The latest ad tracking tricks and what to do about them
False Alarm
Strangely enough, the very popular free content management system WordPress introduced mechanisms in Version 4.2 that trigger false alarms in both the Tor browser and CanvasBlocker: The built-in emojis are to blame for this problem [6]. WordPress bundles the corresponding JavaScript code into a canvas element in the header of the web page without asking the user, so that the tracking tools trigger an alarm.
The WordPress CMS integrates this code into the header of the delivered pages, even if no emojis are used on the relevant website. To remove the typically unneeded canvas element from the header and maintain clean code, plugins such as Disable Emojis [7] are now available to WordPress developers.
FireGloves
Because canvas elements and Evercookies are based on JavaScript, you can disable these pests by simply disabling JavaScript. Disabling JavaScript requires only one quick change in the browser's onboard toolkit, but removing JavaScript means many websites are no longer correctly rendered and functions and input are no longer possible. A better option is the Firefox FireGloves extension, which outmaneuvers any canvas fingerprinting detection mechanisms.
FireGloves is available in the official Mozilla add-on repository, but you can download it from an external website [8]. The XPI file of the extension is then installed via the Install addon from file… dialog in Firefox. Open the Add-on Manager and click the wrench icon at the top right of the window. After the installation, set up the add-on via the settings.
To make canvas fingerprints useless, the extension does not simply block all the canvas elements, but rather returns incorrect values for the browser and system parameters to the tracker. FireGloves randomly generates and updates incorrect parameters on a regular basis, and fingerprinting draws a blank.
However problems with displaying pages in the browser can occur when using FireGloves. For example, depending on which parameters the add-on uses, texts can appear in unusual fonts. In such cases, a simple mouse click on the FireGloves icon top right in the Firefox address bar usually does the trick. The extension creates new parameters and thus modifies the appearance of the web page.
FireGloves summarizes some important web browser security settings in a simple options menu. You can access the dialog by right clicking on the blue Info icon next to the FireGloves glove in the Firefox address bar and selecting Open preferences. Alternatively, go to the browser's add-on list via the Settings button and look for the FireGloves line.
In the Options window, you will find three tabs where you can configure the desired settings. The first tab only enables the add-on on launching Firefox. In the second tab, Cloak settings, you can determine in detail what data you want FireGloves to deliver about your browser, your system, and ultimately, about you. This includes the option of enabling random mode, which randomly selects the parameters and thus optimally camouflages the system.
The third candidate, Firefox privacy settings, groups a number settings otherwise found in different dialogs in Firefox. In this way, you can easily harden your system, and without complicated searching in various option dialogs (Figure 2).
Second Line of Defense
Simple add-ons are not enough to render Evercookies completely harmless. The problem is that Evercookies sometimes use technologies such as Flash and Silverlight that work regardless of Firefox.
On Linux, however, you can rely on a tool like Bleachbit [9] to clean up the individual Evercookies locations after every session, without having to painstakingly configure a variety of add-ons. Bleachbit is available from the repositories of all popular distributions and is easily installed using your distro's package manager.
Bleachbit automatically determines at startup, which applications are available on your system and displays a list of contents to be deleted in the left pane of its program window. Check the buttons to the left of each entry in order to remove an item. Help for the individual deleted options is shown on the right side of the program window; you thus know at a glance whether or not it is a good idea to switch certain options (Figure 3).
To delete the Evercookies storage locations, it is a good idea to use Bleachbit's Firefox-specific options to clean up the Profile data (Cookies), the DOM memoryr, the Address history, and the Cache. Additionally, you will also want to delete all Flash content to eradicate the infamous LSO cookies.
You can also use the Ghostery [10] Firefox add-on, which primarily blocks web pixels that also spy on a user's surfing behavior, to delete Flash and Silverlight cookies. See the configuration options in the Advanced tab (Figure 4).
Ideally, you would then do without the critical Flash and Silverlight plugins in the future and surf the web with a "clean" browser.
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
LibreOffice 7.5 has Arrived and is Loaded with New Features and Improvements
The favorite office suite of the Linux community has a new release that includes some visual refreshing and new features across all modules.
-
The Next Major Release of Elementary OS Has Arrived
It's been over a year since the developers of elementary OS released version 6.1 (Jólnir) but they've finally made their latest release (Horus) available with a renewed focus on the user.
-
KDE Plasma 5.27 Beta Is Ready for Testing
The latest beta iteration of the KDE Plasma desktop is now available and includes some important additions and fixes.
-
Netrunner OS 23 Is Now Available
The latest version of this Linux distribution is now based on Debian Bullseye and is ready for installation and finally hits the KDE 5.20 branch of the desktop.
-
New Linux Distribution Built for Gamers
With a Gnome desktop that offers different layouts and a custom kernel, PikaOS is a great option for gamers of all types.
-
System76 Beefs Up Popular Pangolin Laptop
The darling of open-source-powered laptops and desktops will soon drop a new AMD Ryzen 7-powered version of their popular Pangolin laptop.
-
Nobara Project Is a Modified Version of Fedora with User-Friendly Fixes
If you're looking for a version of Fedora that includes third-party and proprietary packages, look no further than the Nobara Project.
-
Gnome 44 Now Has a Release Date
Gnome 44 will be officially released on March 22, 2023.
-
Nitrux 2.6 Available with Kernel 6.1 and a Major Change
The developers of Nitrux have officially released version 2.6 of their Linux distribution with plenty of new features to excite users.
-
Vanilla OS Initial Release Is Now Available
A stock GNOME experience with on-demand immutability finally sees its first production release.