Please do yourself a favor and quit using Bing, Yahoo, Google, and AOL.

LOL!

I see a lot of Google, Bing, Yahoo, and AOL search users. When I log on to my WordPress account, I see things about you (yes, you) that I shouldn’t know, because your search engine is telling me.

They spy on you. They have a history of turning over the information they save about you to marketers, profilers, advertisers, and law enforcement without a warrant. You really don’t want them saving information on what you searched for and what you clicked on and associating it with your Internet Protocol address (or even worse, your Google Account if you have logged in.). This information is ripe for abuse.

What’s worse is that most of your searches go out unencrypted, in plain view (although Firefox 14 fixed this problem, at least with Google), which makes your searches plainly visible to your ISP and subject to alteration/censorship at your ISP’s level. This is one reason why you should install HTTPS Everywhere.

I deleted Bing, Yahoo, Amazon, Twitter, and EBay out of my Firefox search list a while back and added IxQuick, Startpage, and DuckDuckGo instead. (I left Google in there but moved it to the bottom of the list.)

None of these three record any information about you.

Startpage is a subsidiary of IxQuick, and it gives Google results to you behind their proxy, which keeps Google from knowing who is doing the searching. IxQuick is a metasearch engine with the same privacy policy. DuckDuckGo can be useful, they have their own unique features (like Zero Click boxes) and search index.

Each one of them has a link to add their search engine to your browser, it’s really easy to do, and the only thing you’ll miss is your current search engine spying on you/”bubbling” you.

See more about how most search engines “track” and “bubble” you at these sites created by DuckDuckGo: http://donttrack.us/  and http://dontbubble.us/ (Startpage, IxQuick, and DuckDuckGo don’t track or bubble you.)

One last note for AOL and Yahoo users: Yahoo is just Bing with another layer of privacy issues and AOL Search is just Google with another layer of privacy issues. In fact, AOL once publicly released a bunch of personally-identifiable (but somewhat obscured) information that they had stored about user searches.  That link I added takes you to a searchable database of all that information that AOL collected about those people. Much attention was paid to a User 927, who searched for things like “skin mold”, “tranny bondage”, and how to make sangria.

The Wikipedia article about the AOL search data leak has this to say about the now-infamous User 927:

User 927

One product of the AOL scandal was the proliferation of blog entries examining the exposed data. Certain users’ search logs were identified as humorous, disturbing, or even dangerous.

Consumer watchdog website The Consumerist posted a blog entry by editor Ben Popken identifying the anonymous user number 927as having an especially bizarre and macabre search history. The blog posting has since been viewed nearly 4,000 times and referenced on a number of other high-profile sites.In addition to sparking the interest of the Internet community, User 927 inspired a theatrical production, written by Katharine Clark Gray in Philadelphia. The play, also named User 927, has since been cited on several of the same blogs that originally discovered the real user’s existence.As time has passed, more artistic renderings of individual user logs have appeared. A series of movies on the web site Minimovies.org called “I Love Alaska” puts to voice and imagery to user 711391which the authors have labeled as “an episodic documentary”.

Don’t be a user 927, ditch your current search engine in favor of one that isn’t spying on you and install HTTPS Everywhere today.

Firefox 14 brings 14 security fixes

Firefox 14 is out *yawn*

Other than 14 security issues fixed, there’s not much going on here, folks.

https://www.mozilla.org/security/known-vulnerabilities/firefox.html

They’ve got 5 critical, 4 high, and 5 moderate severity issues patched. As is usual lately, many of them were actually fixed by Google for Chromium and got merged into Firefox. (They both use many of the same Free/Open Source libraries.)
Elsewhere, we see that there’s some progress with memshrink.

https://blog.mozilla.org/nnethercote/2012/06/27/memshrink-progress-week-53-54/

https://blog.mozilla.org/nnethercote/2012/06/15/memshrinks-1st-birthday/

http://blog.mozilla.org/nnethercote/2012/06/13/memshrink-progress-week-51-52/

https://blog.mozilla.org/nnethercote/2012/05/30/memshrink-progress-week-49-50/
These aren’t as easy to sort, due to the ongoing nature of the memshrink project. Some users who have been using older Firefox versions have seen improvements in memory usage because Mozilla has been leaning on extension developers to fix broken extensions that use memory stupidly. These tend to be proprietary extensions from big companies that are not known for quality software design. (McAfee and Microsoft are big offenders) If you do have crappy extensions like these, get rid of them.

