The latest ad tracking tricks and what to do about them
False Alarm
Strangely enough, the very popular free content management system WordPress introduced mechanisms in Version 4.2 that trigger false alarms in both the Tor browser and CanvasBlocker: The built-in emojis are to blame for this problem [6]. WordPress bundles the corresponding JavaScript code into a canvas element in the header of the web page without asking the user, so that the tracking tools trigger an alarm.
The WordPress CMS integrates this code into the header of the delivered pages, even if no emojis are used on the relevant website. To remove the typically unneeded canvas element from the header and maintain clean code, plugins such as Disable Emojis [7] are now available to WordPress developers.
FireGloves
Because canvas elements and Evercookies are based on JavaScript, you can disable these pests by simply disabling JavaScript. Disabling JavaScript requires only one quick change in the browser's onboard toolkit, but removing JavaScript means many websites are no longer correctly rendered and functions and input are no longer possible. A better option is the Firefox FireGloves extension, which outmaneuvers any canvas fingerprinting detection mechanisms.
FireGloves is available in the official Mozilla add-on repository, but you can download it from an external website [8]. The XPI file of the extension is then installed via the Install addon from file… dialog in Firefox. Open the Add-on Manager and click the wrench icon at the top right of the window. After the installation, set up the add-on via the settings.
To make canvas fingerprints useless, the extension does not simply block all the canvas elements, but rather returns incorrect values for the browser and system parameters to the tracker. FireGloves randomly generates and updates incorrect parameters on a regular basis, and fingerprinting draws a blank.
However problems with displaying pages in the browser can occur when using FireGloves. For example, depending on which parameters the add-on uses, texts can appear in unusual fonts. In such cases, a simple mouse click on the FireGloves icon top right in the Firefox address bar usually does the trick. The extension creates new parameters and thus modifies the appearance of the web page.
FireGloves summarizes some important web browser security settings in a simple options menu. You can access the dialog by right clicking on the blue Info icon next to the FireGloves glove in the Firefox address bar and selecting Open preferences. Alternatively, go to the browser's add-on list via the Settings button and look for the FireGloves line.
In the Options window, you will find three tabs where you can configure the desired settings. The first tab only enables the add-on on launching Firefox. In the second tab, Cloak settings, you can determine in detail what data you want FireGloves to deliver about your browser, your system, and ultimately, about you. This includes the option of enabling random mode, which randomly selects the parameters and thus optimally camouflages the system.
The third candidate, Firefox privacy settings, groups a number settings otherwise found in different dialogs in Firefox. In this way, you can easily harden your system, and without complicated searching in various option dialogs (Figure 2).
Second Line of Defense
Simple add-ons are not enough to render Evercookies completely harmless. The problem is that Evercookies sometimes use technologies such as Flash and Silverlight that work regardless of Firefox.
On Linux, however, you can rely on a tool like Bleachbit [9] to clean up the individual Evercookies locations after every session, without having to painstakingly configure a variety of add-ons. Bleachbit is available from the repositories of all popular distributions and is easily installed using your distro's package manager.
Bleachbit automatically determines at startup, which applications are available on your system and displays a list of contents to be deleted in the left pane of its program window. Check the buttons to the left of each entry in order to remove an item. Help for the individual deleted options is shown on the right side of the program window; you thus know at a glance whether or not it is a good idea to switch certain options (Figure 3).
To delete the Evercookies storage locations, it is a good idea to use Bleachbit's Firefox-specific options to clean up the Profile data (Cookies), the DOM memoryr, the Address history, and the Cache. Additionally, you will also want to delete all Flash content to eradicate the infamous LSO cookies.
You can also use the Ghostery [10] Firefox add-on, which primarily blocks web pixels that also spy on a user's surfing behavior, to delete Flash and Silverlight cookies. See the configuration options in the Advanced tab (Figure 4).
Ideally, you would then do without the critical Flash and Silverlight plugins in the future and surf the web with a "clean" browser.
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.
-
AlmaLinux OS Kitten 10 Gives Power Users a Sneak Preview
If you're looking to kick the tires of AlmaLinux's upstream version, the developers have a purrfect solution.
-
Gnome 47.1 Released with a Few Fixes
The latest release of the Gnome desktop is all about fixing a few nagging issues and not about bringing new features into the mix.