dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1397

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member

Initial Site Only


I'm just wondering what people use these days to stop 3rd parties?
If I visit example.com, I don't want any other cookies, site data etc.

More and more I am finding even with ad blockers etc that third parties are incorporated to break the web page if you do not allow some site data. Look I understand we all need to make money, but my favorite browser of late - Google Chrome is setting data I don't want, Bing, Google ads etc, even though I do not use Bing as a search, I have AdBlock Plus, Ghostery, and ScriptSafe extensions enabled, I'd almost state they are not doing the job properly, or I've over protected my self and these tools are fighting and letting crap through.

Arer we getting to the point the site we want is going to be hidden behind third parties, so that these sites can make their money? Even paid software sites are doing it.

I'm not using a hosts file but think I'd be almost better off going back to this form of blocking - it blocked any data being set full stop. My present settings do not.

therube
join:2004-11-11
Randallstown, MD

therube

Member

Until & unless something changes, I could care less.

Up to this point in time, & as far as I can see into the future, I worry not, & do nothing more then whatever my browser, NoScript, (& a very dated patterns in) Adblock Plus afford.

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member


Don't get me wrong, this isn't a paranoia question as such, as I've seen my data drawn from web sites exploited and been given a polite heads up - great that it was for someone to point it out - there is nothing I can do with sites not spending money or utilizing good IT hex

If these tools block, why does data get stored and how to fix it. Hosts' file does do the job but I thought I'd try another path.

Outdated patterns in Adblock Plus? Is there a better option, free or paid? AdMuncher?
redwolfe_98
Premium Member
join:2001-06-11

4 edits

redwolfe_98 to norwegian

Premium Member

to norwegian
norwegian, you said that you are using the "adblock plus" addon with the google "chrome" browser.. are you using any blocklists with "adblock plus"? "adblock plus" won't block ads if you aren't using any blocklists with it..

i use the "fanboy" blocklists, with "adblock plus"..

i don't fool with "ghostery" so i can't really comment on that..

when i tried using the "chrome" browser, i noticed that its cookie-management was screwed up.. chrome's cookie-management could be different, now.. if chrome's settings-options allow you to block third-party cookies, you should do that.. if chrome's cookie-management doesn't allow you to block third-party cookies, maybe there is an addon, for "chrome", that will allow you to do that..

my advice would be to use a real browser, "firefox", with the "noscript" and "adblock plus" addons, using the "fanboy" blocklists, with "adblock plus", and, in firefox's "privacy"-settings, set it to "accept cookies", but NOT to "accept" third-party cookies..

i will mention that, in rare cases, having third-party cookies blocked can be an issue.. if you run into a problem where you are not able to login to a website, you could try temporarily allowing third-party cookies, to see if having third-party cookies blocked is the problem..

i am not saying that "firefox" is perfect..there are a lot of little things that i don't like about firefox, but, still, it works for me..

maybe you use "chrome" because some people say that it is the most secure browser, because of its so-called "sandbox" but i am not impressed with chrome's so-called sandbox..

aside from hating chrome's GUI, another thing that i hated about "chrome" was that it didn't seem to allow for using high security-settings.. however, i have heard that chrome does allow for using high security-settings, you just have to dig and dig and dig and dig to find those settings-options.. with firefox, you just add the "noscript" addon and, then, everything is locked down..

using a HOSTS file is an option.. i don't see any reason not to use one.. i use a HOSTS file..

if you are going to use a HOSTS file, i would recommend using funkytoad's "hostsxpert" to manage the HOSTS file and funkytoad's "homer".. do a google-search for "funkytoad" to find the "funkytoad" website and the funkytoad programs.. if you have an issue with using "homer" (maybe because of "UAC" ), try adjusting its "permissions"-settings..

p.s. you mentioned "webpages breaking".. with some webpages, if you don't have "scripting" allowed, on the webpage, some-or-all of the webpage's content will not display.. so, if you have "javascript" disabled, universally, that could be the problem, "breaking" the webpages..

p.p.s. i don't have a problem with most websites, but i did run across one obscure website, one time, where it said that i had to allow third-party cookies, in order to use the website.. i don't remember how i handled that, if i chose to allow the third-party cookies or not..

