Major Browsers to Prevent Disabling of Click Tracking Privacy Risk April 6, 2019 https://www.bleepingcomputer.com/ne...ent-disabling-of-click-tracking-privacy-risk/
Soon it will be enabled by default: Mozilla plans to enable Hyperlink Ping Tracking by Default in Firefox April 20, 2019 https://www.ghacks.net/2019/04/20/m...yperlink-ping-tracking-by-default-in-firefox/
https://www.ghacks.net/2019/04/20/m...yperlink-ping-tracking-by-default-in-firefox/ Not a biggie if you have uBO apparently.
Even Pale Moon has the "Hyperlink auditing" setting disabled by default. Also with UBO it is possible to disable the "Hyperlink auditing".
I pretty much agree. I mean, if you really cared, you'd be using VPNs and/or Tor to hide your ISP-assigned IP address from whatever website you're using.
It tells a website which of its links you (identified by your IP address, cookies, browser signature, etc) followed.
It is quite complicated to do that effectively. Passing all Internet connections through the same VPN and visiting them from the same browser means that visit on one site may be linked to visit on another site. Suppose that user is ok with sharing real name on the one site, but want to visit second site anonymously. Second site may theoretically ask/buy data from first website to capitalize more on user visit. One the other hand I agree with Mozilla developers that tracking is done via many other ways today anyway.
"Hyperlink auditing" aka "ping attribute" aka "<a ping>" is a mechanism that is explicitly designed for click reporting/tracking. When a user follows a hyperlink, the feature will report the action via POST (with credentials and ping specific headers) to one or more URLs (which may contain query/path params that pass additional info). In practice, said POSTs will frequently be to servers other than the server the user is trying to contact by clicking on the link (third-party exposures will be high). If you are concerned about web tracking, and especially third-party exposures, you will want to take this seriously. The "it doesn't really change the privacy situation because click tracking can be done in other ways and this feature improves the user experience" POV is getting ample play. A few points to help people understand why there is some strong negative reaction to this (not meant to provoke pointless debate here - this has been debated in various places during the past 13+ years): When it comes to protection, one "mechanism of harm" can't be dismissed on the basis that there are other mechanisms that can be used to create similar harm. For example, you can't dismiss one arbitrary code execution vulnerability just because there are other vulns that allow ACE. Privacy oriented users would love to eliminate the abuse of general web features for privacy-reducing purposes, but there is only so much that can be done. A feature which is explicitly designed for click tracking and put in specs and built into browsers/apps is naturally going to make some bristle. It is philosophically objectionable, and there are some practical concerns. It is seen as an official endorsement of a privacy-harmful practice It creates a foothold within the web client and the evolution of that may not be favorable. For example, one of the "better for users" selling points was that users could switch it off. Now we see switches being removed. Another selling point was that it would alert users to the fact that click reporting was taking place and show them the ping targets. Which, supposedly, hasn't been implemented by any major browser. This feature is helpful to those involved in click tracking (they want it). It makes some implementations easier, can work when JavaScript is disabled, reduces some server loads, and reduces some user experience issues that disincentivize click tracking. Concern about this feature contributing to an increase in the use of click tracking is not unreasonable. There are a some cases where a "user experience issue" caused by click tracking is actually beneficial to the user (it alerts them to the activity and/or breaks it). There is a "the ends justify the means" aspect to this: those promoting this feature argue that it will be better if it is adopted... in order for it to be adopted it must be widely supported... in order to be widely supported many users must be made vulnerable to it. Disregarding