I like Ghostery better. It breaks less websites for me and provides more data on each particular tracker with a source link and a description for the company behind it. Disconnect just shows a title with a number.
It has a nicer and more functional UI. I like a popup on page load where you can instantly see what is blocked and what isn't. There's an option to "run once" a blocked widget on page, which can be handy.
Whenever someone talks about Ghostery, this is, of course, brought up. However, what isn't brought up that providing this data (GhostRank) is voluntary and I think it's disabled by default (but user is asked during the first time setup).
Whenever someone says that Ghostery own tracking is optional, one, of course, glances over a huge inherent conflict of interest behind Ghostery.
They make an anti-tracking product and they takes money from advertisers. That's their life blood, they need to track you, that's how they survive and it puts them in a very precarious situation. So trusting them to value your interests over their own is naive at best. If you are comfortable with the risk and the trade-off, good for you, but dismissing this as a non-issue is disingenious.
but dismissing this as a non-issue is disingenious.
It is a non-issue if you have to opt in. Also, they make money off of GhostRank data by 'consulting' on how to better present ads to encourage selective turn-off of adblocker
I think Ghostery's motivations are fairly clear -- a viable business model.
I can't think of a clear business model for disconnect.me.
In any case, it's good to have a choice. People who are serious (who don't mind breaking everything) are probably using something like RequestPolicy to control cross-site requests. https://www.requestpolicy.com/
There are two plugins they currently offer. One blocks sites from tracking you, while the other allows you to search using your favorite search engine with added security (no ip logging, more anonymity, etc.).
For more information checkout the Github project page for each project below.
I recently tried to switch from Ghostery to Disconnect. It was basically a wash in terms of frequency of broken pages. However two things did bother me a little:
- The default settings had Disconnect fighting with HTTPS Everywhere and caused resource contention in Chrome. Please follow the Unix philosophy and just recommend users install HTTPS Everywhere instead of having a naive implementation embedded in your unrelated product.
- It was unintuitive that the number incremented on the button is the total number of requests and not the number of requests blocked.
I look forward to the days that these types of extensions work well enough that I can install them on my parents computers and not have to worry about pages being broken, but them still having their privacy. Keep up the good work.
n. 13. Informal An activity, action, or enterprise that yields neither marked gain nor marked loss: "[The company] doesn't do badly. That is, it's a wash" (Harper's).
Agreed, I'm perfectly fine with the site I'm visiting collecting info like IP, user agent, etc. but not with the idea of some centralised entity doing it. (That's also what I do with my own site.)
I often find that Disconnect can be overly aggressive in the parts of a page that it blocks. When something is amiss when using a webpage whitelisting the site in Disconnect usually fixes the problem.
This also happens with Ghostery and to a lesser extent, Adblock. I switched from Ghostery to Disconnect and have found Disconnect to be a little better at not breaking some sites.
The worst sites I've ran into while using Ghostery/Disconnect are the ones that have a Google Analytics action tracking code in the middle of their Javascript methods (since the addons block GA) so the entire site/app fails to work.
Developers need to start testing their sites with these addons more to make sure silly errors like that aren't done (some optional tracking request failing to complete shouldn't make an entire app fail).
I’m the developer of Disconnect and agree with you, but …
To back up the op and gp, I’m seeing more and more sites that don’t degrade gracefully when their analytics service doesn’t load. I do think devs should check that their site still works when non-essential services fail to load because, even when the user isn’t running Disconnect or a similar app, this scenario is bound to happen — e.g., when there’s a network issue somewhere.
As the developer of Disconnect, if you're removing chunks of functionality the site developers expect to be there, you should be doing it in a way that doesn't break that functionality so absolutely.
You could cloak the cookies so they're pageview specific. Or inject your own functions in place of the ones that are being blocked.
Whether analytics is an essential service or not is a pretty up in the air question.
No. I'm suggesting that if you're writing an extension that changes the way javascript works across the web, you should do it in the least intrusive and breaking way possible.
An extension like this changes a javascript load error from a once-in-a-while event to a happens-all-the-time event.
I can't imagine a situation where you need to know analytics are being consumed in order to give users the data they want (unless the site in question is itself an analytics site).