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member

said by redwolfe_98:

when i tried the "chrome" browser, i noticed that its cookie-management was screwed up.. chrome's cookie-management could be different, now.. if chrome's settings-options allow you to block third-party cookies, you should do that.. if chrome's cookie-management doesn't allow y0u to block third-party cookies, maybe there is an addon, for "chrome", that will allow you to do that..

For start, that maybe a problem. I've tried adding cookies for instance to the blocked list but it doesn't help, they are still set. That has given me something posative to suggest it is in the browser, as I am of 2 minds on Chrome.

On third party cookies, I gather as some browsers have settings "allow session cookies" sometimes helps. Chrome does not seem to have this setting. Some of the settings seem to be just plain missing.

I have not really been serious yet with the about:config page either to be honest, but after Opera getting too file-share orientated, I wanted to try another browser.

Firefox was my first browser outside of IE back in IE6/7 days until Opera came along, but it was full of too many holes - I know that has improved, but like anything with all the improvements came bugs......ah the joys of today's browsing.

dib22
join:2002-01-27
Kansas City, MO

1 recommendation

dib22 to norwegian

Member

to norwegian
Click for full size
chrome://settings/content

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member


Thanks I am aware of the setting. However there is no setting for session only data and some sites are broken using that setting. Also some 3rd party cookies are still set even with that setting on.

I'm not sure if it is the browser or the extensions, but it is on a fresh O/S install.

Maybe I will review the extensions (buggy) and a hosts file to fix my needs. However I have no doubt it may also kill using my ScriptSafe, which is not what I'm aiming for. Which is why I'm asking also if anyone else sees it.

therube
join:2004-11-11
Randallstown, MD

therube to norwegian

Member

to norwegian
> Outdated patterns in Adblock Plus?

Only outdated if you consider 2008 old.
Only because that's the last time I updated the patterns.
Only because I am not really all that concerned, & what it does, has done, for years, is sufficient enough for me.

(The program itself is current.)
(And NoScript cuts out so much crap as it is, there is not always much for ABP to mop up, or vice-versa.)

dib22
join:2002-01-27
Kansas City, MO

1 edit

dib22 to norwegian

Member

to norwegian
Give me an example site and the 3rd party cookie you are getting set and I will give it a try on multiple systems to see what happens.

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member

1 was off Facebook, for 11nux.com
This is placed in the blocked list, and I've tried various settings to see if it can block. Shown are present settings. But a few options was still allowing it. Using just 11nux.com didn't help, I haven't tried the wild card entry as yet as is the case in some filters, such as *.11nux.* or *11nux* or 11nux.* or similar, but I'm gathering this seems to be a setting I must be missing in Chrome, as I've not had this issue with Opera or IE previously, or it is a genuine bug.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

Mele20

Premium Member

That's a GoDaddy parked page. Why would you be getting a cookie there on any browser?

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member

Not sure.

However early January was a place where one visit produced a web page "I've got you" around the time a lot of sites were exploited, hence my topic about flash here.

Now I have a fresh installed O/S and tracing what seems abnormal behavior now. You suggesting that about a parked page creates a bigger concern if you are correct....I'll try not to get paranoid yet, I'm hoping it is a simple setting I seem to be missing.
norwegian

norwegian

Premium Member

While I'm on this topic and also facebook; not that I use it much, it's just to catch up on what old friends from miles away are up to; I have a bug with a 3rd party link that must be there for load balancing facebook pages. On the main page it freezes, can any one else reproduce it with Chrome, I use ScriptSafe, ABP and Ghostery, although I'm sure I've seen it happen without all those plug-ins. This happens every time, after a clean of the browser cache.