This problem mainly affects Windows users because you guys tend to have Firefox extensions installed in “drive-by incidents” when you install unrelated software or when Microsoft feels like taking a shit all over your browser. Take a minute to look through your add-ons and make sure that you are only using ones you actually want. There are uninstall and disable buttons for the rest. The problems that incompetent extensions create tend to be blamed on Firefox even though Mozilla has nothing to do with them.  Alternatively, you can just get rid of Windows and install something like Kubuntu where this stuff never happens.

Moving on, we bust out the magnifying glass and see what new features we have.

I only noticed two that were worth mentioning.

1. There’s a click to load plug-ins feature now. It is off by default and hidden under about:config. It breaks a few sites, but this sort of thing is badly needed, as plug-ins like Adobe Trash tend to be 99% obnoxious and 1% useful.

2. The HTTP Pipelining system seems to have been reworked, that too is under about:config and off by default.
Ho hum…

Will someone at Crapital One please get their #%@$ together?

Capital One’s banking website is by far, the worst I’ve EVER seen.

Opera gives you a security warning that the site doesn’t support secure TLS renegotiations, and you should contact the site owner to upgrade their server.

When I went to check what server they were running, it turned out to be Windows Server with IIS behind some Linux-based caching servers. *UGH!*

Their No Hassle Rewards site doesn’t even load in any browser that is not running on Windows. I’ve tried everything. (Including Firefox, Opera, Chrome, Rekonq, and even for kicks, Konqueror)

It just doesn’t work without Windows. 

I ended up calling their tech support hotline, and they told me to have the Geek Squad look at my computer. I shit you not! (Not only is the Geek Squad’s sole purpose to rip Windows users off by charging them $200 for Norton Antivirus and a file system defrag, Best Buy recently fired most of them as it goes belly up because of their overall price gouging. I doubt they know anything about my Kubuntu system, at all.)

In the end, the only way I could end up getting my cashback rewards was to set up auto redemption at every $25.

Capital One’s tech support has people that are so stupid, they should be in the Tea Party.

A trip to the meme generator gives me this to close on….

Vista 8: Now with 500% more Microsoft spyware.

With Vista 8 it’s all about SUCKERS, SUCKERS, SUCKERS!!!!

For kicks, I loaded up the Windows 8 “Consumer Preview” in VirtualBox.

I was expecting the usual. More crap that nobody asked for. More anti-competitive Microsoft tie-ins. More lock-in with Microsoft services. More EULA mess. More spyware. I found pretty much all of this.

The setup process was much like Windows 7 up to a point, except there are now three entire pages full of toggle switches where the user must agree to sacrifice their privacy to use Windows 8 fully, in addition to a EULA written in legalese that goes on forever, which nobody who isn’t a lawyer will fully understand. If they don’t, then there will be huge swaths of missing features. (And since it is proprietary software, you absolutely cannot trust anything it says or does, so the choice is misleading anyway.)

As Dr. Richard Stallman has said, Windows is malicious software. Their privacy policies open up the user to all kinds of abuse for simply agreeing with the EULAs (which are mandatory if you wish to use Windows), and in the EULA you agree that Microsoft can slip in updates or change the EULA at any point in the future. So, if there is something malicious that Windows currently does not do, then it would be very easy for them to slip that into an update and push it out tomorrow.

They’ve done this sort of thing before, countless times. Anyone remember how “Windows Genuine Annoyance” wasn’t originally part of Windows XP?

Anyone remember when Windows XP and Vista would simply lock you out of your computer and forbid you access to anything even if the software was legally licensed and Microsoft just happened to screw up?

Idiot Exploiter being in Windows 98 without an uninstaller got Microsoft some DOJ attention, but it’s literally EVERYWHERE in Windows 8, and it’s more malicious than ever.

Here’s what you agree to send to Microsoft now to get a fully functional copy of Windows 8 if you take the default settings (Some of these have been a requirement of various Microsoft apps and Windows in the past, some are new. This is in addition to anything mandated by their EULA, so you can’t opt out of all of it even if you tried):

Every site you visit in Internet Explorer.

Everything you download with Internet Explorer.

Every URL you click on in an application from the Windows store, regardless what browser it opens in.

Every web resource that an application loads.

Every application you have installed on your computer, regardless of where it came from.

Your EXACT location. (Via IP geolocation or GPS coordinates.) when you use an app that uses this feature. Note: GPS coordinates are accurate to within a few inches.

Crash data for any application that has a problem, including a memory dump. (Those can include personal information like passwords, site login data, your bank account information, truly any information the app had in memory when it crashed.)

Which parts of Windows Help you have read, and what URLs you clicked on in that.

You agree that they can force application updates on you, silently, even to install malicious features,even if you didn’t want the update.

You agree that they can update Windows, including for the purpose of stuffing in more malicious features, even if you didn’t want the update.

Applications can use your name, account picture, location data, and various Windows Live features, as you.