whether the supposed end will actually be the real end, this would be objectionable to many on ethical grounds. Making users vulnerable to this via it being enabled by default was bad enough. Removing, or not implementing, a built-in setting to enable/disable this is much worse. Surely some browsers don't support extensions. Some browsers that do support extensions prevent the extensions from "tampering" with "whitelisted" URLs/hosts/traffic, so there *might* be some cases where pings can bypass extensions that are trying to block them. Even where extensions are supported and they can reliably block pings, we know that a large percentage of users don't go there. Frankly, if web standards and browser folk actually cared about users, they'd support and surface as many privacy settings as they could. Enough of that. Some links... Specs https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing https://www.w3.org/TR/html53/links.html#hyperlink-auditing Some historical discussions (chronological) [whatwg] <a href="" ping=""> https://lists.w3.org/Archives/Public/public-whatwg-archive/2005Oct/thread.html#msg86 Mozilla bug: Implement <a ping> https://bugzilla.mozilla.org/show_bug.cgi?id=319368 Darin Fisher announcing initial implementation of <a ping> in Firefox https://web.archive.org/web/20060126211610/http://weblogs.mozillazine.org/darin/archives/009594.html [public-html] spec review: ping attribute https://lists.w3.org/Archives/Public/public-html/2007Oct/thread.html#msg337 [public-html] Feedback on the ping="" attribute (ISSUE-1) https://lists.w3.org/Archives/Public/public-html/2007Nov/thread.html#msg42 [mozilla.dev.apps.firefox] "ping" attribute UI https://groups.google.com/d/topic/mozilla.dev.apps.firefox/qEaXcMj5_lI [whatwg] Referer header sent with <a ping>? https://lists.w3.org/Archives/Public/public-whatwg-archive/2008Feb/thread.html#msg4 [public-html] CHANGE PROPOSAL: Remove ping and hyperlink auditing (ISSUE-1 and ISSUE-2) https://lists.w3.org/Archives/Public/public-html/2009Dec/thread.html#msg183 [public-html] CfC: Adopt ISSUE-1 PINGUI / ISSUE-2 PINGPOST Change Proposal to remove @Ping from HTML5 https://lists.w3.org/Archives/Public/public-html/2010Feb/thread.html#msg795 [whatwg] Current status of hyperlink authoring (a.k.a. the ping attribute) and some suggestions https://lists.w3.org/Archives/Public/public-whatwg-archive/2011Apr/thread.html#msg215 [mozilla.dev.platform] Intent to ship: Hyperlink Auditing (<a ping>) https://groups.google.com/d/topic/mozilla.dev.platform/DxvZVnc8rfo Privacy concerns with ping attribute https://github.com/w3c/html/issues/1456 (closed) https://github.com/whatwg/html/issues/3718 (open) Mozilla Bugs Implement <a ping> https://bugzilla.mozilla.org/show_bug.cgi?id=319368 Issues with support for "ping" attribute https://bugzilla.mozilla.org/show_bug.cgi?id=401217 Missing UI distinction for a/@Ping attribute usage https://bugzilla.mozilla.org/show_bug.cgi?id=401352 Enable <a ping> by default https://bugzilla.mozilla.org/show_bug.cgi?id=951104 setting needed for users to alter/control <a ping> hyperlink auditing in order to adhere to spec https://bugzilla.mozilla.org/show_bug.cgi?id=1546198
Yes, it is. But see my IVPN guides. A key aspect is using VMs to compartmentalize. So everything that I do in this VM, using this nested VPN chain, is as Mirimir. So I don't care whether it's all linked together. Just as long as it's not linked to my other personas, or to my meatspace identity.
@TheWindBringeth "If you are concerned about web tracking, and especially third-party exposures, you will want to take this seriously." Great post thanks.
Hyperlink Auditing Pings Being Used to Perform DDoS Attacks. https://www.bleepingcomputer.com/ne...ing-pings-being-used-to-perform-ddos-attacks/ Also Google uses hyperlink auditing in their search result pages. Every time you click on a search result link, your browser will also send HTTPS POST request back to a Google url in order to track the click. Good reasons users should continue to have the option to disable it.
The uBlock Origin browser extension has an option in settings to prevent hyperlink auditing. https://github.com/gorhill/uBlock/wiki/Dashboard:-Settings
And according to Gorhill, it will work as long as the API is available. https://www.reddit.com/r/firefox/comments/bf8ppu/mozilla_firefox_to_enable_hyperlink_ping_tracking/eld0fcu