From these domains the system freezes when loading the first link for a minute.

ht tps://www.facebook.com/
ht tps://fbcdn-dragon-a.akamaihd.net
ht tps://fbstatic-a.akamaihd.net
Frodo
join:2006-05-05

Frodo to norwegian

Member

to norwegian
OS: XP
Primary Browser: Firefox
Extension: RequestPolicy
»addons.mozilla.org/en-us ··· tpolicy/

Only addon I've found so far that facilitates whitelisting 3rd party connections, similar to how NoScript allows scripting.

My policy is to not allow a connection to a 3rd party. I'd like to see an option in RequestPolicy to route 3rd party (cross domain) connections through a proxy or vpn, but I'll settle for what they got.

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member


Interesting.

I'm almost wondering on Firefox again, and If I do, that extension will be worth looking into.

Thanks
Frodo
join:2006-05-05

Frodo

Member

I kinda laugh at these people who say, "I'm not going to register with Facebook because I don't want them knowing my business".

There are a lot of 3rd party/cross domain requests to Facebook from a number of websites. And once your IP address is logged ... well, if that IP doesn't regularly change, then consider that IP address in and of itself as PII (Personally Identifiable Information). Forget about the cookies. DSL generally is pretty good, you disconnect and you get a new IP on reconnection. Cable, not so good, and Uverse, terrible. The IP address is pretty much what the cookie was in the dial-up era for many users. If your wan IP address isn't changing regularly, consider the IP address as PII and equivalent to the cookie.

So, I take pains to make sure my IP address doesn't make unnecessary connections to profilers.

-edit "... and equivalent to the cookie"

norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member

I love having a dynamic IP address with my ISP.

As per my post on facebook, it is now not possible to use facebook without those a.akamaihd.net connections, nothing loads to do anything, so there is no choice any more - very frustrating stuff really, I am happy using facebook's domain if I want to use it, but having to allow a third party as well just adds risks, but maybe I'm too paranoid and just need to give up facebook for the very little I do.

dandelion
MVM
join:2003-04-29
Germantown, TN

dandelion

MVM

said by norwegian:

As per my post on facebook, it is now not possible to use facebook without those a.akamaihd.net connections,

This is pretty irritating to me also. I allow facebook a one time session per noscript and now have to allow this akamai whatever which I am not fond on. Considering I only have an account to keep in touch with my kids I don't think I can delete facebook but wish there was a good alternative.

regulareader
@cox.net

regulareader

Anon

norwegian,

I don't have the problem that you're having, but something different IS happening with web pages and I think it's Java.

First of all I use Opera Browser version 11.64. Newer versions give my pc fits and I don't like some changes made in 12 though I don't recall now exactly what those changes were.

However, I like opera because you have a choice between global settings and individual site settings. I can totally shut off cookies globally, but enable them for a specific site if I so choose. I can also do the same with Java script.

What I'm noticing that's different these days is that even when I have global cookie settings off..accept NO cookies. AND I have the individual site settings set for no cookies, If I enable javascript for that site, a cookie will be set. It didn't used to be that way.

However, I DO use a Hosts file, have for years and will continue as long as it's effective.

I use Spyware blaster for all other browsers. It doesn't work for Opera nor is it needed.

Some of the browser add-ons like ghostery and some of the ad blockers work with Javascript so if you have javascript disabled globally (remember, I'm talking opera..not firefox et al.) the protection programs don't work! They depend on javascript to load and yet, most of the problem issues are the result of ...java script.

I also have a block content option which seems to work globally also. So, I can make custom block lists very easily. I just don't need a whole lot to keep the browser secure as it comes feature packed with options that I can choose from. The other browsers just don't do for me what *I* want done like this one does.

Rarely ever do I have problems with a site not wanting to work with this browser.

I do have an alternate Pale Moon browser but that thing is like a macaroni strainer by comparison. I rarely ever use it as I've had it for at least 6 months and used it twice and that was to render a couple of videos that were giving opera fits due to my tight security.