Perhaps most disturbing at all, the Windows Store and many of the applications that come with Windows that can’t be removed, like their messenger program that censors its users and spies on what they say, require you to sign up with a Microsoft Account (which is, I guess what they’re calling Passport these days), and to fully utilize the software store, you have to link a major credit card/debit card to your account and agree to anything Microsoft or apps you use try to charge to it.

You agree in the EULA that Windows can update things like their Windows Media Digital Restrictions Malware and you won’t try to stop it.

The US DMCA makes it illegal to try to break their Digital Restrictions Malware, even if it’s because it fucked up and you’re just trying to use the content you “bought”. Or because Microsoft’s latest DRM’d music store flops and they take down their license renewal server. Happens.

If you use any of Microsoft’s “Cloud” features, you agree explicitly that they can share your information with advertisers or the federal, state, or local government units with or without a valid search warrant, and you also agree that you hold Microsoft harmless if they fuck up and delete your data. So don’t upload anything expecting to ever get it back out. But, these are problems with most cloud services, which is why you shouldn’t use them.

We live in an age where the government doesn’t even need warrants because people tell them everything they want to know, willingly. How many criminal cases has the government been able to make out of data that Microsoft, Amazon, Google, and Facebook have turned over? We might never know.

These reasons, and many more are why it’s time to consider making the move to Free and Open Source software. There’s no 20 page EULAs, no “activation”, no spyware, fewer headaches, and no bullshit.

Big companies have proven time and time again that they are not to be trusted with your information. Why do people agree to give them more and more of it all the time in light of this abuse?

If you need a starting point in learning about Free and Open Source software, what it is, and more reasons you should be replacing your proprietary software with it, here’s some places to read up about it.

https://en.wikipedia.org/wiki/Free_and_open_source_software

https://en.wikipedia.org/wiki/List_of_free_and_open_source_software_packages

https://www.gnu.org/philosophy/free-sw.html

http://www.opensource.org/osd.html

In short, there’s probably a suitable free and open source replacement for almost everything you use, even for operating systems such as Ubuntu and Fedora, office suites such as LibreOffice and Caligra Suite, even replacements for Photoshop, like The Gimp. Of course that’s just naming a few.

Look Daddy, I’m feeding your credit card to the ponies! OM NOM NOM NOM!!!!

Switch now, and you will not only have the peace of mind that nobody is using your computer against you or effectively leasing your own computer out to you, or using your software to censor or spy on you, but also that they can’t rack up fraudulent credit card transactions from an app that is targeted to your children which sells them pretend apples and hay to feed imaginary animals with.

One Apple customer was recently in the news, horrified, that his seven year old daughter managed to rack up the equivalent of about $350 US dollars to his credit card, which Apple simply allowed to go through. If you think Microsoft will be treating customers any better, I would suggest that you’re in for a painful life lesson.

One more disturbing trend….

Each version of Windows comes in yet more “editions”. “Edition” is just a nice way of saying they cripple it a bit more and a bit more to segment the market and create price points. This is something else you never see in Free and Open Source Software, because it would be pointless. Nevertheless, Microsoft has decided that Windows 8 will not play a DVD or Blu Ray without the “Media Pack”, which will be an additional fee.

How much? They declined to say. For reference, adding DVD playback to Windows Media Player in Windows XP cost $25, and adding Blu Ray support to Windows has typically meant a MONTHLY RECURRING SUBSCRIPTION fee because it requires downloading the new content restriction keys every month, so if you stop paying, your discs stop playing. Isn’t that cute?

Benjamin Mako Hill wrote about this deliberate software crippling in an essay about Windows NT 4. He called the disabled features anti-features. The point he made, quite concisely, was that if you pay Microsoft for anything other than the most expensive version, you’re literally paying them to remove features from your software. He also made a list with more examples of products with antifeatures.

There’s much more detail I could go into, but this is yet another wake up call that you deserve Freedom, and Free Software gives you the Freedom you deserve. The Free Software Foundation defines “Free” (as in freedom!) Software as giving the user these four freedoms.

• The freedom to run the program, for any purpose (freedom 0).
• The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
• The freedom to redistribute copies so you can help your neighbor (freedom 2).
• The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.

In short, you are free to study, modify, redistribute, and use the software, for any purpose, and you are never “under surveillance” by it or unable to help your friend by sharing the software with him or her.

Microsoft and Apple both have something in common; they try to make the user overlook all of the things they have to sacrifice just to use their software, by making it pretty on the surface. That pretty surface is only skin deep, and underneath it, the internals of the system are as bug-ridden and as DRM-encumbered as ever. Just because you paid for a license doesn’t mean they can’t come back later and terminate it, for any or for no reason, without a refund.

