Ghostery Granted Patent for Privacy Compliance Technology

Discussion in 'other software & services' started by BoerenkoolMetWorst, Jun 9, 2016.

  1. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
  2. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    406
    I clicked and read that press release.
    ...and, oh-so-conveniently, no mention of Ghostery's association with Evidon Inc.
     
  3. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    I've been using Ghostery for a long time, but would like to switch soon. Are there good alternative which have a huge tracker database like Ghostery?
    It's because they've renamed Evidon Inc. into Ghostery Inc.
    https://www.ghostery.com/support/faq/ghostery-mcm/what-happened-to-evidon/
     
  4. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,732
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,024
    Location:
    The Netherlands
    I also don't like the fact that Ghostery is basically an ads company, but so far it does the job. I couldn't figure out how to make uBlock work exactly the same.
     
  6. Sigh Lass

    Sigh Lass Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    3
    Location:
    US
    I am relative new here gang, and out of my league compared to you fellows on the security and anonymous browsing processes, thus why I tend to just lurk here and try to absorb some knowledge.

    But I was hoping one of you fine fellows could throw me a bone on a question I have about Ghostery. Since Ghostery immediately goes to the web site it owns to check your settings on blocking, is that not in itself a way to track a person. Ghostery goes to https://extension.ghostery.com/en/intro#start every time you start your Firefox browser (understand some of you use other browsers)... To me this would be a way to track when you go online and for how long. Thoughts? Thanks !
     
  7. haakon

    haakon Registered Member

    Joined:
    May 25, 2015
    Posts:
    749
    Location:
    SW USA
    Not on any of the three Windows systems I'm running as such. Are you signed in to My Ghostery? If not, how about some documentation on how you arrived at that conclusion?

    FYI: if not signed in, settings parse from store.json in profile\jetpack\firefox@ghostery.com\simple-storage
    It is not necessary to be signed in to My Ghostery.

    - - -

    Anyhow, I've been using Ghostery for years and never detected or monitored behavior I found to be invasive by my standards and expectations. (To many, the concept of an IP address in itself is malevolent.) It's efficient, highly configurable and provides an exceptional improvement to the browsing experience. It does exactly what it's supposed to do which is really easy to figure out. The business model of its developers is irrelevant to the extension.
     
  8. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    One: it is great that you are thinking about the phone home situation and trying to understand the implications. You'll want to identify the various scenarios where it will happen on your setup (possibly install, updating, uninstall, periodically per schedule, and/or when exercising different features) and consider what is exposed (and to whom) including via destination host, the rest of the URL, other request headers, and any post data if that applies.

    Two: that intro URL looks like one that should be loaded once after a non-upgrade install. Unzip the xpi file and check the source code to confirm behavior and/or double check your results. Are you doing anything that interferes with extensions/prefs being stored across browser sessions?
     
  9. Sigh Lass

    Sigh Lass Registered Member

    Joined:
    Jun 16, 2016
    Posts:
    3
    Location:
    US
    I am an old fellow that wouldn't know how to even start providing documentation. I just assumed (make fun of me if you want, I can take it) that since that is where you went to put in info that was where it was retrieved each time. I imagine if they required a license to surf the internet, mine would be revolked. But I try to learn.

    My research was this. I clicked that link with internet turned off and it would not load. Laugh if you must, but it proved to me that settings were online or to change you had to go online.

    In hindsight I should of asked my question far better without making a unscientific assumption that I could not prove like yall are able to prove.



    Thanks WindBrngeth for going easy on me. I just assumed since that one page was the page it went to each time since it had settings stored there.

    I see that you both are saying that in reality my settings are stored on my computer not the web needing fetching each time I log on. Is that correct? I am not registered at My Ghostery that I know of. I delete cookies each time my computer is shut down (should be all cookies deleted and I don't even have a Google pref cookies anymore). I also did not have the setting to send them data to research.

    Sorry if I am dumbing down the forum. But I respect your opinions on subject that I don't fully understand and wanted an opinion on this.

    I am going back to lurk and keep my mouth shut mode. Thanks for the replies.
     
    Last edited: Jul 14, 2016
  10. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    haakon commented on that specific aspect and I didn't feel the need to add anything. FWIW: https://ghostery.zendesk.com/hc/en-...here-are-my-tracker-blocking-settings-stored-.

    I don't use Ghostery, but I do peek at it from time to time. I've seen the newer settings interface. Which, during my very brief testing, did appear to require a response from https://extension.ghostery.com/settings in order for a user to be able to view/change the supposedly local settings. Even in cases where the user has no desire to sync. I only say supposedly local settings because I didn't confirm that personally. It is definitely possible to implement a settings user interface such that it requires interaction with a remote server in order to function yet the settings are stored locally. However, even if that is the case...
    • Communications should still be investigated in order to understand what (else) is exchanged and what the consequences could be.
    • The "install, configure, and confirm readiness while offline, then go online" pattern minimizes surprises.
    • Servers can go down. Routes can become unavailable. Remote resources can be blocked on purpose as part of an attack. Someone might want to modify a setting while on an isolated network.
    • Companies sometimes lose control over domain names
    • A remotely retrieved interface component may, by design or bug, empower the remote server and whoever controls it to gather and/or tamper with the locally stored settings
    ... so there might still be issues that a user isn't comfortable with. Perhaps someone who has taken a closer look at it will shed more light on the implementation.

    What? You are doing OK, and we all learn alot through discussion.
     
  11. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    2,281
    Last edited: Jul 15, 2016
Loading...