To allow / cause your site to break when analytics aren't served is, in essence, attempting to enforce an unspoken contract between gathering user info and serving them data.
As far as I'm concerned, a site that doesn't work when analytics aren't served is a site I will literally never use.
Many companies consider controlling essential to do business.
But even if you disagree, you would do end user support a huge favor if you could mention that "It alters the webpages you visit and may break them." next to the download button.
Not a bad idea, but I'm thinking that most folks who are savvy enough to install Disconnect, Ghostery, NoScript, etc. are going to be aware that "stuff might break."
An online article, friends or family send people to Disconnect and they click the install button. After that it protects them by "disconnecting" from "tracking sites". I promise you most people have no idea how it works. Don't believe me, try it: if you see a normal person using Disconnect let them explain to you what it does, how it works and also ask what the Disconnect visualizer says about who is sending data to whom.
I would never, ever, spend time testing something that changes my code. Today it changes it one way, tomorrow another.
That's like trying to replace the screen on your phone and then complaining that it doesn't work and that Samsung/Apple should test their devices with your screen installation skills.
According to addons.mozilla.org, Adblock Plus for Firefox has almost 20 million users. You would "never, ever" perform tests using popular browser extensions that have tens of millions of users? How does your co-founder/employer/client feel about your position?
Indeed. I think I first installed Adblock because b.scorecardresearch.com was consistently the slowest element on a page, and it was somehow quite annoying (don't recall).
(Of course I now have no idea if they ever improved performance)
My browser is always started in incognito mode, I open Firefox to do something in an authenticated way (posting something on HN, accessing my bank account, etc.) but normally, Firefox is always closed.
$ cat /usr/share/applications/chromium-browser-incognito.desktop
[Desktop Entry]
Version=1.0
Name=Chromium Incognito Web Browser
GenericName=Incognito Web Browser
Comment=Access the Internet
Exec=/usr/bin/chromium-browser --incognito %U
Terminal=false
X-MultipleArgs=false
Type=Application
Icon=chromium-browser
Categories=Network;WebBrowser;
MimeType=text/html;text/xml;application/xhtml_xml;x-scheme-handler/http;x-scheme-handler/https;
StartupWMClass=Chromium-browser
StartupNotify=true
X-Ayatana-Desktop-Shortcuts=NewWindow;Incognito;TempProfile
[NewWindow Shortcut Group]
Name=Open a New Window
Exec=/usr/bin/chromium-browser --incognito
TargetEnvironment=Unity
[Incognito Shortcut Group]
Name=Open a New Window in incognito mode
Exec=/usr/bin/chromium-browser --incognito
TargetEnvironment=Unity
[TempProfile Shortcut Group]
Name=Open a New Window with a temporary profile
Exec=/usr/bin/chromium-browser --temp-profile
TargetEnvironment=Unity
I think this idea is coming from Ian Bicking[0], but I can't find the reference any more and it has been years I am doing this.
Has anyone seen a guide that discusses which browser settings and plugins complement one another? Or which ones to use in different scenarios, e.g., I know what I'm doing, I don't mind if things break on occasion, and I'm willing to spend a lot of time training my plugins (so NoScript and/or RequestPolicy would be recommended) vs. I'm setting up a computer for my parents who aren't tech savvy (so maybe Disconnect or Ghostery, plus....?).
I use Ghostery, but I believe it has been chided in the past for its 'GhostRank' feature (which, to their credit, isn't on by default).
This is anonymous usage tracking of the trackers encountered which is sold to businesses to "help them market to consumers more transparently, better manage their web properties and comply with privacy standards."
I would like to see more of a comparison of 'effectiveness' of both extensions though, if such a thing were possible.
The other issue with Ghostery is that it doesn't block by default and you even need to go to advanced settings to tell it to block new trackers by default.
You can achive a lot of this without using any browser extensions by simply using a hosts file such as the one at http://winhelp2002.mvps.org/hosts.htm (that one is Windows-oriented but it works fine in linux also).
Or you could run your own dns but that's a bit more complicated to set up.
I like the clean approach, but hesitate to use my hosts file for blocking unwanted stuff on my development machine.
