[PrivacyBadger] Pushing Privacy Badger's buttons, part 2
Cooper Quintin
cooperq at eff.org
Mon Apr 11 18:56:10 PDT 2016
Actually this seems like a pretty good solution to Don's problem and one
that we should maybe adopt anyway. There are other benefits to reading
the TSR as well such as getting a list of first parties. I would likely
support this change.
- Cooper
On 04/09/2016 11:31 AM, Mike O'Neill wrote:
> Why not agree on a "block me" signal. Any reference to a third-party marked in a particular way will cause the request to be blocked by tracking protection i.e. PrivacyBadger
>
> The Do Not Track (candidate) recommendation contains such a signal. A TSR (a JSON resource at //ad.aloodo.com/.well-known/dnt ) with Tracking set to "T" ( { "Tracking": "T", ... } when accessed with the DNT set (DNT:1), would signal refusal to stop tracking, i.e. block me. You could also do it by returning a Tk: T to any ad.aloodo.com resource.
>
>
>
>
> -----Original Message-----
> From: PrivacyBadger [mailto:privacybadger-bounces+michael.oneill=baycloud.com at eff.org] On Behalf Of Don Marti
> Sent: 09 April 2016 18:48
> To: privacybadger at eff.org
> Subject: [PrivacyBadger] Pushing Privacy Badger's buttons, part 2
>
> Still working on tools that a web site can use to
> notify users when they're vulnerable to third-party
> tracking.
>
> Here's the problem.
>
> * If the script warns the user when a third-party
> iframe loads, it will falsely notify some users
> of an "untrained" Privacy Badger.
>
> * If we wait to notify until we're sure that a
> third-party cookie can be set and read on three
> sites, then we miss a chance to notify some users
> of list-based protection who haven't been to enough
> sites that include the iframe.
>
> One solution is...put the https://ad.aloodo.com/track/
> iframe everywhere!!1!1 Even if you don't want to run
> tracking notifications on your own site, the iframe
> will train Privacy Badger to block it, so the cookie
> test will work when the user goes to a site that does
> do notifications. Still looking for other solutions.
>
> Anyway, more here:
>
> http://blog.aloodo.org/posts/track-js-script/
>
> Comments and suggestions welcome.
>
>
> _______________________________________________
> PrivacyBadger mailing list
> PrivacyBadger at eff.org
> https://lists.eff.org/mailman/listinfo/privacybadger
>
More information about the PrivacyBadger
mailing list