What’s most disturbing, above and beyond anything else I’ve talked about, is when the software is so tied to the hardware that the hardware is useless without their software (such as Windows on ARM or the iPad). What do you do if they throw you out? I guess you have a really expensive door stop. (Did someone say, Plasma Active? Yes, you should use Plasma Active.)

Windows 8 gives you a choice. You can keep surrendering more of your freedom to Microsoft and other malicious software companies every year, or you can get off their slippery slope right now.

Google is being sued by some idiot using Safari on a Mac. US Congress critters investigate.

I noticed this yesterday and decided to comment.

There’s a big stink going on right now. Someone found out that Google was setting “third party cookies” (for their advertising servers) in Apple’s Safari browser, which defaults to not loading third party cookies (which I’ll get to in a moment).

Now it appears that someone using Safari on a Mac that expected privacy somehow, is suing Google. (The PC World article on the first link has a more accurate technical description of what’s going on)

In short, someone found a bug in Safari, and now Google is being sued and is under investigation by Congress. We know how much Congress can be expected to know about the internet based on their hilarious to horrifying attempts to regulate it as many of them uttered things like “I don’t know how this here internet thing works, but they tell me….” or the late Senator Ted Steven’s infamous “series of tubes” comment. To say nothing of the fact that Congress flip flops between mandatory tracking for all and bullshit “consumer privacy concerns” such as this one. (For those concerned with the former, the bill is called HR 1981, but a more fitting name would be HR 1984)

If this was a bug in Firefox, it would be fixed. If it was a bug in Chrome, it would be fixed.

Somehow, Microsoft and Apple users seem to think they can use proprietary secret software when they’re not allowed to know how it works and have privacy at the same time. Software which has a history of many bugs,  with vendors that typically take weeks/months/years to patch them once they’re made public. These companies also slip back doors into the software for various government agencies.

Apple was recently caught with a back door that they put into iTunes, it remained there for 3 years, undetected, which facilitated man in the middle attacks. (A government could use this to run a counterfeit iTunes server and load malicious software onto the victim’s computer. The article calls it a flaw, but we know what was really going on, and that it was likely just moved.).

There’s no way you can trust Microsoft or Apple’s software to protect your privacy. Anyone who has actually read the EULA for Windows (especially XP, Vista, and 7) should know that there are at least several dozen Windows components that phone home to Microsoft with your personal information. Most do it over an encrypted connection so that the user has a very hard time telling what is actually being sent to them. Apple isn’t any better.

Let’s get back to cookie controls. They’re a red herring. They’re totally bogus. They don’t do anything for you. Every browser has them, even Internet Explorer 6. They don’t do anything to protect you because cookies are passe. Tracking and spyware sites have developed data mining techniques that work well even if the user clears every cookie they ever set.

One method is to associate IP addresses with log ins. Facebook, Google, and Microsoft all do that. Even after you log out, it’s possible for them to track you personally. There’s other methods. Browsers like Firefox and Chrome are just now starting to implement watered down privacy controls for Adobe’s Flash software (which is proprietary software and a frequent cause of cross platform/cross browser security problems).

Flash has “supercookies”, or what is more technically known as Local Storage Objects. Flash LSO’s can be up to 150 KB (which is 37.5 times larger than a cookie), a site can store as many as they want on your computer (just like a cookie), and (unlike cookies), most browsers do very little to nothing about them. Silverlight has something similar, users of Windows where Silverlight is sneaked over the fence by Windows Update should take notice of that.

The take home message here is that it was ludicrous for this guy to expect any kind of enhanced privacy just because Safari has some lame cookie controls which are a piss poor clone of something Mozilla introduced well over 10 years ago. I really doubt that will stop this frivolous lawsuit, and I fully expect the anti-Google interests called Microsoft and Apple to play this up for all the drama it’s worth.

Microsoft hired the scumbags over at  Waggener Edstrom a while back to launch a smear campaign against Google, and Microsoft is already jumping on this Safari problem like a dog in heat. (I won’t link since I can’t seem to find an article that is telling people the truth about where the anti-Google smear is coming from. Waggener Edstrom specializes in astroturfing and attack ads. They’ve worked for companies like BP and Walmart, and for many a corrupt politician. (When you see that disgusting outrageous pants-on-fire “GMail Man” attack ad, that’s who made it).

If you’d like to know more about these people, Techrights has occasionally blogged about what they’re up to and who they work for.

So now that we’ve covered the facts about Microsoft and Apple, IE and Safari’s lack of real privacy controls, and why cookie controls do nothing.

There’s a number of things you CAN do to really prevent or limit how sites track you. Here’s some suggestions.