It is 3:00 am the app breaks in production while the development version magically works. You question your ability as a developer and a human being in general while blaming your browser, your os, your DNS secretly knowing in the back of your head, that that you must have done something really, really stupid. Why could you not have waited until tomorrow to push?
Finally the mixed feeling of relief and thinking you are the dumbest person in the world, when you remember your hosts file while hacking over SSH on production files, which you totally should have considered instantaneously.
I remember reading a story, where the legal department of a company in Germany sent hundreds of cease-and-desist orders to websites, which where all displaying their images. Strangely the image just appeared on company computers …
As I generally just block ad sites, I haven't had any real issues using the hosts file that way. Obviously it's not a good idea to block resources needed by your app. I have had similar experiences though, where I put a dev machine ip in my host file with a production domain name, to test stuff before the name was actually live in the DNS, then later being confused about why the "live" site wasn't showing some content (duh... still pointing at the dev machine).
Have you noticed how this affects websites/apps breaking? meaning, certain websites won't play video unless an add plays first (hulu/comedy central sometimes) do those sites not work if you enable this?
Some sites don't work unless I turn off hosts. On MS-Windows I simply use this to toggle hosts file on and off in such cases - http://www.abelhadigital.com/hostsman
It's also endorsed by mozilla, which makes me trust it more. I've been using it for a while (on top of noscript) and it's quite informative and seems to work well.
My personal setup is noscript with careful whitelisting which I've found to effectively disable most tracking.
People shouldn't use something with "block functionality". To protect our freedoms, we need everyone using stuff that defaults to blocking the surveillance.
Using disconnect's proxy? Looks like a trap to me. Give me proof, you discard all the data, then we are talking. Otherwise this approach is mostly flawed.
Common tracking sites – Facebook, Google, and Twitter – are shown separately to make them easy to block or unblock. Click any icon to block or unblock a site.
...
Click the Facebook or Twitter icons to share these stats with your friends.
Sad truth is: all these "privacy" plugins break ads. Many people install them for that purpose alone and use privacy as excuse. Even if a website provide local ads because it values the privacy of its users: those are blocked too.
From a website owner's perspective privacy plugins are ad-blockers.
They only break ads if ads are big JS things that have privacy implications - most ads are, but they don't have to be.
I run a website that has one sponsor and their ads aren't blocked by privacy tools - because it's just some static HTML text, link and an image on the page. So I'm not sure what "local ads" you are referring to.
(In much the same way, I don't see a whole bunch of ads because I use a Flashblocker ... but ads don't have to be flash)
> From a website owner's perspective privacy plugins are ad-blockers.
If that's how a website owner thinks, then I'd say they have a very narrow idea of what an ad can be.
Small businesses don't reinvent ads or analytics, they rotate banners and that's it. They also don't implement their own software but use third party tools/plugins to manage their ads.
Ghosterly and Co blocks those common third party solutions even when run locally. E.g. from the Ghostery source:
I love the combination of Ghostery and Cookie Monster.
For Ghostery, I make sure that new trackers added to the list are automatically blocked, and disable its cookie blocking. With Cookie Monster, I block all cookies by default, only whitelisting the sites that I wish to maintain being logged into (primarily the sites I run.)
With Cookie Monster you get the two-click ability to temporarily allow cookies from a particular website, and the two-click ability to revoke all sites previously allowed temporarily. Being able to quickly manage the individual cookies set for a particular site (again two clicks) is also great.
Ghostery, Cookie Monster, Tree-Style Tabs and Download Statusbar are the four things that I install on a browser the first time I use it. I add HTTPS Everywhere, User Agent Switcher and Video DownloadHelper if I'm going to use it for more than a few hours.
That's the combination of plugins that renders me unable to switch from Firefox:)
edit: I don't know how I forgot the Resurrect Pages plugin.
edit2: Crap, I forgot Flashblock. I might be hopelessly embedded in a Firefox workflow.
I have long since switched to Ghostery ever since Disconnect frequently broke YouTube videos and nothing was ever done to fix it. Does anyone know if this problem still persists?
It has a nicer and more functional UI. I like a popup on page load where you can instantly see what is blocked and what isn't. There's an option to "run once" a blocked widget on page, which can be handy.