I can't believe Google Analytics is everywhere!!!

Discussion in 'privacy problems' started by DesuMaiden, Jun 30, 2013.

Thread Status:
Not open for further replies.
  1. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    According NoScript, Google Analystics.com is blocked on Tor Browser Bundle. So even if I don't ever use google, google can still track everything I do?! Talk about privacy invasion!!
     
  2. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
    Even avast 8 has google analytical nonsense going on in the main interface.
    Google has a full monopoly of the internet...fact.!
     
  3. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    I have Google Analytics blocked on my DNS server (query returns 127.0.0.1), so I'm not worried about being tracked that way. :)
     
  4. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    Are you using a vpn for google? I need to figure out how I can stream Youtube videos with Torch browser without being constantly tracked by google. I use a VPN to stream youtube videos but apparently the VPN is leaking out my DNS, so even though my IP address is hidden by the VPN, the VPN isn't hiding my DNS. Ultimately this means that google can still track everything I do by my DNS.
     
  5. MyBlackBox

    MyBlackBox Registered Member

    Joined:
    Jun 28, 2013
    Posts:
    35
    Location:
    Italy
    Sad but true. If you post a new thread on every forum with vBulletin or MyBB, then you can search the newly created URL on the wicked Big-Brother harvest engine and it will appear soon...
     
  6. tlu

    tlu Guest

    That's not really news. However, it's comforting that it's easy to block GA, doubleclick and so forth with Noscript, Adblock, your hosts file ...
     
  7. SouthPark

    SouthPark Registered Member

    Joined:
    Jun 13, 2012
    Posts:
    259
    Location:
    USA
    I use Ghostery or Easy Privacy (depending on the browser) + a HOSTS file entry to block GA, but I wouldn't be surprised if Google were still tracking me somehow :doubt:
     
  8. Syobon

    Syobon Registered Member

    Joined:
    Dec 27, 2009
    Posts:
    469
    I have GA blocked in my host file, still it appear in Opera external script (NOscript for Opera) so I do not known what is really happening.
    I was having the same thought yesterday, this analytic thing is everywhere, even in websites that promote heavily against privacy intrusion and big brothers!!...
     
  9. tlu

    tlu Guest

    Well, it depends on how you added it to your hosts file. Just adding the domain is NOT enough.

    Examples:

    127.0.0.1 google-analytics.com

    does NOT block, e.g., ssl.google-analytics.com.

    127.0.0.1 doubleclick.net

    does NOT block, e.g. static.doubleclick.net, stats.g.doubleclick.net etc.

    The hosts file requires specific entries - that's one major reason why those host files like http://winhelp2002.mvps.org/ are that large. Wildcards/placeholders are not allowed in the hosts file!

    More flexible is, e.g., Noscript which blocks entire domains. As a Linux user I'm running DNSMASQ as a DNS cache which can also block entire domains. You could also check if your router can block specific domains - my Netgear router is able to do that. However, it's not flexible enough to distinguish if only the respective domain should be blocked or a post on Wilderssecurity which contains the word "google-analytics.com" :D
     
    Last edited by a moderator: Jul 4, 2013
  10. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    The only way you can block google analytics is by using Tor Browser Bundle (TBB) and having no-Scripts enabled for every site you browse, because no-scripts--by default-- blocks Google Analytics.

    Unfortunately you cannot enjoy every site to its fullest with TBB, since TBB's no-Script add-on blocks scripts, flash and plug-ins, which are required for enjoying the best features of many websites (for example playing flash games and watching youtube videos linked from many forums is not possible with TBB. For those sites, I use a VPN which uses scripts, flash and plug-ins).
     
  11. Nebulus

    Nebulus Registered Member

    Joined:
    Jan 20, 2007
    Posts:
    1,582
    Location:
    European Union
    As I said above (and not only me), you can block Google Analytics in a number of ways, without using TBB or NoScript. All you need is a little patience, and willingness to learn and experiment :)
     
  12. tlu

    tlu Guest

    I'm sorry but that's utter nonsense. One simple way how to check that is by using Google Chrome. Once you open the Chrome Web Store, you'll find google-analytics.com and doubleclick.net in the Chrome cache since the Chrome extensions (including the ones that usually block those trackers) are disabled in the Web Store.