Firefox users can use Adblock Plus (just remember to opt out of the “acceptable ads nonsense). Delete Easylist’s filter subscription, and add these instead.

Better yet, use Chrome/Chromium with Chrome Adblock, remove Easylist, and use these instead. (Chrome Adblock is better than Adblock Plus for Chrome, the two are unrelated)

Firefox or Chrome 17+ users can install HTTPS Everywhere (The Chrome version is an alpha for the time being, but it does work)

Opera users can use Opera’s content blocker to block advertising and stat/tracking sites. Pre-made lists here. Remember to manually update them now and then or skip the process and let Opera Adblock do the same thing for you if you have Opera 11 or later.

Firefox and Chrome can also block Flash applets from automatically loading, saving you bandwidth and making flash applets that track you or load malicious software less effective. Firefox has Flashblock, Chrome users can enable the Click to Load option in the advanced settings for plug-ins.

Weaker protection for users who insist on inferior browsers with government spyware built in.

Internet Explorer 9 supports “tracking protection lists”, which are a small/watered down subset of true content blocking. Pre-made TPLs for IE here.

Safari users can use Safari Adblock, it’s from the same guy that made Chrome adblock. I’ve never used that one, but if it comes with Easylist, rip it out and add these.

The bottom line is that the only way to protect yourself from tracking servers is to not connect to or run applets from them to begin with.

Trueblock Plus gives users Adblock Plus without the “Acceptable Ad$”

Just a quick note.

I was (and still am) outraged that Wladimir Palant sneaked into people’s browser preferences and turned on some ads for big companies and parking page parasites that were paying him the big bucks.

There’s now another option; a fork of Adblock Plus called Trueblock Plus. It is derived from Adblock Plus code and is under the same Mozilla Public License as Adblock Plus. Both are free and open source software.

The freedoms that make up “free software” include using the software for any purpose and being able to modify, improve, and redistribute it. In other words, the freedom to “fork” if the upstream dies off, becomes unresponsive to new features that people want, or in the case of Adblock Plus, start to add malicious features that nobody really asked for. (Or for any other reason.)

Right now, the only real modifications to Trueblock Plus are to re-brand it (The name and logos that Adblock Plus uses are trade marks, and are not covered by the free software license of the source code) and to turn off that annoying “Acceptable Ads” antifeature that Wladimir Palant cooked up.

There are also some rough edges in Trueblock Plus. The author of the fork notes that there’s going to have to be some more purging of Adblock Plus branding before Trueblock Plus can progress beyond “preliminary review” status at Mozilla Add-Ons.  For example, the Contribute button still links to Adblock Plus’s website. I’m not sure if that’s intentional or not but it says “Contribute to Trueblock Plus”, so I am thinking he may have just searched for and renamed each occurrence of Adblock Plus.

The other problem is that the “Acceptable Ads” code is still there, just disabled by default. Since this code is hardly vital to the operation of the extension, it might be better if Trueblock Plus were to simply revert the commit that added it in the first place. More code in a program means more potential for bugs and security issues, plus the only reason it’s there is so Wladimir Palant can make money by allowing spyware and tracking garbage through by silently switching it on without the user’s consent upon “upgrading” to Adblock Plus 2.0 or later. It is doubtful that any user would opt into something that directly counters the problem that led them to install the software in the first place.

Users who pay attention can still uncheck Wladimir’s Acceptable Ad$ , but he even admits on his website that he’s banking on people not doing that since most people don’t like to tinker and may not even notice what has changed that is allowing ads to get through.

If you have less computer literate friends or relatives, or if you personally don’t want any more nasty surprises from Mr. Palant, then Trueblock Plus might be the way to go.

Homepage

Mozilla Add-Ons site (I always recommend installing add-ons from here in every possible case.) Install for Firefox. / Install for Seamonkey

Microsoft to auto-destroy many copies of Windows with IE “upgrade”

U INFECTED BRO?

Today on The Heise Online, they mention that Microsoft is set to automatically download and install the latest version of Internet Explorer that manages to run on the particular Windows version installed. Since XP is the oldest thing they support, those users will get the obsolete Internet Explorer 8 browser, and Windows 7 users will no doubt get IE 9, which is only barely an improvement over IE 8.

I have no idea how they plan on updating Windows Vista users, but that will no doubt be another surprise for anyone foolish enough to actually be using it. There is IE 9 support for Vista (Which is where they will cut off support), but to get it you need a humongous “platform update” full of select backported crap from Windows 7.

Regardless of what version of Windows the user has, an Internet Explorer update is always dangerous since Microsoft continues to claim it is a system component and not a web browser. It means that at best, you need to reboot your computer, and if the upgrade goes wrong it can mean anything from Internet Explorer not working to the Windows shell failing in inappropriate ways. Internet Explorer installations and upgrades have had a significant number of cases of destroying the operating system beyond being salvageable since at least Windows 95.

