The latest ad tracking tricks and what to do about them
False Alarm
Strangely enough, the very popular free content management system WordPress introduced mechanisms in Version 4.2 that trigger false alarms in both the Tor browser and CanvasBlocker: The built-in emojis are to blame for this problem [6]. WordPress bundles the corresponding JavaScript code into a canvas element in the header of the web page without asking the user, so that the tracking tools trigger an alarm.
The WordPress CMS integrates this code into the header of the delivered pages, even if no emojis are used on the relevant website. To remove the typically unneeded canvas element from the header and maintain clean code, plugins such as Disable Emojis [7] are now available to WordPress developers.
FireGloves
Because canvas elements and Evercookies are based on JavaScript, you can disable these pests by simply disabling JavaScript. Disabling JavaScript requires only one quick change in the browser's onboard toolkit, but removing JavaScript means many websites are no longer correctly rendered and functions and input are no longer possible. A better option is the Firefox FireGloves extension, which outmaneuvers any canvas fingerprinting detection mechanisms.
FireGloves is available in the official Mozilla add-on repository, but you can download it from an external website [8]. The XPI file of the extension is then installed via the Install addon from file… dialog in Firefox. Open the Add-on Manager and click the wrench icon at the top right of the window. After the installation, set up the add-on via the settings.
To make canvas fingerprints useless, the extension does not simply block all the canvas elements, but rather returns incorrect values for the browser and system parameters to the tracker. FireGloves randomly generates and updates incorrect parameters on a regular basis, and fingerprinting draws a blank.
However problems with displaying pages in the browser can occur when using FireGloves. For example, depending on which parameters the add-on uses, texts can appear in unusual fonts. In such cases, a simple mouse click on the FireGloves icon top right in the Firefox address bar usually does the trick. The extension creates new parameters and thus modifies the appearance of the web page.
FireGloves summarizes some important web browser security settings in a simple options menu. You can access the dialog by right clicking on the blue Info icon next to the FireGloves glove in the Firefox address bar and selecting Open preferences. Alternatively, go to the browser's add-on list via the Settings button and look for the FireGloves line.
In the Options window, you will find three tabs where you can configure the desired settings. The first tab only enables the add-on on launching Firefox. In the second tab, Cloak settings, you can determine in detail what data you want FireGloves to deliver about your browser, your system, and ultimately, about you. This includes the option of enabling random mode, which randomly selects the parameters and thus optimally camouflages the system.
The third candidate, Firefox privacy settings, groups a number settings otherwise found in different dialogs in Firefox. In this way, you can easily harden your system, and without complicated searching in various option dialogs (Figure 2).
Second Line of Defense
Simple add-ons are not enough to render Evercookies completely harmless. The problem is that Evercookies sometimes use technologies such as Flash and Silverlight that work regardless of Firefox.
On Linux, however, you can rely on a tool like Bleachbit [9] to clean up the individual Evercookies locations after every session, without having to painstakingly configure a variety of add-ons. Bleachbit is available from the repositories of all popular distributions and is easily installed using your distro's package manager.
Bleachbit automatically determines at startup, which applications are available on your system and displays a list of contents to be deleted in the left pane of its program window. Check the buttons to the left of each entry in order to remove an item. Help for the individual deleted options is shown on the right side of the program window; you thus know at a glance whether or not it is a good idea to switch certain options (Figure 3).
To delete the Evercookies storage locations, it is a good idea to use Bleachbit's Firefox-specific options to clean up the Profile data (Cookies), the DOM memoryr, the Address history, and the Cache. Additionally, you will also want to delete all Flash content to eradicate the infamous LSO cookies.
You can also use the Ghostery [10] Firefox add-on, which primarily blocks web pixels that also spy on a user's surfing behavior, to delete Flash and Silverlight cookies. See the configuration options in the Advanced tab (Figure 4).
Ideally, you would then do without the critical Flash and Silverlight plugins in the future and surf the web with a "clean" browser.
« Previous 1 2 3 Next »
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
New Slimbook EVO with Raw AMD Ryzen Power
If you're looking for serious power in a 14" ultrabook that is powered by Linux, Slimbook has just the thing for you.
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.