Normalizing that invasive tracking is opt out while making opt out of their shenanigans intentionally hard (manufest3)

Do Be Evil

Not hard; impossible. They gather data from non online services, app malware, logged out browsers, etc, etc. How do I opt those things out?

I’ve long thought we need a way to run sybil attacks against trackers, with the goal that all the numbers and statistics these things produce would be off by at least an order of magnitude (in both directions, at random).

Run Ad Nauseum instead of plain uBlock Origin. The websites get clicks on their ads, you still don't see any ads, and you poison your ad profile. Everybody wins.

Except you since that does not fix privacy concerns. And the website since the value per click/view gets lowered. And you again since the ad-companies will try to develop methods to discern what is a real click vs what is not and that makes privacy worse. And the advertiser since they won't know what ads are effective. And the ad-companies since they now need to spend time/money on fake clicks.

Oh wait, seems like nobody wins?

Google banned the extension since apparently they couldn't figure out a good way to discern what is a real click or not. Seems to be more effective than you would think.

If the value of a click goes to zero then does it make sense to show ads?

I never said it's easy for them to do it, I said "ad-companies will try to develop methods to discern what is a real click vs what is not and that makes privacy worse".

I'd much rather make the people who do not want ads block them entirely than creating artificial garbage clicks, especially since those still send data to the major data-collectors.

I think all of the wins in your scenario are short-term only.

What is the end game in your passive movement? You just die before it gets to that point?

There is no end game where they don't implement every feature you're worried about unless it's not profitable before they go out of business.

At one point I made a simple extension that maliciously edited Google and Adobe Analytics tracking requests, alongside setting the DNT header. Junk data (especially page names slightly off, etc) is infuriating for analytics users. If enough people had a “respect my DNT header or deal with it” extension I think DNT would have succeeded.

Working at the time in the web analytics field I never released it.

This is just a way for Google to go "See! They aren't using the add-on. They are giving us consent to sell their data!"

Relevant: RFC 35140: The Do-Not-Stab flag in the HTTP Header

https://www.5snb.club/posts/2023/do-not-stab/

Google, and so many others, failed to do the logical check: If this was off by default, would users enable it? If not, then it doesn't need to be a feature.

If the domain wasn't google.com, this would look like a fairly sketchy click. At least for Firefox, this isn't a link to an add-on, rather it's a download. While I understand that no everything in addons.mozilla.org is to be trusted, I don't think it's a good idea to train people to install random things they download from weird looking random pages online.

> Google, and so many others, failed to do the logical check: If this was off by default, would users enable it? If not, then it doesn't need to be a feature.

You fundamentally misunderstand the forces at play if you think this is a failure on their part. They are incentivized financially to be user hostile. There is no magical moral compass embedded within the market that rewards those who make product decisions based on what people want, or what's good for them. They're an ads and tracking company. Approximately nobody would opt-in to their dragnet. Their whole operation is using free services as bait to track and manipulate as many aspects of human life as possible. There is no meeting where someone internally might say "hey, what do you think the user wants, what's best for them?" It's "we want the users to feel/do X, how do we get them there?"

> You fundamentally misunderstand the forces at play

Sadly I do understand, I just don't want to.

Also Google:

Would you like to open this link in your phone’s default browser or download Chrome?

Yes/Download/Ask me again every time

More like “paid 20bn to ignore that logical check”: https://untested.sonnet.io/notes/defaults-matter-dont-assume...

That logical check only makes sense if you assume that the users of Google analytics are people visiting websites. But that’s obviously not the case here Google Analytics is added a website by whoever runs that website, and they very much did enable it.

Wouldn't using Pi-hole or Adguard work in this case without the need to install a browser extension? These solutions are also more comprehensive because they block Google Analytics for all devices throughout a network.

Mostly. I run a pihole and it blocks most traffic, but of course it depends on updates to the denylist to keep up to date on what to block. uBlock helps here, but uBlock doesn't run in chrome now.

Previous discussions:

24-sept-2023 https://news.ycombinator.com/item?id=37636447 34 comments

16-dec-2020 https://news.ycombinator.com/item?id=25439834 172 comments

25-mar-2019 https://news.ycombinator.com/item?id=19479809 41 comments

Does this prevent Google Analytics from working, or does it tell Google that you don't want Google Analytics. There's a difference.

Most sites work with googletagmanager.com blocked. Privacy Badger will block it if you ask, although it gives you a warning that some sites may break. Generally not ones you really need.

It does

    (function() {
        var a = document.createElement("script");
        a.type = "text/javascript";
        a.id = "__gaOptOutExtension";
        a.innerText = 'window["_gaUserPrefs"] = { ioo : function() { return true; } }';
        document.documentElement.insertBefore(a, document.documentElement.firstChild);
    })()

here

    "matches": [
      "http://*/*",
      "https://*/*"
    ]

Thanks for checking! Stealing this and adding it to my global userscript, just in case ublock doesn't catch the download.

Unless I’m misreading the code, it looks like it’s running GA, but giving it an opt-out signal to harvest.

It's not, It's adding a global variable called _gaUserPrefs to every site. If the actual GA script is loaded it would look for this as the opt-out signal.

Of course any other tracking (or GA tracking) could use this as a part of fingerprinting.

Ah. So there is a "trust us" aspect to this.

Yes, if you use googles products to block googles products you have to trust google.

My main point is that the extension itself does not load GA, which the parent seemed to say. It can also be used for other fingerprinting since it is a variable accessible by other scripts.

We already have uBlock origin for this.

Is uBlock working with the latest Chrome version? Mine got disabled automatically, and I had tonmove to uBlock lite

Why not switch to another browser instead that doesn't violate your privacy?

Firefox has been my main driver for many years, but I still have to use Chrome from time to time

I'm using Brave for those occasions

you could simply enable it back.

no you can't. and even if you keep it, it's not going to run.

for a limited time.

Just a reminder that extensions can be used to fingerprint your browser, so installing this makes you more unique and easier to track. It is recommended to keep browser extensions to a minimum.

uBlock Origin, as well as many other ad blockers, can already do this making this extension redundant.

I had this when it was called UBO.

I think that is a 20 year old page and I would test to see if it actually works.

Eero just blocks the domains afaik.

I thought so too because the design is very old but the addon actually uses Manifest v3 which is new. So it's still maintained.

Does anybody know how this compares with other "similar" privacy extensions?

This just opts you out of GA. There are a million other scripts running on most websites, like Adobe Analytics, Meta Pixel, Microsoft Clarity, etc.

I'm going to assume this is a way for Google to track you in every other way except via Analytics.

"Hide your evil"

Opt-out add-on Makes me say, f** you

so their Add-on will keep track of you instead and do a better job at it

The Do-not-track setting (header) was just too darn inconvenient to use /s

Don’t you mean RFC-35140?

https://www.5snb.club/posts/2023/do-not-stab/

Wow that was great. Thanks.