I can easily delete cache's, and can choose exactly which caches to clean. I am absolutely SPOILED by this browser and I don't want any other!

Finally, it holds my settings. Last time I used FF, it was still buggy about retaining my settings, and then you had to go through fits and dig deep to change it..sometimes it worked and sometimes it didn't. I have no confidence in it. And anything that phones home to google is verboden on my pc. I consider it a trojan, out it goes!

I don't think it's perfect and if it's not I haven't found the faults but that one teeny one, but it's sure satisfied me and that's not an easy thing to do. I'm a tough customer either free or paid..doesn't matter.

I also use Hostsmanager to take care of updating my Hosts file. You can choose which hosts you want..and even more than one because it will merge and optimize it, delete duplicate entries. you can get other ad prevention files too.

I like it that way because the less you have attached to your browser, the faster it works.

Ps..am using win7/ 64 home premium on an acer with amd dual processor, 320g hd, 3g ddr3. It's not a big machine and she flys for me!

The only 'live' av is win. defender, the others are on demand. My browsing habits are regular and I don't step into the dark side...pretty much go the same places & rarely does that include 'brand name' pages..ie fox, cnn, google, facebook (that's blocked) etc. When I do go those heavyweight with ads and most likely to be hacked or infected places, I don't end up with 3rd party cookies..or any cookies at all for that matter. And very few ads on the pages if at all.

Who do I have to thank for it all???? YOU fine folks and the wise counsel you gave me as a newbie at various security websites including this one. Some slight program changes as needed, but basically the same structure of layered security.


norwegian
Premium Member
join:2005-02-15
Outback

norwegian

Premium Member

said by regulareader :

I think it's Java.

Not for me, it was rarely used, and is uninstalled on all machines.
said by regulareader :

First of all I use Opera Browser version 11.64. Newer versions give my pc fits and I don't like some changes made in 12 though I don't recall now exactly what those changes were.

I was an avid Opera fan but more and more the browser was turned into a file share program, yuk.
12 had all sorts of file share crap turned on, sync with other users was introduced etc, and it all turned me off this browser, hence my trial of Chrome.
said by regulareader :

However, I like opera because you have a choice between global settings and individual site settings. I can totally shut off cookies globally, but enable them for a specific site if I so choose. I can also do the same with Java script.

It had more setting and configurations than any other browser, and it was and still is it's biggest plus, you can turn lots of items off or on.
said by regulareader :

What I'm noticing that's different these days is that even when I have global cookie settings off..accept NO cookies. AND I have the individual site settings set for no cookies, If I enable javascript for that site, a cookie will be set. It didn't used to be that way.

The behavior is changing and it seems to bypass settings, hence part of the question of this topic, I feel like I've missed a setting.
said by regulareader :

However, I DO use a Hosts file, have for years and will continue as long as it's effective.
I use Spyware blaster for all other browsers. It doesn't work for Opera nor is it needed.

These 2 tools are a great bonus for browsers. The hosts file though sometimes it is better to use eDexter, Hostsman Sever etc to help the processing of web pages, but I haven't utilized this type of program of late.
said by regulareader :

Some of the browser add-ons like ghostery and some of the ad blockers work with Javascript so if you have javascript disabled globally (remember, I'm talking opera..not firefox et al.) the protection programs don't work! They depend on javascript to load and yet, most of the problem issues are the result of ...java script.

And they have access to data, so there has to be some sort of trust there, and you hope it is an ethical program to run for it's protection. Remember the browser is the door that can and does bypass a lot of other protection put in place.
said by regulareader :

Who do I have to thank for it all???? YOU fine folks and the wise counsel you gave me as a newbie at various security websites including this one. Some slight program changes as needed, but basically the same structure of layered security.

Yes, I'd also have to say a big thank you to a lot of people who brought to my attention browser concerns. Once it was a firewall, now it seems more about the browser, and the more it is discussed, the better off we all are.

Thanks for your thoughts.