No decent operating system claims the web browser is an integrated component that can’t be removed. The Internet Explorer situation is a continuing monopoly abuse and Internet Explorer itself is a relic from the 1990s, when Microsoft tried killing Netscape by forcibly installing their own web browser into Windows.

While we’re on the topic, most other operating systems don’t need to reboot after the user updates their web browser, file manager, media player, email client…..

This “almost comical if so many Microsoft victims weren’t suffering through it” situation makes me wonder what kind of a contrived setup those Microsoft funded “studies” used to get “99.999% uptime”. As soon as you apply any patch or update for Windows, it needs rebooted before the new files are used. Even if the user doesn’t want to reboot. Windows will pester them until they do or better yet, start a countdown and reboot the computer without regard to any work the user has left open and unsaved.

This was one factor, out of many, that frustrated me enough to leave Windows. Another factor is that they routinely triage security patches and frequently leave critical flaws open until the next month, like they did with BEAST this month.

That graph is funny, isn’t it? It’s not that Windows has gotten safer, it’s simply that Microsoft is stretching to classify updates that once would have rated critical as “important” based on the factors of “security improvements” in Windows that are often ineffective. (ASLR not being as random as it could be. NX/DEP being off by default for 32-bit software, many applications don’t bother using stack smashing protection because it exposes their programming flaws and causes them to crash, etc.) In many cases the user is left less than protected by what passes as Windows “security improvements” which is why malware is still rampant.

How can any human being tolerate this?

Help yourself to a decent operating system or at least a decent web browser. Firefox Chrome Opera

Another alternative to Adblock Plus. Just use Opera.

Continuing to mention alternatives to the corrupt Adblock Plus people, takes me to Opera.

I myself don’t use Opera much because it is proprietary software. Although one thing that Opera doesn’t do that Adblock Plus (which is not proprietary) is doing now, is override what the user has told it to block and show garbage and malware links anyway.

Sadly, Privoxy seems to be the only real option for blocking ads in Firefox other than Adblock Plus, I covered it in my last post, but it is unwieldy and as the kind of shit that only Internet Explorer users would have had to do back in 2001 when more than a few Opies were using it (most of them, unwillingly). Now that Wladimir Palant has abused his monopoly to enrich himself by selling paid exceptions to the user’s ad blocking rules under the table, the only option beyond Privoxy is switching browsers. There’s Chrome/Chromium, and I will mention it and its limitations in a follow up post, but you’re actually worse off with Chrome than you are with Firefox, and so I’ve decided to do Opera first.

Opera has had “content blocking” for quite some time. Unlike Firefox which depends on a monkey patch called Adblock Plus., and unlike Chrome whose extension support is still a complete joke. Opera also supports user scripts and user style sheets without the need for cumbersome add-ons like Firefox depends on for this.

Opera’s content blocker is so simple a caveman could do it. Plop in a urlfilter.ini file with rules and a user style sheet to kill whitespace and hide crap that is otherwise difficult to remove. (yes, I’m talking about Google’s search result ads that frequently lead to phishing and malware again. Get your XP Super Duper Antivirus 2012 Edition while they’re hot! Guaranteed to find made-up malware and “remove” it for the low low price of $30 wired to India. Comes loaded with spelling and grammar mistakes! *except in Nebraska! *No Reversi *All sales final *Credit card subject to being maxed out before you can call to dispute the charges!)

One such list that is well maintained and thorough is Fanboy’s List. The author of this list expressed some opposition to the so-called “acceptable advertisements” idea in “Adblock Sometimes”. (New name!).

Fanboy’s Opera adblock stuff and instructions here: https://secure.fanboy.co.nz/adblock/opera/

Other than that, there’s not a lot to say about blocking ads in Opera except that it is better than “Adblock Sometimes”. The one downside to this is that you need to manually update your lists from time to time or they will become old and less effective. It isn’t hard, just download the new files and save them over the old ones.

Update: There’s an Opera Adblock extension which basically manages filter subscriptions using the built-in content blocking and user style sheet functionality. Unlike Adblock Sometimes for Bloatzilla Firechrome, it does not sneak around and turn some of the ads back on in defiance of the user. Imagine that…

Installing Privoxy 3.0.18 in Ubuntu Oneiric or derivatives

Since Adblock Plus sold out and can no longer be considered trustworthy, I have decided to explore other options.

