Privacy: Use of session replay scripts means many websites essentially have built in keyloggers

Discussion in 'privacy general' started by ronjor, Nov 21, 2017.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    164,083
    Location:
    Texas
    By Mark Wycislik-Wilson

     
    ronjor, Nov 21, 2017
    #1
  2. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,659
    FanJ, Nov 21, 2017
    #2
  3. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    507
    Location:
    UK
    Any ideas what would counter this? No script? Ad block?
     
    rollers, Nov 22, 2017
    #3
  4. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,439
    Location:
    Slovakia
    Indeed, just blocking third party scripts should do. Just, well it is not as easy to do, it is a pain to setup and live with (virtually every webpage broken), but that is the price for the privacy.
     

    Attached Files:

    TairikuOkami, Nov 22, 2017
    #4
  5. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,010
    Location:
    Member state of European Union
    They must be Javascript scripts, so any add-on blocking scripts would be effective, but not easy to live with.
    Ad-block probably would block some, but you don't have assurence that it would block every one of them.
     
    reasonablePrivacy, Nov 22, 2017
    #5
  6. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    507
    Location:
    UK
    Thanks, l looked up that add on but unfortunately its not on Firefox which is what I use
     
    rollers, Nov 22, 2017
    #6
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Ummm, maybe don't type what you don't want known?

    Or, anyway, if it can be linked to you. Compartmentalize!
     
    mirimir, Nov 22, 2017
    #7
  8. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,439
    Location:
    Slovakia
    Code:
    https://noscript.net/
     
    TairikuOkami, Nov 22, 2017
    #8
  9. JoWazzoo

    JoWazzoo Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    241
    Location:
    Ether
    Time to implement my sooper special Rule QQQQ (tm JoWazzoo) I guess.

    But I can see cases where I DO want to enter a form for some purpose. If blocked by one of my Rules (e.g. QQQQ) the form does not get submitted. On the other hand, if I knew ahead of time my form data WILL be scarfed by a third party in the form of key logging .... well ..... what to do? I don't want that to happen. Who would?

    I do not think that Don't type is the answer. The answer is in fact that for privacy reasons FEW, if any, users would knowingly allow this. Nor expect this. I am NOT a lawyer (thank God) but this has to be illegal.
     
    JoWazzoo, Nov 23, 2017
    #9
  10. rollers

    rollers Registered Member

    Joined:
    Sep 13, 2004
    Posts:
    507
    Location:
    UK
    I did some searching and found the answer for Firefox 57 (quantum users) as there is protection built in already that they developed in the Tor browser. It is explained here https://www.bleepingcomputer.com/ne...-makes-it-into-firefox-first-party-isolation/
    I have now turned this on and not had any problem with logging into any sites. Together with Ghostery, I am hopeful that there is more protection
    Also, in early 2018 they are implementing a block for canvas fingerprinting on version 58, another step in the right direction
     
    rollers, Nov 23, 2017
    #10
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...