    However, if you block them, e.g., in your router, your hosts file or by starting Chrome with with the command-line switch

    --host-rules="MAP *.google-analytics.com 0.0.0.0","MAP *.doubleclick.net 0.0.0.0"

    they do not appear anymore.

    You're spreading FUD, my friend.
     
    Last edited by a moderator: Jul 6, 2013
  13. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Interesting. I wasn't aware it was possible to use 0.0.0.0 as well. I've always used 127.0.0.1. I do use 0.0.0.0 in my hosts file, though.

    I just wish that there could be an equivalent of the --host-rules command flag, but in the form of a Json file placed at the browser's profile folder. It would make things a bit easier, and without limitations to the amout of the entries we can add in the command line flag. Is there a braveheart that could suggest this to the Chromium team? lol
     
  14. tlu

    tlu Guest

    Well, that switch can map any domain to any IP number. And using 0.0.0.0 is simply faster than 127.0.0.1.

    Would be nice, indeed. I don't know if that's possible.
     
  15. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    It makes sense, doesn't it? :oops: :D
     
  16. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,983
    Location:
    Canada
    How about under javascript exceptions:

    [*.]google-analytics.com, behaviour = block

    I know it won't actually block google-analytics, but will it not stop the scripting used for data collecting?
     
  17. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    How do I access "" [*.]google-analytics.com, behaviour = block """?

    Where do I access it?

    I need to know, because I need to prevent google analytics from gathering more data on me!!!
     
  18. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,983
    Location:
    Canada
    It’s under: Settings-> Show advanced settings…->Privacy->Content settings…->Javascript

    ...but I don't know how effective this is. I'm hoping someone who knows can shed light on it.
     
  19. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Anyone is free to correct me, but once you allow scripts in some website that happens to connect to GA, then you're already allowing the GA script?
     
  20. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,983
    Location:
    Canada
    I think you're probably right :( So in my case, for example, I allow to Chrome webstore, and even though I have a block rule for GA, it's still allowed because all scripts attempting to run under the allowed third level domain (-https://chrome.google.com-) will be allowed by default.

    I can see the cookie for GA after I connect to Chrome Web store.
     
  21. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Just block the snitch, using some method that allows you to whitelist per-site, in case some website prevents you from properly use it (the website)! Or, just try to avoid such websites. :D Or, just block it, no matter what.
     
  22. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,983
    Location:
    Canada
    I've been using this approach but I'm guessing it's only effective at blocking a malicious redirect to another non-whitelisted domain, as opposed to actually blocking anything that's running under the whitelisted domain?
     
  23. tlu

    tlu Guest

    Yes, that's true but ScriptSafe blocks 3rd party scripts. Even if you select "Allow" as your default mode, "Block Unwanted Content" (and "Block Unwanted Cookies") should block GA and the likes. That doesn't work in the Chrome Web Store, of course :'(
     
  24. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yes, ScriptSafe would be the answer. But, I'd rather user another extension to block GA, etc., and simply because I don't think ScriptSafe "Block Unwanted Content" sources are automatically updated, which means that even if they block GA (already known), it won't block newly created ad/trackers. Something like DoNotTrackMe would be a nice addition.

    Regarding Chrome Web Store, a solution o_O would be to use a UserScript that blocks ads/trackers and make sure the script is safe to use. Check whether or not GA is blocked and if not, add it to the list. That would be an "easy" approach.
     
  25. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,089
    It might be helpful to know what Google Analytics is and does:

    Ergo, it may not be intended to spy on individual users per se, but to help website owners/admins collect data related to marketing which adds revenue to a website based on clicks for example.

    -- Tom
     
Loading...
Thread Status:
Not open for further replies.