Short story: Adblock Plus 2.0 development branch has added a new “feature” they call “acceptable advertising” and flipped it on by default without asking the user. The default whitelist is so far only including advertising from networks like Google with suspiciously deep pockets, leading me to believe that money has probably changed hands somewhere along the way. You can opt out of this through a rather unwieldy process, but most people won’t. I find “acceptable ads” to be unacceptable because even Google Adwords is well known for profiling the user even if they only use non-Google sites and they’ll let anyone with enough money take out an ad, even if it leads to phishing sites or Windows malware. Most definitely NOT acceptable. (But hey, it’s your computer and if you like XP AntiVirus Super Duper 2012 Edition, I think you’re beyond my help.

Privoxy is powerful but has a daunting (not terrible, but compared to Adblock Plus, rather involved) setup if you want it to work as best it can, so I have decided to document the entire process here that I used.

Step 1: Remove Adblock Plus from Firefox. The only reason we’re going to switch to Privoxy is because Adblock Plus is no longer trustworthy.

Open the add-ons menu. Either by clicking the Firefox button followed by Add-Ons, or if you use the classic menu, then Tools followed by Add-Ons.

Find Adblock Plus. Click “Remove”. Firefox will want to restart.

Step 2: Install Privoxy.

Ubuntu Oneiric comes with 3.0.17, which is now outdated and has some serious bugs that have been fixed in 3.0.18. The packages from the development branch of Ubuntu (codenamed Precise) work fine and provide version 3.0.18.

Go to this page: http://packages.ubuntu.com/precise/privoxy

Under Download Privoxy, choose the package for your architecture. Mine is AMD64, but you might be using the i386 version of Ubuntu. Choose whichever applies to your system.

Click on any mirror you want, it will offer you the DEB file. Once the DEB file has finished downloading, either double click on it in the Downloads or open your file manager and go to where you downloaded it and double click (single click for Kubuntu users) on it to launch the package installer. Install the package.

NOTE: Installing packages from other versions of Ubuntu is not always a great idea. Privoxy just happens to be really small with no dependencies that can’t be satisfied by Oneiric. DO NOT make a habit of doing this!

Step 3: Make sure the Privoxy daemon (service) is running. It probably is, but this can’t hurt.

Open a terminal.

sudo service privoxy start

Step 4: Configure your proxy settings to route through Privoxy (Privoxy operates as a local non-caching proxy server).

In GNOME or KDE or whatever you use, set HTTP and HTTPS to use 127.0.0.1 on port 8118 (where Privoxy listens). Do this again in Firefox’s Network preferences. It should pick up your global settings but it is Firefox and you know how things that should happen on Firefox for Linux sometimes don’t.

Firefox/Preferences/Preferences/ or Edit/Preferences followed by Advanced then the Network tab, click Configure How Firefox connects to the Internet, and use 127.0.0.1 and port 8118 for HTTP and HTTPS.

(Yo dawg, I heard you liked Preferences so I gave you Firefox so you can have Preferences with your Preferences!)

Step 5: Configuring Privoxy.

Privoxy is actually a pain in the ass to configure with text files by hand. It does have a web browser-based GUI setup for filtering operations, but it must be enabled in a configuration file. There is no need to restart Privoxy after modifying anything since the daemon (service) notices a few seconds later that the settings changed and applies them immediately.

Press Alt+F2, this brings up a run dialog under pretty much any desktop environment worth using. Remember this is for Ubuntu derivatives, others tend to use gksu and kdesu, but since Ubuntu does not set up the root user by default, it uses gksudo and kdesudo instead. Fedora KDE also seems to come with kwrite instead of kate, so Fedora KDE users would use kwrite. I use Nano but I am striving to make this as painless as possible for users accustomed to a GUI.

GNOME/UNITY: gksudo gedit /etc/privoxy/config

KDE: kdesudo kate /etc/privoxy/config

Now we can edit the main config file. Note. Make sure any lines I say to edit don’t have a hash symbol in front of them (one of these #) or Privoxy will interpret them as a comment and fail to parse the rule.

Go to section 4.5, titled enable-edit-actions. Scroll down. Find the line that says:

enable-edit-actions 0

change it to

enable-edit-actions 1

Go to section 4.8, titled buffer limit.

It defaults to 4096 with a line such as:

buffer-limit 4096

I find it runs better with a 16 MB buffer. I have lots of RAM. Yay RAM. I change it to:

buffer-limit 16384

Go to section 6.4, titled keep-alive-timeout.

It’s set to 5 I find it works best with 300.

So I change this:

keep-alive-timeout 5

to this:

keep-alive-timeout 300

Save the file and exit.

Step 6: Close Firefox if you still had it open, and restart it.

Step 7: Type this into the location bar and hit enter:

config.privoxy.org

(Privoxy intercepts this and redirects it to its own configuration page, if Privoxy is not running,  you get a page on Privoxy.org telling you it is not running, if this happens, try clearing your history and trying again.)

