 
Joined
Nov 2, 2008
Messages
887 (0.16/day)
Processor Intel Core i3-8100
Motherboard ASRock H370 Pro4
Cooling Cryorig M9i
Memory 16GB G.Skill Aegis DDR4-2400
Video Card(s) Gigabyte GeForce GTX 1060 WindForce OC 3GB
Storage Crucial MX500 512GB SSD
Display(s) Dell S2316M LCD
Case Fractal Design Define R4 Black Pearl
Audio Device(s) Realtek ALC892
Power Supply Corsair CX600M
Mouse Logitech M500
Keyboard Lenovo KB1021 USB
Software Windows 10 Professional x64
If you use Firefox, try the BetterPrivacy add-on. It was designed specifically to deal with Flash Player's LSOs (Locally Stored Objects, a.k.a. "Flash cookies"). :rockout:
 

AsRock

TPU addict
Joined
Jun 23, 2007
Messages
18,851 (3.08/day)
Location
UK\USA
Processor AMD 3900X \ AMD 7700X
Motherboard ASRock AM4 X570 Pro 4 \ ASUS X670Xe TUF
Cooling D15
Memory Patriot 2x16GB PVS432G320C6K \ G.Skill Flare X5 F5-6000J3238F 2x16GB
Video Card(s) eVga GTX1060 SSC \ XFX RX 6950XT RX-695XATBD9
Storage Sammy 860, MX500, Sabrent Rocket 4 Sammy Evo 980 \ 1xSabrent Rocket 4+, Sammy 2x990 Pro
Display(s) Samsung 1080P \ LG 43UN700
Case Fractal Design Pop Air 2x140mm fans from Torrent \ Fractal Design Torrent 2 SilverStone FHP141x2
Audio Device(s) Yamaha RX-V677 \ Yamaha CX-830+Yamaha MX-630 Infinity RS4000\Paradigm P Studio 20, Blue Yeti
Power Supply Seasonic Prime TX-750 \ Corsair RM1000X Shift
Mouse Steelseries Sensei wireless \ Steelseries Sensei wireless
Keyboard Logitech K120 \ Wooting Two HE
Benchmark Scores Meh benchmarks.
I'd definitely recommend it. If you want you can use Ad Block Plus in conjunction with the MVPS host file. The only reason why this might be an issue is if you went to a website that wasn't working properly you might end up having to disable both your hosts file and Ad Block Plus to get the site to work.



I can't believe I forgot to mention firewall on my list! That'd be like the -1th method because it's so obvious that I forgot to mention it. Thanks.

I've never even heard of Outpost Firewall before but I read up on it and it seems like a really solid personal firewall.

I rarely move my desktops outside my LAN so I've focused on firewalling the LAN and I just use the stock Windows/linux/OSX firewall for the individual computers. I currently have a router connected to my WAN, and a dedicated box running ClearOS and JanusVM connected to the router. All the computers on the LAN are connected to a switch which is connected to the ClearOS/JanusVM box. That way I get 3 layers of firewall and an optional VPN for anonymous browsing (method 3). (I made a thread on how I was able to virtualize ClearOS for testing before I deployed it if you're interested.)



By hostman you mean HostsMan right? That looks like a really excellent little program. I'm definitely going to give it a try. Thanks.

I always thought ccleaner was just for fixing up the registry. I see now it cleans up for browsers too. Do you know if it deletes flash cookies as well?

Admuncher looks like a really great program. It appears to be a really customizable front-end with core-functionality akin to a good hosts file. I was reading the FAQ and it mentions "Protects your privacy by blocking common third-party tracking systems", I'm curious to how it does this and to what extent. I think I'll fiddle with Admuncher in a VM when I get some spare time.

Well without post it can block loads of stuff and i do mean loads of stuff all though it is good for a beginner but with all the options it has can be setup to a much more advanced way including web page content control..

I've even blocks ads from some games Tiger Woods 08 was one were it would make the game connection ( required ) and ads which ya just block :). Well worth checking out thats for sure.

I could post some pics if you like ?.
 
Joined
Apr 10, 2010
Messages
1,828 (0.36/day)
Location
London
System Name Jaspe
Processor Ryzen 1500X
Motherboard Asus ROG Strix X370-F Gaming
Cooling Stock
Memory 16Gb Corsair 3000mhz
Video Card(s) EVGA GTS 450
Storage Crucial M500
Display(s) Philips 1080 24'
Case NZXT
Audio Device(s) Onboard
Power Supply Enermax 425W
Software Windows 10 Pro
I use firefox and some good add-ons. Get Ad Block Plus, it is good at blocking ads and will help speed up web page loading times. I also use Noscript, it blocks all incoming scripts until you allow them to be loaded. Those are my two main add-ons I use and they work great. In firefox in the options under the privacy tab you can configure how cookies are handled. Hope this helps.

This is what I used, but I think that Firefox is getting slower with every version.
 
Joined
Aug 13, 2009
Messages
3,187 (0.60/day)
Location
Czech republic
Processor Ryzen 5800X
Motherboard Asus TUF-Gaming B550-Plus
Cooling Noctua NH-U14S
Memory 32GB G.Skill Trident Z Neo F4-3600C16D-32GTZNC
Video Card(s) Sapphire Radeon Rx 580 Nitro+ 8GB
Storage HP EX950 512GB + Samsung 970 PRO 1TB
Display(s) HP Z Display Z24i G2
Case Fractal Design Define R6 Black
Audio Device(s) Creative Sound Blaster AE-5
Power Supply Seasonic PRIME Ultra 650W Gold
Mouse Roccat Kone AIMO Remastered
Software Windows 10 x64
Nice thread.
Has anyone really experienced slowdowns when using the hosts file?
 

AsRock

TPU addict
Joined
Jun 23, 2007
Messages
18,851 (3.08/day)
Location
UK\USA
Processor AMD 3900X \ AMD 7700X
Motherboard ASRock AM4 X570 Pro 4 \ ASUS X670Xe TUF
Cooling D15
Memory Patriot 2x16GB PVS432G320C6K \ G.Skill Flare X5 F5-6000J3238F 2x16GB
Video Card(s) eVga GTX1060 SSC \ XFX RX 6950XT RX-695XATBD9
Storage Sammy 860, MX500, Sabrent Rocket 4 Sammy Evo 980 \ 1xSabrent Rocket 4+, Sammy 2x990 Pro
Display(s) Samsung 1080P \ LG 43UN700
Case Fractal Design Pop Air 2x140mm fans from Torrent \ Fractal Design Torrent 2 SilverStone FHP141x2
Audio Device(s) Yamaha RX-V677 \ Yamaha CX-830+Yamaha MX-630 Infinity RS4000\Paradigm P Studio 20, Blue Yeti
Power Supply Seasonic Prime TX-750 \ Corsair RM1000X Shift
Mouse Steelseries Sensei wireless \ Steelseries Sensei wireless
Keyboard Logitech K120 \ Wooting Two HE
Benchmark Scores Meh benchmarks.
Top