You should get something like this on the page that comes up:

This is Privoxy 3.0.18 on localhost (127.0.0.1), port 8118, enabled

Step 8: Configure the filtering rules. (We’re almost done)

On the config page, click the link “View & change current configuration”, then under “Actions Files” there should be “/etc/privoxy/match-all.action” as the first listing. Click the Edit button next to it.

Under “Actions” set to “Cautious”, it should provide a minimal template from which to work without stupid filters that don’t apply to Linux users. (At least, I don’t think many of us need a filter to block some common Internet Explorer 6 vulnerabilities)

Now, to the left of the Cautious button, click the Edit button. What follows is how to get the setup I use. Some filters look tempting but actually break some sites. If you want to experiment with them later, do it one at a time and turn them off if they break something you use.

fast-redirects, click green button to enable, check decode entire url.

filter refresh-tags, green to enable, check “Decode URL before checking”

filter img-reorder, green to enable

filter banners-by-size, green to enable

filter banners-by-link, green to enable

filter webbugs, green to enable

filter no-ping, green to enable

filter google, green to enable

hide-from-header, red to disable (No browser since the mid 90s that I know of sends out your email address to every page you visit. This one is stupid.)

hide-referrer, green to enable, check “Forge referrer if host has changed, but don’t touch in-site referrers.”

set-image-blocker, green to enable, check “Send a 1×1 transparent GIF” to reduce page clutter.

Click submit.

Step 9: Privoxy doesn’t handle pop-ups and unders that well since there’s a lot of sneaky ways to load them. We can deal with this problem from within Firefox itself. Note: Adblock Plus was only blocking most pop-ups because it had explicit rules for them which needed a lot of complicated filtering and still missed some.

In Firefox’s location bar, type this, and hit enter.

about:config

If necessary, click the do not show me this again thing that comes up and jokes about “voiding your warranty”.

In the filter box type popup and locate dom.popup_allowed_events and double click it. Remove everything. Sites now have no way of loading pop-ups. The “Firefox has blocked a pop-up” thing will appear when one tries and you can use that to load the pop-up anyway or whitelist that site for next time. (My bank uses them, sigh).

Step 10 (Optional): While in about:config, let’s toggle some other nonsense that Firefox has done by default.

In the filter bar, search general.autoscroll, double click it to change it to true. Mouse wheel scrolling on Linux instead of the stupid X11 clipboard ftw.

In the filter bar, search for trim, locate browser.urlbar.trimURLs and double click to change it to false. This will revert Firefox to the traditional behavior of telling you what protocol the loaded site is using in the address bar and fixes the problem (on Linux anyway) of occasionally copy pasting a URL without the http:// or https:// or ftp:// or whatever bits.

Congratulations. Privoxy should now be set up. It’s a shame that Adblock Plus decided to take on an anti-user stance in exchange for Google’s money and that we have to block ads in Firefox now with a local proxy server like it was 1999 all over again if we want to avoid the abuse I’m sure is coming from Wladimir Palant and “Rick752″ and friends.

Until next time, this is DaemonFC reminding you that the only “acceptable” ad is a dead ad.

Adblock Plus and “Acceptable ads”

So I go to install Adblock Plus from the Development Builds section and on the welcome page there’s now a thing mentioning “acceptable ads” won’t be blocked anymore, you can opt out of it of course but doing so requires digging through preferences.

The page for this malicious “feature” is here:

https://adblockplus.org/en/acceptable-ads

And the list of exceptions that it makes is here:

https://easylist-downloads.adblockplus.org/exceptionrules.txt

What happened?

If you believe that Wladimir Palant is concerned about Google and others being able to advertise to and spy on you for altruistic reasons, I’ll sell you the Brooklyn Bridge for two dollars. What’s going on here is that Wladimir Palant has discovered that he can monetize Adblock Plus for profit by taking payments for ad servers that don’t want to be subject to the rules the user has chosen.

People install Adblock Plus because they don’t want ads. This “acceptable ads” nonsense is no different than if your anti-virus software started allowing “acceptable malware” and claimed that it was because honest hard working Russian malware writers who make non-binding promises to screw you over ever so gently deserve to make money even if most people find what they do dirty and disgusting. Of course what this anti-virus vendor does not say is that the “acceptable malware” vendors are paying them to be delisted from the pattern file rules.

This is just filthy and it’s making me truly consider whether or not I can trust Adblock Plus anymore.Monkeying around with the users settings and flipping advertisements on that the user clearly doesn’t want (but only for major companies with deep pockets) makes Adblock Plus highly suspect now.